feat(arbitration): implement SafeSend library for secure ETH transfers

Author: thasmi21

contracts/deploy/00-home-chain-arbitration-neo.ts

@@ -32,7 +32,7 @@ const deployArbitration: DeployFunction = async (hre: HardhatRuntimeEnvironment)
   const disputeKit = await deployUpgradable(deployments, "DisputeKitClassicNeo", {
     from: deployer,
     contract: "DisputeKitClassic",
-    args: [deployer, ZeroAddress],
+    args: [deployer, ZeroAddress, weth.target],
     log: true,
   });
 
@@ -81,6 +81,7 @@ const deployArbitration: DeployFunction = async (hre: HardhatRuntimeEnvironment)
       ethers.toBeHex(5), // Extra data for sortition module will return the default value of K
       sortitionModule.address,
       nft.target,
+      weth.target,
     ],
     log: true,
   }); // nonce+2 (implementation), nonce+3 (proxy)

contracts/deploy/00-home-chain-arbitration-ruler.ts

@@ -32,6 +32,7 @@ const deployArbitration: DeployFunction = async (hre: HardhatRuntimeEnvironment)
       deployer, // governor
       pnk.target,
       [minStake, alpha, feeForJuror, jurorsForCourtJump],
+      weth.target,
     ],
     log: true,
   });

contracts/deploy/00-home-chain-arbitration-university.ts

@@ -27,7 +27,7 @@ const deployArbitration: DeployFunction = async (hre: HardhatRuntimeEnvironment)
   const disputeKit = await deployUpgradable(deployments, "DisputeKitClassicUniversity", {
     from: deployer,
     contract: "DisputeKitClassic",
-    args: [deployer, ZeroAddress],
+    args: [deployer, ZeroAddress, weth.target],
     log: true,
   });
 
@@ -59,6 +59,7 @@ const deployArbitration: DeployFunction = async (hre: HardhatRuntimeEnvironment)
       [minStake, alpha, feeForJuror, jurorsForCourtJump],
       [0, 0, 0, 10], // evidencePeriod, commitPeriod, votePeriod, appealPeriod
       sortitionModule.address,
+      weth.target,
     ],
     log: true,
   }); // nonce+2 (implementation), nonce+3 (proxy)

contracts/deploy/00-home-chain-arbitration.ts

@@ -37,7 +37,7 @@ const deployArbitration: DeployFunction = async (hre: HardhatRuntimeEnvironment)
 
   const disputeKit = await deployUpgradable(deployments, "DisputeKitClassic", {
     from: deployer,
-    args: [deployer, ZeroAddress],
+    args: [deployer, ZeroAddress, weth.target],
     log: true,
   });
 
@@ -74,6 +74,7 @@ const deployArbitration: DeployFunction = async (hre: HardhatRuntimeEnvironment)
       [0, 0, 0, 10], // evidencePeriod, commitPeriod, votePeriod, appealPeriod
       ethers.toBeHex(5), // Extra data for sortition module will return the default value of K
       sortitionModule.address,
+      weth.target,
     ],
     log: true,
   }); // nonce+2 (implementation), nonce+3 (proxy)
@@ -105,23 +106,23 @@ const deployArbitration: DeployFunction = async (hre: HardhatRuntimeEnvironment)
   // Extra dispute kits
   const disputeKitShutter = await deployUpgradable(deployments, "DisputeKitShutter", {
     from: deployer,
-    args: [deployer, core.target],
+    args: [deployer, core.target, weth.target],
     log: true,
   });
   await core.addNewDisputeKit(disputeKitShutter.address);
   await core.enableDisputeKits(Courts.GENERAL, [2], true); // enable disputeKitShutter on the General Court
 
   const disputeKitGated = await deployUpgradable(deployments, "DisputeKitGated", {
     from: deployer,
-    args: [deployer, core.target],
+    args: [deployer, core.target, weth.target],
     log: true,
   });
   await core.addNewDisputeKit(disputeKitGated.address);
   await core.enableDisputeKits(Courts.GENERAL, [3], true); // enable disputeKitGated on the General Court
 
   const disputeKitGatedShutter = await deployUpgradable(deployments, "DisputeKitGatedShutter", {
     from: deployer,
-    args: [deployer, core.target],
+    args: [deployer, core.target, weth.target],
     log: true,
   });
   await core.addNewDisputeKit(disputeKitGatedShutter.address);

