Merge pull request #25 from gnosis/feature/optimize_personal_edition

Optimize Personal Edition

.gitignore

@@ -1,2 +1,3 @@
 build/
-node_modules/
+node_modules/
+.DS_Store

.travis.yml

@@ -0,0 +1,8 @@
+language: node_js
+node_js:
+- '9'
+cache:
+  directories:
+    - node_modules
+before_script: 
+- truffle compile

README.md

@@ -1,7 +1,7 @@
 Gnosis Safe Contracts
 =====================
 
-The Gnosis Safe is a multisignature wallet with support for confirmations using signed messages based on [ERC191](https://github.com/ethereum/EIPs/issues/191). It is the successor of the [Gnosis Multisig Wallet](https://github.com/gnosis/MultiSigWallet) and combines more functionality with reduced gas costs. The Gnosis Safe allows basic wallet configuration like adding and removing owners and more advanced features like extensions, which allow to do transactions with different requirements.
+The Gnosis Safe is a multisignature wallet with support for confirmations using signed messages based on [ERC191](https://github.com/ethereum/EIPs/issues/191). It is the successor of the [Gnosis Multisig Wallet](https://github.com/gnosis/MultiSigWallet) and combines more functionality with reduced gas costs. The Gnosis Safe allows basic wallet configuration like adding and removing owners and more advanced features like modules, which allow to do transactions with different requirements.
 
 Contracts
 ---------
@@ -15,71 +15,92 @@ The nonce prevents replay attacks and is increased with every successfully execu
 ### Contract Creations
 As the creation of new contracts is a very gas consuming operation, Safe contracts use a proxy pattern where only one master copy of a contract is deployed once and all its copies are deployed as minimal proxy contracts pointing to the master copy contract. This pattern also allows to update the contract functionality later on by updating the address of the master copy in the proxy contract. As contract constructors can only be executed once at the time the master copy is deployed, constructor logic has to be moved into an additional persistent setup function, which can be called to setup all copies of the master copy. This setup function has to be implemented in a way it can only be executed once. It is important to note that the master copy contract has to be persistent and there should be no possibility to execute a `selfdestruct` call on the master copy contract.
 
+Multiple contracts use the `authorized()` modifier. This modifier should be overwritten by contract to implemented the desired logic to check access to the protected methods.
+
+#### SelfAuthorized.sol
+The self authorized contract implements the `authorized()` so that only the contract itself is authorized to perform actions.
+
 #### Proxy.sol
 The proxy contract implements only two functions: The constructor setting the address of the master copy and the fallback function forwarding all transactions sent to the proxy via a `DELEGATECALL` to the master copy and returning all data returned by the `DELEGATECALL`.
 
+#### DelegateConstructorProxy.sol
+This is an extension to the proxy contract that allows further initialization logic to be passed to the constructor.
+
+#### PayingProxy.sol
+This is an extension to the delegate constructor proxy contract that pays a specific amount to a target address after initialization.
+
 #### ProxyFactory.sol
 The proxy factory allows to create new proxy contracts pointing to a master copy and executing a function in the newly deployed proxy in one transaction. This additional transaction can for example execute the setup function to initialize the state of the contract.
 
+#### MasterCopy.sol
+The master copy contract defines the master copy field and has simple logic to change it. The master copy class should always be defined first if inherited.
+
+#### ModuleManager.sol
+The module manager allows the management (add, remove) of modules. These modules can execute transactions via the module manager. The module manager implements logic to execute calls, delegatecalls and create operations.
+
+#### OwnerManager.sol
+The owner manager allows the management (add, remove, replace) of owners. It also specifies a threshold that can be used for all actions that require the confirmation of a specific amount of owners.
+
 ### Gnosis Safe
 #### GnosisSafe.sol
-The Gnosis Safe contract implements all basic multisignature functionality. It allows to execute Safe transactions and Safe extensions.
+The Gnosis Safe contract implements all basic multisignature functionality. It allows to execute Safe transactions and Safe modules.
+
+Safe transactions can be used to configure the wallet like managing owners, updating the master copy address or whitelisting of modules. All configuration functions can only be called via transactions sent from the Safe itself. This assures that configuration changes require owner confirmations.
+
+Before a Safe transaction can be executed, the transaction has to be confirmed by the required number of owners. 
 
-Safe transactions can be used to configure the wallet like managing owners, updating the master copy address or whitelisting of extensions. All configuration functions can only be called via transactions sent from the Safe itself. This assures that configuration changes require owner confirmations.
+There are multiple implementations of the Gnosis Safe contract with different methods to check if a transaction has been confirmed by the required owners.
 
