[Lido Audit OZ]: Lido Audit Fix (#698)

Co-authored-by: JOMOKING <[email protected]>
Co-authored-by: vincent <[email protected]>

contracts/contracts/lido/L1LidoGateway.sol

@@ -11,6 +11,9 @@ import {GatewayBase} from "../libraries/gateway/GatewayBase.sol";
 import {LidoBridgeableTokens} from "./LidoBridgeableTokens.sol";
 import {LidoGatewayManager} from "./LidoGatewayManager.sol";
 
+/**
+ * @custom:security-contact [email protected]
+ */
 contract L1LidoGateway is L1ERC20Gateway, LidoBridgeableTokens, LidoGatewayManager {
     /**********
      * Errors *
@@ -39,8 +42,9 @@ contract L1LidoGateway is L1ERC20Gateway, LidoBridgeableTokens, LidoGatewayManag
     /// @param _l1Token The address of the bridged token in the L1 chain
     /// @param _l2Token The address of the token minted on the L2 chain when token bridged
     constructor(address _l1Token, address _l2Token) LidoBridgeableTokens(_l1Token, _l2Token) {
-        require(_l1Token != address(0), "zero l1token address");
-        require(_l2Token != address(0), "zero l2Token address");
+        if (_l1Token == address(0) || _l2Token ==address(0)){
+              revert ErrorZeroAddress();
+        }
 
         _disableInitializers();
     }
@@ -121,16 +125,17 @@ contract L1LidoGateway is L1ERC20Gateway, LidoBridgeableTokens, LidoGatewayManag
         if (_data.length != 0) revert DepositAndCallIsNotAllowed();
 
         // 2. Generate message passed to L2LidoGateway.
+        address _l2Token = l2Token;
         bytes memory _message = abi.encodeCall(
             IL2ERC20Gateway.finalizeDepositERC20,
-            (_token, l2Token, _from, _to, _amount, _data)
+            (_token, _l2Token, _from, _to, _amount, _data)
         );
 
         uint256 nonce = IL1CrossDomainMessenger(messenger).messageNonce();
 
         // 3. Send message to L1CrossDomainMessenger.
         IL1CrossDomainMessenger(messenger).sendMessage{value: msg.value}(counterpart, 0, _message, _gasLimit, _from);
 
-        emit DepositERC20(_token, l2Token, _from, _to, _amount, _data, nonce);
+        emit DepositERC20(_token, _l2Token, _from, _to, _amount, _data, nonce);
     }
 }

contracts/contracts/lido/L2LidoGateway.sol

@@ -12,6 +12,9 @@ import {GatewayBase} from "../libraries/gateway/GatewayBase.sol";
 import {LidoBridgeableTokens} from "./LidoBridgeableTokens.sol";
 import {LidoGatewayManager} from "./LidoGatewayManager.sol";
 
+/**
+ * @custom:security-contact [email protected]
+ */
 contract L2LidoGateway is L2ERC20Gateway, LidoBridgeableTokens, LidoGatewayManager {
     /**********
      * Errors *
@@ -40,8 +43,9 @@ contract L2LidoGateway is L2ERC20Gateway, LidoBridgeableTokens, LidoGatewayManag
     /// @param _l1Token The address of the bridged token in the L1 chain
     /// @param _l2Token The address of the token minted on the L2 chain when token bridged
     constructor(address _l1Token, address _l2Token) LidoBridgeableTokens(_l1Token, _l2Token) {
-        require(_l1Token != address(0), "zero l1token address");
-        require(_l2Token != address(0), "zero l2Token address");
+        if (_l1Token == address(0) || _l2Token ==address(0)){
+              revert ErrorZeroAddress();
+        }
 
         _disableInitializers();
     }
@@ -59,7 +63,7 @@ contract L2LidoGateway is L2ERC20Gateway, LidoBridgeableTokens, LidoGatewayManag
 
     /// @notice Initialize the storage of L2LidoGateway v2.
     /// @param _depositsEnabler The address of user who can enable deposits
-    /// @param _depositsEnabler The address of user who can disable deposits
+    /// @param _depositsDisabler The address of user who can disable deposits
     /// @param _withdrawalsEnabler The address of user who can enable withdrawals
     /// @param _withdrawalsDisabler The address of user who can disable withdrawals
     function initializeV2(
@@ -152,16 +156,17 @@ contract L2LidoGateway is L2ERC20Gateway, LidoBridgeableTokens, LidoGatewayManag
         IMorphERC20Upgradeable(_l2Token).burn(_from, _amount);
 