contracts/src/arbitration/KlerosCore.sol

@@ -30,6 +30,7 @@ contract KlerosCore is KlerosCoreBase {
     /// @param _timesPerPeriod The `timesPerPeriod` property value of the general court.
     /// @param _sortitionExtraData The extra data for sortition module.
     /// @param _sortitionModuleAddress The sortition module responsible for sortition of the jurors.
+    /// @param _wNative The address for WETH tranfers.
     function initialize(
         address _governor,
         address _guardian,
@@ -40,7 +41,8 @@ contract KlerosCore is KlerosCoreBase {
         uint256[4] memory _courtParameters,
         uint256[4] memory _timesPerPeriod,
         bytes memory _sortitionExtraData,
-        ISortitionModule _sortitionModuleAddress
+        ISortitionModule _sortitionModuleAddress,
+        address _wNative
     ) external reinitializer(1) {
         __KlerosCoreBase_initialize(
             _governor,
@@ -52,7 +54,8 @@ contract KlerosCore is KlerosCoreBase {
             _courtParameters,
             _timesPerPeriod,
             _sortitionExtraData,
-            _sortitionModuleAddress
+            _sortitionModuleAddress,
+            _wNative
         );
     }
 

contracts/src/arbitration/KlerosCoreBase.sol

@@ -8,13 +8,15 @@ import {ISortitionModule} from "./interfaces/ISortitionModule.sol";
 import {Initializable} from "../proxy/Initializable.sol";
 import {UUPSProxiable} from "../proxy/UUPSProxiable.sol";
 import {SafeERC20, IERC20} from "../libraries/SafeERC20.sol";
+import {SafeSend} from "../libraries/SafeSend.sol";
 import "../libraries/Constants.sol";
 
 /// @title KlerosCoreBase
 /// Core arbitrator contract for Kleros v2.
 /// Note that this contract trusts the PNK token, the dispute kit and the sortition module contracts.
 abstract contract KlerosCoreBase is IArbitratorV2, Initializable, UUPSProxiable {
     using SafeERC20 for IERC20;
+    using SafeSend for address payable;
 
     // ************************************* //
     // *         Enums / Structs           * //
@@ -99,6 +101,7 @@ abstract contract KlerosCoreBase is IArbitratorV2, Initializable, UUPSProxiable
     Dispute[] public disputes; // The disputes.
     mapping(IERC20 => CurrencyRate) public currencyRates; // The price of each token in ETH.
     bool public paused; // Whether asset withdrawals are paused.
+    address public wNative; // The address for WETH tranfers.
 
     // ************************************* //
     // *              Events               * //
@@ -199,13 +202,15 @@ abstract contract KlerosCoreBase is IArbitratorV2, Initializable, UUPSProxiable
         uint256[4] memory _courtParameters,
         uint256[4] memory _timesPerPeriod,
         bytes memory _sortitionExtraData,
-        ISortitionModule _sortitionModuleAddress
+        ISortitionModule _sortitionModuleAddress,
+        address _wNative
     ) internal onlyInitializing {
         governor = _governor;
         guardian = _guardian;
         pinakion = _pinakion;
         jurorProsecutionModule = _jurorProsecutionModule;
         sortitionModule = _sortitionModuleAddress;
+        wNative = _wNative;
 
         // NULL_DISPUTE_KIT: an empty element at index 0 to indicate when a dispute kit is not supported.
         disputeKits.push();
@@ -802,7 +807,7 @@ abstract contract KlerosCoreBase is IArbitratorV2, Initializable, UUPSProxiable
             // No one was coherent, send the rewards to the governor.
             if (round.feeToken == NATIVE_CURRENCY) {
                 // The dispute fees were paid in ETH
-                payable(governor).send(round.totalFeesForJurors);
+                payable(governor).safeSend(round.totalFeesForJurors, wNative);
             } else {
                 // The dispute fees were paid in ERC20
                 round.feeToken.safeTransfer(governor, round.totalFeesForJurors);
@@ -854,7 +859,7 @@ abstract contract KlerosCoreBase is IArbitratorV2, Initializable, UUPSProxiable
         pinakion.safeTransfer(account, pnkReward);
         if (round.feeToken == NATIVE_CURRENCY) {
             // The dispute fees were paid in ETH
-            payable(account).send(feeReward);
+            payable(account).safeSend(feeReward, wNative);
         } else {
             // The dispute fees were paid in ERC20
             round.feeToken.safeTransfer(account, feeReward);
@@ -880,7 +885,7 @@ abstract contract KlerosCoreBase is IArbitratorV2, Initializable, UUPSProxiable
                 if (leftoverFeeReward != 0) {
                     if (round.feeToken == NATIVE_CURRENCY) {
                         // The dispute fees were paid in ETH
-                        payable(governor).send(leftoverFeeReward);
+                        payable(governor).safeSend(leftoverFeeReward, wNative);
                     } else {
                         // The dispute fees were paid in ERC20
                         round.feeToken.safeTransfer(governor, leftoverFeeReward);