-Before a Safe transaction can be executed, the transaction has to be confirmed by the required number of owners. There are two ways to confirm transactions:
+#### GnosisSafePersonalEdition.sol
+This version is targeted at users that control all keys owning a safe. The transaction hash can be signed with the private keys that manage the safe. 
 
-1. Owners represented by private key controlled accounts can sign the transaction hash.
-2. Owners represented by contract accounts (e.g. other Safe contracts) or private key controlled accounts can confirm a transaction by calling the `confirmTransaction` function.
+Once the required number of confirmations is available `execTransactionAndPaySubmitter` can be called with the sending confirmation signatures. This method will pay the submitter of the transaction for the transaction fees after the Safe transaction has been executed.
 
-Once the required number of confirmations is available `executeTransaction` can be called by sending confirmation signatures and references to confirmations sent using `confirmTransaction`. In case the account calling `executeTransaction` is a wallet owner its call can be used as confirmation and the owner doesn't have to confirm with a signed message or `confirmTransaction`.
+`execTransactionAndPaySubmitter` expects all confirmations sorted by owner address. This is required to easily validate no confirmation duplicates exist.
 
-`executeTransaction` expects all confirmations sorted by owner address. This is required to easily validate no confirmation duplicates exist.
+#### GnosisSafeTeamEdition.sol
+This version is targeted at teams where each owner is a different user. Each owner has to confirm a transaction by using `confirmTransaction`. Once the required number of owners has confirmed, the transaction can be executed via `execTransactionIfApproved`. If the sender of `execTransactionIfApproved` is an owner it is not necessary to confirm the transaction before. Furthermore this version doesn't store the nonce in the contract but for each transaction a nonce needs to be specified.
 
-##### Example execution
+##### Example execution for State Channel Edition
 
-Assuming we have 4 owners in a 4 out of 4 multisig configuration:
+Assuming we have 2 owners in a 2 out of 2 multisig configuration:
 
 1. `0x1` (Private key)
 2. `0x2` (Private key)
-3. `0x3` (Safe contract)
-4. `0x4` (Private key)
 
-`0x1` and `0x2` are confirming by signing a message. `0x3` is confirming by sending a `confirmTransaction` transaction. `0x4` is calling the `executeTransaction` function and therefore also confirming the transaction.
+`0x1` and `0x2` are confirming by signing a message.
 
-The Safe transaction parameters used for `executeTransaction` have to be set like the following:
-* `v = [v_0x1, v_0x2]`
-* `r = [r_0x1, r_0x2]`
-* `s = [s_0x1, s_0x2]`
-* `owners = [0x3, 0x4]`
-* `indices = [2, 3]`
+The signatures bytes used for `execTransaction` have to be build like the following:
+* `bytes = 0x{r_0x1}{s_0x1}{v_0x1}{r_0x2}{s_0x2}{v_0x2}`
 
-`v`, `r` and `s` are the signature parameters for the signed confirmation messages. Position `0` in `v` represents `0x1`'s signature part and corresponds to position `0` in `r` and `s`. The `owners` array contains owner addresses confirming transaction by sending a `confirmTransaction` or calling `executeTransaction`. Their address position in the sorted array of all confirming owner addresses is set in the `indices` array starting from position 0:
+`v`, `r` and `s` are the signature parameters for the signed confirmation messages. All values are hex encoded. `r` and `s` are padded to 32 bytes and `v` is padded to 8 bytes.
 
-`allConfirmingOwners = [0x1, 0x2, 0x3, 0x4]`
+### Modules
+Modules allow to execute transactions from the Safe without the requirement of multiple signatures. For this Modules that have been added to a Safe can use the `execTransactionFromModule` function. Modules define their own requirements for execution. Modules need to implement their own replay protection.
 
-Position of `0x3` is `2` and position of `0x4` is `3` in `indices` array.
+#### StateChannelModule.sol
+This module is meant to be used with state channels. It is a module similar to the personal edition, but without the payment option (therefore the method is named `execTransaction`). Furthermore this version doesn't store the nonce in the contract but for each transaction a nonce needs to be specified.
 
-### Extensions
-Extensions allow to execute transactions from the Safe without the requirement of multiple signatures. Extensions define their own requirements for execution. Every extension has to implement the interface for extensions. This interface requires only one function `isExecutable` receiving all transaction parameters and evaluating if a transaction is allowed to be executed. Extension transactions don't require a nonce as they don't require replay protection.
+#### DailyLimitModule.sol
+The Daily Limit Modules allows an owner to withdraw specified amounts of specified ERC20 tokens on a daily basis without confirmation by other owners. The daily limit is reset at midnight UTC. Ether is represented with the token address 0. Daily limits can be set via Safe transactions.
 