         // 3. Generate message passed to L1LidoGateway.
+        address _l1Token = l1Token;
         bytes memory _message = abi.encodeCall(
             IL1ERC20Gateway.finalizeWithdrawERC20,
-            (l1Token, _l2Token, _from, _to, _amount, _data)
+            (_l1Token, _l2Token, _from, _to, _amount, _data)
         );
 
         uint256 nonce = IL2CrossDomainMessenger(messenger).messageNonce();
 
         // 4. send message to L2CrossDomainMessenger
         IL2CrossDomainMessenger(messenger).sendMessage{value: msg.value}(counterpart, 0, _message, _gasLimit);
 
-        emit WithdrawERC20(l1Token, _l2Token, _from, _to, _amount, _data, nonce);
+        emit WithdrawERC20(_l1Token, _l2Token, _from, _to, _amount, _data, nonce);
     }
 }

contracts/contracts/lido/L2WstETHToken.sol

@@ -8,7 +8,20 @@ import {SignatureCheckerUpgradeable} from "@openzeppelin/contracts-upgradeable/u
 
 import {MorphStandardERC20} from "../libraries/token/MorphStandardERC20.sol";
 
+/**
+ * @custom:security-contact [email protected]
+ */
 contract L2WstETHToken is MorphStandardERC20 {
+    /**********
+     * Errors *
+     **********/
+
+    /// @dev Thrown when the deadline is expired.
+    error ErrorExpiredDeadline();
+
+    /// @dev Thrown when the given signature is invalid.
+    error ErrorInvalidSignature();
+
     /*************
      * Constants *
      *************/
@@ -33,16 +46,16 @@ contract L2WstETHToken is MorphStandardERC20 {
         bytes32 r,
         bytes32 s
     ) public virtual override(ERC20PermitUpgradeable, IERC20PermitUpgradeable) {
-        require(block.timestamp <= deadline, "ERC20Permit: expired deadline");
-
+        if (block.timestamp > deadline) {
+            revert ErrorExpiredDeadline();
+        }
         bytes32 structHash = keccak256(abi.encode(_PERMIT_TYPEHASH, owner, spender, value, _useNonce(owner), deadline));
 
         bytes32 hash = _hashTypedDataV4(structHash);
 
-        require(
-            SignatureCheckerUpgradeable.isValidSignatureNow(owner, hash, abi.encodePacked(r, s, v)),
-            "ERC20Permit: invalid signature"
-        );
+        if (!SignatureCheckerUpgradeable.isValidSignatureNow(owner, hash, abi.encodePacked(r, s, v))){
+            revert ErrorInvalidSignature();
+        }
 
         _approve(owner, spender, value);
     }

contracts/contracts/lido/LidoBridgeableTokens.sol

@@ -2,6 +2,9 @@
 
 pragma solidity =0.8.24;
 
+/**
+ * @custom:security-contact [email protected]
+ */
 abstract contract LidoBridgeableTokens {
     /*************
      * Constants *
@@ -17,6 +20,9 @@ abstract contract LidoBridgeableTokens {
      * Errors *
      **********/
 
+    /// @dev Thrown when the given address is `address(0)`.
+    error ErrorZeroAddress();
+
     /// @dev Thrown the given `l1Token` is not supported.
     error ErrorUnsupportedL1Token();
 

contracts/contracts/lido/LidoGatewayManager.sol

@@ -8,6 +8,9 @@ import {GatewayBase} from "../libraries/gateway/GatewayBase.sol";
 
 // solhint-disable func-name-mixedcase
 
+/**
+ * @custom:security-contact [email protected]
+ */
 abstract contract LidoGatewayManager is GatewayBase {
     using EnumerableSetUpgradeable for EnumerableSetUpgradeable.AddressSet;
 
@@ -128,7 +131,7 @@ abstract contract LidoGatewayManager is GatewayBase {
 
     /// @notice Initialize the storage of LidoGatewayManager.
     /// @param _depositsEnabler The address of user who can enable deposits
-    /// @param _depositsEnabler The address of user who can disable deposits
+    /// @param _depositsDisabler The address of user who can disable deposits
     /// @param _withdrawalsEnabler The address of user who can enable withdrawals
     /// @param _withdrawalsDisabler The address of user who can disable withdrawals
     function __LidoGatewayManager_init(