contracts/src/arbitration/KlerosCoreNeo.sol

@@ -39,6 +39,7 @@ contract KlerosCoreNeo is KlerosCoreBase {
     /// @param _sortitionExtraData The extra data for sortition module.
     /// @param _sortitionModuleAddress The sortition module responsible for sortition of the jurors.
     /// @param _jurorNft NFT contract to vet the jurors.
+    /// @param _wNative The address for WETH tranfers.
     function initialize(
         address _governor,
         address _guardian,
@@ -50,7 +51,8 @@ contract KlerosCoreNeo is KlerosCoreBase {
         uint256[4] memory _timesPerPeriod,
         bytes memory _sortitionExtraData,
         ISortitionModule _sortitionModuleAddress,
-        IERC721 _jurorNft
+        IERC721 _jurorNft,
+        address _wNative
     ) external reinitializer(2) {
         __KlerosCoreBase_initialize(
             _governor,
@@ -62,7 +64,8 @@ contract KlerosCoreNeo is KlerosCoreBase {
             _courtParameters,
             _timesPerPeriod,
             _sortitionExtraData,
-            _sortitionModuleAddress
+            _sortitionModuleAddress,
+            _wNative
         );
         jurorNft = _jurorNft;
     }

contracts/src/arbitration/KlerosGovernor.sol

@@ -3,10 +3,12 @@
 pragma solidity ^0.8.24;
 
 import {IArbitrableV2, IArbitratorV2} from "./interfaces/IArbitrableV2.sol";
+import {SafeSend} from "../libraries/SafeSend.sol";
 import "./interfaces/IDisputeTemplateRegistry.sol";
 
 /// @title KlerosGovernor for V2. Note that appeal functionality and evidence submission will be handled by the court.
 contract KlerosGovernor is IArbitrableV2 {
+    using SafeSend for address payable;
     // ************************************* //
     // *         Enums / Structs           * //
     // ************************************* //
@@ -60,6 +62,8 @@ contract KlerosGovernor is IArbitrableV2 {
     Submission[] public submissions; // Stores all created transaction lists. submissions[_listID].
     Session[] public sessions; // Stores all submitting sessions. sessions[_session].
 
+    address public wNative; // The address for WETH tranfers.
+
     // ************************************* //
     // *        Function Modifiers         * //
     // ************************************* //
@@ -111,6 +115,7 @@ contract KlerosGovernor is IArbitrableV2 {
     /// @param _submissionTimeout Time in seconds allocated for submitting transaction list.
     /// @param _executionTimeout Time in seconds after approval that allows to execute transactions of the approved list.
     /// @param _withdrawTimeout Time in seconds after submission that allows to withdraw submitted list.
+    /// @param _wNative The address of the WETH used by SafeSend for fallback transfers.
     constructor(
         IArbitratorV2 _arbitrator,
         bytes memory _arbitratorExtraData,
@@ -119,10 +124,12 @@ contract KlerosGovernor is IArbitrableV2 {
         uint256 _submissionBaseDeposit,
         uint256 _submissionTimeout,
         uint256 _executionTimeout,
-        uint256 _withdrawTimeout
+        uint256 _withdrawTimeout,
+        address _wNative
     ) {
         arbitrator = _arbitrator;
         arbitratorExtraData = _arbitratorExtraData;
+        wNative = _wNative;
 
         lastApprovalTime = block.timestamp;
         submissionBaseDeposit = _submissionBaseDeposit;
@@ -237,7 +244,7 @@ contract KlerosGovernor is IArbitrableV2 {
         emit ListSubmitted(submissions.length - 1, msg.sender, sessions.length - 1, _description);
 
         uint256 remainder = msg.value - submission.deposit;
-        if (remainder > 0) payable(msg.sender).send(remainder);
+        if (remainder > 0) payable(msg.sender).safeSend(remainder, wNative);
 