-#### DailyLimitExtension.sol
-The Daily Limit Extensions allows an owner to withdraw specified amounts of specified ERC20 tokens on a daily basis without confirmation by other owners. The daily limit is reset at midnight UTC. Ether is represented with the token address 0. Daily limits can be set via Safe transactions.
+#### SocialRecoveryModule.sol
+The Social Recovery Modules allows to recover a Safe in case access to owner accounts was lost. This is done by defining a minimum of 3 friends’ addresses as trusted parties. If all required friends confirm that a Safe owner should be replaced with another address, the Safe owner is replaced and access to the Safe can be restored. Every owner address can be replaced only once.
 
-#### SocialRecoveryExtension.sol
-The Social Recovery Extensions allows to recover a Safe in case access to owner accounts was lost. This is done by defining a minimum of 3 friends’ addresses as trusted parties. If all required friends confirm that a Safe owner should be replaced with another address, the Safe owner is replaced and access to the Safe can be restored. Every owner address can be replaced only once.
-
-#### WhitelistExtension.sol
-The Whitelist Extensions allows an owner to execute arbitrary transactions to specific addresses without confirmation by other owners. The whitelist can be maintained via Safe transactions.
+#### WhitelistModule.sol
+The Whitelist Modules allows an owner to execute arbitrary transactions to specific addresses without confirmation by other owners. The whitelist can be maintained via Safe transactions.
 
 ### Libraries
 Libraries can be called from the Safe via a `DELEGATECALL`. They should not implement their own storage as this storage won’t be accessible via a `DELEGATECALL`.
 
 #### MultiSend.sol
 This library allows to batch transactions and execute them at once. This is useful if user interactions require more than one transaction for one UI interaction like approving an amount of ERC20 tokens and calling a contract consuming those tokens. If one transaction fails all are reverted.
 
-#### CreateAndAddExtension.sol
-This library allows to create a new Safe extension and whitelist this extension for the Safe in one single transaction.
+#### CreateAndAddModules.sol
+This library allows to create new Safe modules and whitelist these modules for the Safe in one single transaction.
+
+#### Note on naming of execute function of the safes
+To optimize gas usage the naming of the methods was choosen in a matter that result in a low method id for methods that are often used. Please consider this when renaming.
 
 Install
 -------
@@ -101,6 +122,10 @@ truffle test
 truffle deploy
 ```
 
+Audits
+---------
+- [by Alexey Akhunov](docs/alexey_audit.md)
+
 Security and Liability
 ----------------------
 All contracts are WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
@@ -112,11 +137,7 @@ All smart contracts are released under GPL v.3.
 Contributors
 ------------
 - Stefan George ([Georgi87](https://github.com/Georgi87))
+- Richard Meissner ([rmeissner](https://github.com/rmeissner))
 - Christian Lundkvist ([christianlundkvist](https://github.com/christianlundkvist))
 - Nick Dodson ([SilentCicero](https://github.com/SilentCicero))
 - Gonçalo Sá ([GNSPS](https://github.com/GNSPS))
-- Richard Meissner ([rmeissner](https://github.com/rmeissner))
-
-Reviewers
----------
-The code has not been reviewed yet.

contracts/DelegateConstructorProxy.sol

@@ -0,0 +1,27 @@
+pragma solidity 0.4.24;
+import "./Proxy.sol";
+
+
+/// @title Delegate Constructor Proxy - Generic proxy contract allows to execute all transactions applying the code of a master contract. It is possible to send along initialization data with the constructor.
+/// @author Stefan George - <stefan@gnosis.pm>
+/// @author Richard Meissner - <richard@gnosis.pm>
+contract DelegateConstructorProxy is Proxy {
+
+    /// @dev Constructor function sets address of master copy contract.
+    /// @param _masterCopy Master copy address.
+    /// @param initializer Data used for a delegate call to initialize the contract.
+    constructor(address _masterCopy, bytes initializer) Proxy(_masterCopy)
+        public
+    {
+        if (initializer.length > 0) {
+            // solium-disable-next-line security/no-inline-assembly
+            assembly {
+                let masterCopy := and(sload(0), 0xffffffffffffffffffffffffffffffffffffffff)
+                let success := delegatecall(sub(gas, 10000), masterCopy, add(initializer, 0x20), mload(initializer), 0, 0)
+                let ptr := mload(0x40)
+                returndatacopy(ptr, 0, returndatasize)
+                if eq(success, 0) { revert(ptr, returndatasize) }
+            }
+        }
+    }
+}

contracts/Enum.sol

@@ -0,0 +1,12 @@
+pragma solidity 0.4.24;
+
+
+/// @title Enum - Collection of enums
+/// @author Richard Meissner - <richard@gnosis.pm>
+contract Enum {
+    enum Operation {
+        Call,
+        DelegateCall,
+        Create
+    }
+}