permission fixes across contracts (stader-labs#86)

* permission fixes across contracts

* move constant role to config

* permission implementation in config

* move onlyRole check to UtilLib

* move default admin role to UtilLib

* pushed more permission changes

* rollback default admin changes

* Added permissions in few contracts (stader-labs#88)

* fix: DefiWind TODOs (stader-labs#85)

* sd collateral init refactor

* reorder imports

* rename AddressLib, use safeERC20

* minor: redundant code removal

* replace `require` with custom errors

* parameterized custom errors

* remove unused custom errors

* add methods in interface

* remove safeERC20

* remove unused config in `staderConfig`

* add staderConfig setter

* added events

* minor improvements

* remove `_` from internal functions

* minor changes

* resolve todo init

* sd price consensus impl

* resolved todos

* reminder comment

* removed resolved todos

* moved OperatorPoolId impl to PoolFactory

* removed unwanted comment

* slash SD on higher penalty

* removed unwanted comments

* converted ETHx to upgradeable token

* method rename

* separate update frequecies for different oracles

* slash penalty SD

* todo for sanjay to discuss

* remove resolved todos

* convert sd withdraw into 2 step process

* minor change

* removed ERC20Burnable

* resolved PR comments

* added a todo

* PR comments resolves

* typo

* updated permissions

* review fixes

* minor refactor

* minor improvements

---------

Co-authored-by: Sanjay Yadav <[email protected]>
Co-authored-by: Manoj Patra <[email protected]>

contracts/Auction.sol

@@ -1,7 +1,7 @@
 // SPDX-License-Identifier: MIT
 pragma solidity ^0.8.16;
 
-import './library/AddressLib.sol';
+import './library/UtilLib.sol';
 
 import '../contracts/interfaces/SDCollateral/IAuction.sol';
 import '../contracts/interfaces/IStaderStakePoolManager.sol';
@@ -12,8 +12,6 @@ import '@openzeppelin/contracts-upgradeable/security/PausableUpgradeable.sol';
 import '@openzeppelin/contracts-upgradeable/security/ReentrancyGuardUpgradeable.sol';
 
 contract Auction is IAuction, Initializable, AccessControlUpgradeable, PausableUpgradeable, ReentrancyGuardUpgradeable {
-    bytes32 public constant MANAGER = keccak256('MANAGER');
-
     IStaderConfig public override staderConfig;
     uint256 public override nextLot;
     uint256 public override bidIncrement;
@@ -28,12 +26,10 @@ contract Auction is IAuction, Initializable, AccessControlUpgradeable, PausableU
 
     function initialize(
         address _staderConfig,
-        address _manager,
         uint256 _duration,
         uint256 _bidIncrement
     ) external initializer {
-        AddressLib.checkNonZeroAddress(_staderConfig);
-        AddressLib.checkNonZeroAddress(_manager);
+        UtilLib.checkNonZeroAddress(_staderConfig);
         if (_duration < 24 hours) revert ShortDuration();
 
         __AccessControl_init();
@@ -46,14 +42,13 @@ contract Auction is IAuction, Initializable, AccessControlUpgradeable, PausableU
         nextLot = 1;
 
         _grantRole(DEFAULT_ADMIN_ROLE, staderConfig.getAdmin());
-        _grantRole(MANAGER, _manager);
 
         emit UpdatedStaderConfig(_staderConfig);
         emit AuctionDurationUpdated(duration);
         emit BidInrementUpdated(bidIncrement);
     }
 
-    function createLot(uint256 _sdAmount) external override whenNotPaused onlyRole(MANAGER) {
+    function createLot(uint256 _sdAmount) external override whenNotPaused {
         lots[nextLot].startBlock = block.number;
         lots[nextLot].endBlock = block.number + duration;
         lots[nextLot].sdAmount = _sdAmount;
@@ -143,18 +138,20 @@ contract Auction is IAuction, Initializable, AccessControlUpgradeable, PausableU
 