         reservedETH += submission.deposit;
     }
@@ -277,7 +284,7 @@ contract KlerosGovernor is IArbitrableV2 {
             submission.approvalTime = block.timestamp;
             uint256 sumDeposit = session.sumDeposit;
             session.sumDeposit = 0;
-            submission.submitter.send(sumDeposit);
+            submission.submitter.safeSend(sumDeposit, wNative);
             lastApprovalTime = block.timestamp;
             session.status = Status.Resolved;
             sessions.push();
@@ -311,7 +318,7 @@ contract KlerosGovernor is IArbitrableV2 {
             Submission storage submission = submissions[session.submittedLists[_ruling - 1]];
             submission.approved = true;
             submission.approvalTime = block.timestamp;
-            submission.submitter.send(session.sumDeposit);
+            submission.submitter.safeSend(session.sumDeposit, wNative);
         }
         // If the ruling is "0" the reserved funds of this session become expendable.
         reservedETH -= session.sumDeposit;

contracts/src/arbitration/devtools/KlerosCoreRuler.sol

@@ -4,6 +4,7 @@ pragma solidity ^0.8.24;
 
 import {IArbitrableV2, IArbitratorV2} from "../interfaces/IArbitratorV2.sol";
 import {SafeERC20, IERC20} from "../../libraries/SafeERC20.sol";
+import {SafeSend} from "../../libraries/SafeSend.sol";
 import {UUPSProxiable} from "../../proxy/UUPSProxiable.sol";
 import {Initializable} from "../../proxy/Initializable.sol";
 import "../../libraries/Constants.sol";
@@ -12,6 +13,7 @@ import "../../libraries/Constants.sol";
 /// Core arbitrator contract for development and testing purposes.
 contract KlerosCoreRuler is IArbitratorV2, UUPSProxiable, Initializable {
     using SafeERC20 for IERC20;
+    using SafeSend for address payable;
 
     string public constant override version = "0.8.0";
 
@@ -93,6 +95,7 @@ contract KlerosCoreRuler is IArbitratorV2, UUPSProxiable, Initializable {
     mapping(IArbitrableV2 arbitrable => address ruler) public rulers; // The ruler of each arbitrable contract.
     mapping(IArbitrableV2 arbitrable => RulerSettings) public settings; // The settings of each arbitrable contract.
     mapping(uint256 disputeID => RulingResult) public rulingResults; // The ruling results of each dispute.
+    address public wNative; // The address for WETH tranfers.
 
     // ************************************* //
     // *              Events               * //
@@ -175,13 +178,16 @@ contract KlerosCoreRuler is IArbitratorV2, UUPSProxiable, Initializable {
     /// @param _governor The governor's address.
     /// @param _pinakion The address of the token contract.
     /// @param _courtParameters Numeric parameters of General court (minStake, alpha, feeForJuror and jurorsForCourtJump respectively).
+    /// @param _wNative The address of the WETH used by SafeSend for fallback transfers.
     function initialize(
         address _governor,
         IERC20 _pinakion,
-        uint256[4] memory _courtParameters
+        uint256[4] memory _courtParameters,
+        address _wNative
     ) external reinitializer(1) {
         governor = _governor;
         pinakion = _pinakion;
+        wNative = _wNative;
 
         // FORKING_COURT
         // TODO: Fill the properties for the Forking court, emit CourtCreated.
@@ -525,7 +531,7 @@ contract KlerosCoreRuler is IArbitratorV2, UUPSProxiable, Initializable {
         round.sumFeeRewardPaid += feeReward;
         if (round.feeToken == NATIVE_CURRENCY) {
             // The dispute fees were paid in ETH
-            payable(account).send(feeReward);
+            payable(account).safeSend(feeReward, wNative);
         } else {
             // The dispute fees were paid in ERC20
             round.feeToken.safeTransfer(account, feeReward);

contracts/src/arbitration/dispute-kits/DisputeKitClassic.sol

@@ -25,8 +25,9 @@ contract DisputeKitClassic is DisputeKitClassicBase {
     /// @dev Initializer.
     /// @param _governor The governor's address.
     /// @param _core The KlerosCore arbitrator.
-    function initialize(address _governor, KlerosCore _core) external reinitializer(1) {
-        __DisputeKitClassicBase_initialize(_governor, _core);
+    /// @param _wNative The address for WETH tranfers.
+    function initialize(address _governor, KlerosCore _core, address _wNative) external reinitializer(1) {
+        __DisputeKitClassicBase_initialize(_governor, _core, _wNative);
     }
 
     function initialize7() external reinitializer(7) {