Burn to claim macro audit fixes (#523)

* re-write marketplacev3 in new dynamic pattern

* update tests: direct listings

* update tests: english auctions

* update tests: offers

* update function for access control

* update storage position acc erc7201

* Use latest dynamic contracts

* Update dynamic-contracts deps

* Fix [Q-1] Misleading function name for setMaxTotalSupply

* Fix [Q-2] Missing sanity check when setting BurnToClaimInfo

* Fix [Q-3] OPERATOR_ROLE is not used

* Fix [Q-5] Named returns are not assigned

* Complete fix for [Q-1]

* Fix [Q-6] Avoid code duplication by using maxTotalSupply()

* Fix [Q-12] Comply with ERC7201 standard

* Fix [L-2] Missing sanity checks for PrimarySale and PlatformFee recipients

* Fix [Q-9] Document behavior of tokenURI

* Fix [Q-7] Adhere to naming convention for internal function

* Fix [Q-4] Missing natspec documentation

* Addendum [Q-2]: Consider removing redundant check in verifyBurnToClaim

* Addendum [Q-1]: use totalMinted instead of currentIndex in _checkTotalSupply

* Addendum [L-2]: appendix B

* Addendum [Q-12]: fully comply with ERC7201

* Fix test

---------

Co-authored-by: Yash <kumaryashcse@gmail.com>

Author: nkrishang

contracts/extension/interface/IBurnToClaim.sol

@@ -10,6 +10,15 @@ interface IBurnToClaim {
         ERC1155
     }
 
+    /**
+     *  @notice Configuration for burning tokens to claim new tokens.
+     *
+     *  @param originContractAddress The address of the contract that the tokens are burned from.
+     *  @param tokenType The type of token to burn.
+     *  @param tokenId The token ID of the token to burn. Only used if tokenType is ERC1155.
+     *  @param mintPriceForNewToken The price to mint a new token.
+     *  @param currency The currency to pay the mint price in.
+     */
     struct BurnToClaimInfo {
         address originContractAddress;
         TokenType tokenType;
@@ -18,13 +27,17 @@ interface IBurnToClaim {
         address currency;
     }
 
-    /// @dev Emitted when tokens are burned to claim new tokens
+    /// @notice Emitted when tokens are burned to claim new tokens
     event TokensBurnedAndClaimed(
         address indexed originContract,
         address indexed tokenOwner,
         uint256 indexed burnTokenId,
         uint256 quantity
     );
 
+    /**
+     *  @notice Sets the configuration for burning tokens to claim new tokens.
+     *  @param burnToClaimInfo The configuration for burning tokens to claim new tokens.
+     */
     function setBurnToClaimInfo(BurnToClaimInfo calldata burnToClaimInfo) external;
 }

contracts/extension/upgradeable/AccountPermissions.sol

@@ -10,7 +10,7 @@ import "../../external-deps/openzeppelin/utils/structs/EnumerableSet.sol";
 library AccountPermissionsStorage {
     /// @custom:storage-location erc7201:extension.manager.storage
     bytes32 public constant ACCOUNT_PERMISSIONS_STORAGE_POSITION =
-        keccak256(abi.encode(uint256(keccak256("account.permissions.storage")) - 1));
+        keccak256(abi.encode(uint256(keccak256("account.permissions.storage")) - 1)) & ~bytes32(uint256(0xff));
 
     struct Data {
         /// @dev The set of all admins of the wallet.

contracts/extension/upgradeable/BatchMintMetadata.sol

@@ -4,7 +4,7 @@ pragma solidity ^0.8.0;
 library BatchMintMetadataStorage {
     /// @custom:storage-location erc7201:extension.manager.storage
     bytes32 public constant BATCH_MINT_METADATA_STORAGE_POSITION =
-        keccak256(abi.encode(uint256(keccak256("batch.mint.metadata.storage")) - 1));
+        keccak256(abi.encode(uint256(keccak256("batch.mint.metadata.storage")) - 1)) & ~bytes32(uint256(0xff));
 
     struct Data {
         /// @dev Largest tokenId of each batch of tokens with the same baseURI.

contracts/extension/upgradeable/BurnToClaim.sol

@@ -14,7 +14,7 @@ import "../interface/IBurnToClaim.sol";
 library BurnToClaimStorage {
     /// @custom:storage-location erc7201:extension.manager.storage
     bytes32 public constant BURN_TO_CLAIM_STORAGE_POSITION =
-        keccak256(abi.encode(uint256(keccak256("burn.to.claim.storage")) - 1));
+        keccak256(abi.encode(uint256(keccak256("burn.to.claim.storage")) - 1)) & ~bytes32(uint256(0xff));
 
     struct Data {
         IBurnToClaim.BurnToClaimInfo burnToClaimInfo;
@@ -29,23 +29,27 @@ library BurnToClaimStorage {
 }
 
 abstract contract BurnToClaim is IBurnToClaim {
+    /// @notice Returns the confugration for burning tokens to claim new tokens.
     function getBurnToClaimInfo() public view returns (BurnToClaimInfo memory) {
         return _burnToClaimStorage().burnToClaimInfo;
     }
 
+    /// @notice Sets the configuration for burning tokens to claim new tokens.
     function setBurnToClaimInfo(BurnToClaimInfo calldata _burnToClaimInfo) external virtual {
         require(_canSetBurnToClaim(), "Not authorized.");
+        require(_burnToClaimInfo.originContractAddress != address(0), "Origin contract not set.");
+        require(_burnToClaimInfo.currency != address(0), "Currency not set.");
 