     // SETTERS
     function updateStaderConfig(address _staderConfig) external override onlyRole(DEFAULT_ADMIN_ROLE) {
-        AddressLib.checkNonZeroAddress(_staderConfig);
+        UtilLib.checkNonZeroAddress(_staderConfig);
         staderConfig = IStaderConfig(_staderConfig);
         emit UpdatedStaderConfig(_staderConfig);
     }
 
-    function updateDuration(uint256 _duration) external override onlyRole(MANAGER) {
+    function updateDuration(uint256 _duration) external override {
+        UtilLib.onlyManagerRole(msg.sender, staderConfig);
         if (_duration < 24 hours) revert ShortDuration();
         duration = _duration;
         emit AuctionDurationUpdated(duration);
     }
 
-    function updateBidIncrement(uint256 _bidIncrement) external override onlyRole(MANAGER) {
+    function updateBidIncrement(uint256 _bidIncrement) external override {
+        UtilLib.onlyManagerRole(msg.sender, staderConfig);
         bidIncrement = _bidIncrement;
         emit BidInrementUpdated(_bidIncrement);
     }

contracts/ETHx.sol

@@ -1,6 +1,7 @@
 // SPDX-License-Identifier: MIT
 pragma solidity ^0.8.16;
-import './library/AddressLib.sol';
+
+import './library/UtilLib.sol';
 
 import './interfaces/IStaderConfig.sol';
 
@@ -25,7 +26,7 @@ contract ETHx is Initializable, ERC20Upgradeable, PausableUpgradeable, AccessCon
     }
 
     function initialize(address _staderConfig) public initializer {
-        AddressLib.checkNonZeroAddress(_staderConfig);
+        UtilLib.checkNonZeroAddress(_staderConfig);
 
         __ERC20_init('Liquid Staking ETH', 'ETHx');
         __Pausable_init();

contracts/NodeELRewardVault.sol

@@ -1,7 +1,7 @@
 // SPDX-License-Identifier: MIT
 pragma solidity ^0.8.16;
 
-import './library/AddressLib.sol';
+import './library/UtilLib.sol';
 
 import './interfaces/IPoolFactory.sol';
 import './interfaces/INodeRegistry.sol';
@@ -26,7 +26,7 @@ contract NodeELRewardVault is INodeELRewardVault, Initializable, AccessControlUp
         uint256 _operatorId,
         address _staderConfig
     ) external initializer {
-        AddressLib.checkNonZeroAddress(_staderConfig);
+        UtilLib.checkNonZeroAddress(_staderConfig);
 
         __AccessControl_init();
         __ReentrancyGuard_init();
@@ -118,9 +118,8 @@ contract NodeELRewardVault is INodeELRewardVault, Initializable, AccessControlUp
     }
 
     // SETTERS
-
     function updateStaderConfig(address _staderConfig) external override onlyRole(DEFAULT_ADMIN_ROLE) {
-        AddressLib.checkNonZeroAddress(_staderConfig);
+        UtilLib.checkNonZeroAddress(_staderConfig);
         staderConfig = IStaderConfig(_staderConfig);
         emit UpdatedStaderConfig(_staderConfig);
     }

contracts/Penalty.sol

@@ -1,7 +1,7 @@
 // SPDX-License-Identifier: MIT
 pragma solidity ^0.8.16;
 
-import './library/AddressLib.sol';
+import './library/UtilLib.sol';
 
 import './interfaces/IPenalty.sol';
 import './interfaces/IRatedV1.sol';
@@ -16,7 +16,6 @@ contract Penalty is IPenalty, Initializable, AccessControlUpgradeable {
     uint256 public override mevTheftPenaltyPerStrike;
     uint256 public override missedAttestationPenaltyPerStrike;
     uint256 public override validatorExitPenaltyThreshold;
-    bytes32 public constant override STADER_DAO = keccak256('STADER_DAO');
     uint64 private constant VALIDATOR_PUBKEY_LENGTH = 48;
 