         _burnToClaimStorage().burnToClaimInfo = _burnToClaimInfo;
     }
 
+    /// @notice Verifies an attempt to burn tokens to claim new tokens.
     function verifyBurnToClaim(
         address _tokenOwner,
         uint256 _tokenId,
         uint256 _quantity
     ) public view virtual {
         BurnToClaimInfo memory _burnToClaimInfo = getBurnToClaimInfo();
-        require(_burnToClaimInfo.originContractAddress != address(0), "Origin contract not set.");
 
         if (_burnToClaimInfo.tokenType == IBurnToClaim.TokenType.ERC721) {
             require(_quantity == 1, "Invalid amount");
@@ -61,6 +65,7 @@ abstract contract BurnToClaim is IBurnToClaim {
         }
     }
 
+    /// @dev Burns tokens to claim new tokens.
     function _burnTokensOnOrigin(
         address _tokenOwner,
         uint256 _tokenId,
@@ -80,5 +85,6 @@ abstract contract BurnToClaim is IBurnToClaim {
         data = BurnToClaimStorage.data();
     }
 
+    /// @dev Returns whether the caller can set the burn to claim configuration.
     function _canSetBurnToClaim() internal view virtual returns (bool);
 }

contracts/extension/upgradeable/ContractMetadata.sol

@@ -17,7 +17,7 @@ import "../interface/IContractMetadata.sol";
 library ContractMetadataStorage {
     /// @custom:storage-location erc7201:extension.manager.storage
     bytes32 public constant CONTRACT_METADATA_STORAGE_POSITION =
-        keccak256(abi.encode(uint256(keccak256("contract.metadata.storage")) - 1));
+        keccak256(abi.encode(uint256(keccak256("contract.metadata.storage")) - 1)) & ~bytes32(uint256(0xff));
 
     struct Data {
         /// @notice Returns the contract metadata URI.

contracts/extension/upgradeable/DelayedReveal.sol

@@ -8,7 +8,7 @@ import "../interface/IDelayedReveal.sol";
 library DelayedRevealStorage {
     /// @custom:storage-location erc7201:extension.manager.storage
     bytes32 public constant DELAYED_REVEAL_STORAGE_POSITION =
-        keccak256(abi.encode(uint256(keccak256("delayed.reveal.storage")) - 1));
+        keccak256(abi.encode(uint256(keccak256("delayed.reveal.storage")) - 1)) & ~bytes32(uint256(0xff));
 
     struct Data {
         /// @dev Mapping from tokenId of a batch of tokens => to delayed reveal data.

contracts/extension/upgradeable/Drop.sol

@@ -8,7 +8,8 @@ import "../../lib/MerkleProof.sol";
 
 library DropStorage {
     /// @custom:storage-location erc7201:extension.manager.storage
-    bytes32 public constant DROP_STORAGE_POSITION = keccak256(abi.encode(uint256(keccak256("drop.storage")) - 1));
+    bytes32 public constant DROP_STORAGE_POSITION =
+        keccak256(abi.encode(uint256(keccak256("drop.storage")) - 1)) & ~bytes32(uint256(0xff));
 
     struct Data {
         /// @dev The active conditions for claiming tokens.

contracts/extension/upgradeable/ERC2771Context.sol

@@ -10,7 +10,7 @@ import "../interface/IERC2771Context.sol";
 library ERC2771ContextStorage {
     /// @custom:storage-location erc7201:extension.manager.storage
     bytes32 public constant ERC2771_CONTEXT_STORAGE_POSITION =
-        keccak256(abi.encode(uint256(keccak256("erc2771.context.storage")) - 1));
+        keccak256(abi.encode(uint256(keccak256("erc2771.context.storage")) - 1)) & ~bytes32(uint256(0xff));
 
     struct Data {
         mapping(address => bool) trustedForwarder;

contracts/extension/upgradeable/ERC2771ContextConsumer.sol

@@ -0,0 +1,32 @@
+// SPDX-License-Identifier: Apache-2.0
+pragma solidity ^0.8.0;
+
+/// @author thirdweb
+
+interface IERC2771Context {
+    function isTrustedForwarder(address forwarder) external view returns (bool);
+}
+
+/**
+ * @dev Context variant with ERC2771 support.
+ */
+abstract contract ERC2771ContextConsumer {
+    function _msgSender() public view virtual returns (address sender) {
+        if (IERC2771Context(address(this)).isTrustedForwarder(msg.sender)) {
+            // The assembly code is more direct than the Solidity version using `abi.decode`.
+            assembly {
+                sender := shr(96, calldataload(sub(calldatasize(), 20)))
+            }
+        } else {
+            return msg.sender;
+        }
+    }
+
+    function _msgData() public view virtual returns (bytes calldata) {
+        if (IERC2771Context(address(this)).isTrustedForwarder(msg.sender)) {
+            return msg.data[:msg.data.length - 20];
+        } else {
+            return msg.data;
+        }
+    }
+}

contracts/extension/upgradeable/ERC2771ContextUpgradeable.sol

@@ -11,7 +11,7 @@ import "./Initializable.sol";
 library ERC2771ContextStorage {
     /// @custom:storage-location erc7201:extension.manager.storage
     bytes32 public constant ERC2771_CONTEXT_STORAGE_POSITION =
-        keccak256(abi.encode(uint256(keccak256("erc2771.context.storage")) - 1));
+        keccak256(abi.encode(uint256(keccak256("erc2771.context.storage")) - 1)) & ~bytes32(uint256(0xff));
 
     struct Data {
         mapping(address => bool) trustedForwarder;