     /// @inheritdoc IPenalty
@@ -30,8 +29,8 @@ contract Penalty is IPenalty, Initializable, AccessControlUpgradeable {
     }
 
     function initialize(address _staderConfig, address _ratedOracleAddress) external initializer {
-        AddressLib.checkNonZeroAddress(_staderConfig);
-        AddressLib.checkNonZeroAddress(_ratedOracleAddress);
+        UtilLib.checkNonZeroAddress(_staderConfig);
+        UtilLib.checkNonZeroAddress(_ratedOracleAddress);
         __AccessControl_init_unchained();
 
         staderConfig = IStaderConfig(_staderConfig);
@@ -45,57 +44,46 @@ contract Penalty is IPenalty, Initializable, AccessControlUpgradeable {
     }
 
     /// @inheritdoc IPenalty
-    function setAdditionalPenaltyAmount(bytes calldata _pubkey, uint256 _amount)
-        external
-        override
-        onlyRole(STADER_DAO)
-    {
+    function setAdditionalPenaltyAmount(bytes calldata _pubkey, uint256 _amount) external override {
+        UtilLib.onlyManagerRole(msg.sender, staderConfig);
         bytes32 pubkeyRoot = getPubkeyRoot(_pubkey);
         additionalPenaltyAmount[pubkeyRoot] += _amount;
 
         emit UpdatedAdditionalPenaltyAmount(_pubkey, _amount);
     }
 
     /// @inheritdoc IPenalty
-    function updateMEVTheftPenaltyPerStrike(uint256 _mevTheftPenaltyPerStrike)
-        external
-        override
-        onlyRole(DEFAULT_ADMIN_ROLE)
-    {
+    function updateMEVTheftPenaltyPerStrike(uint256 _mevTheftPenaltyPerStrike) external override {
+        UtilLib.onlyManagerRole(msg.sender, staderConfig);
         mevTheftPenaltyPerStrike = _mevTheftPenaltyPerStrike;
         emit UpdatedMEVTheftPenaltyPerStrike(_mevTheftPenaltyPerStrike);
     }
 
     /// @inheritdoc IPenalty
-    function updateMissedAttestationPenaltyPerStrike(uint256 _missedAttestationPenaltyPerStrike)
-        external
-        override
-        onlyRole(DEFAULT_ADMIN_ROLE)
-    {
+    function updateMissedAttestationPenaltyPerStrike(uint256 _missedAttestationPenaltyPerStrike) external override {
+        UtilLib.onlyManagerRole(msg.sender, staderConfig);
         missedAttestationPenaltyPerStrike = _missedAttestationPenaltyPerStrike;
         emit UpdatedMissedAttestationPenaltyPerStrike(_missedAttestationPenaltyPerStrike);
     }
 
     /// @inheritdoc IPenalty
-    function updateValidatorExitPenaltyThreshold(uint256 _validatorExitPenaltyThreshold)
-        external
-        override
-        onlyRole(DEFAULT_ADMIN_ROLE)
-    {
+    function updateValidatorExitPenaltyThreshold(uint256 _validatorExitPenaltyThreshold) external override {
+        UtilLib.onlyManagerRole(msg.sender, staderConfig);
         validatorExitPenaltyThreshold = _validatorExitPenaltyThreshold;
         emit UpdatedValidatorExitPenaltyThreshold(_validatorExitPenaltyThreshold);
     }
 
     /// @inheritdoc IPenalty
-    function updateRatedOracleAddress(address _ratedOracleAddress) external override onlyRole(DEFAULT_ADMIN_ROLE) {
-        AddressLib.checkNonZeroAddress(_ratedOracleAddress);
+    function updateRatedOracleAddress(address _ratedOracleAddress) external override {
+        UtilLib.onlyManagerRole(msg.sender, staderConfig);
+        UtilLib.checkNonZeroAddress(_ratedOracleAddress);
         ratedOracleAddress = _ratedOracleAddress;
         emit UpdatedPenaltyOracleAddress(_ratedOracleAddress);
     }
 
     //update the address of staderConfig
     function updateStaderConfig(address _staderConfig) external override onlyRole(DEFAULT_ADMIN_ROLE) {
-        AddressLib.checkNonZeroAddress(_staderConfig);
+        UtilLib.checkNonZeroAddress(_staderConfig);
         staderConfig = IStaderConfig(_staderConfig);
         emit UpdatedStaderConfig(_staderConfig);
     }