add domain separator to redeem code

contracts/Bucket.sol

@@ -13,7 +13,7 @@ abstract contract Bucket is OwnableUpgradeSafe {
 
   bytes32 constant REDEEM_TYPEHASH = keccak256("Redeem(uint256 blockNumber,bytes32 blockHash,address receiver,bytes32 code)");
   bytes32 constant EIP712DOMAIN_TYPEHASH = keccak256("EIP712Domain(string name,string version,uint256 chainId,address verifyingContract)");
-  bytes32 DOMAIN_SEPARATOR;
+  bytes32 public DOMAIN_SEPARATOR;
 
   string _relayerURI;
 
@@ -86,7 +86,7 @@ abstract contract Bucket is OwnableUpgradeSafe {
     require(redeemable.recipient == recipient, "not found");
 
     // validate code
-    bytes32 codeHash = keccak256(abi.encodePacked(_redeem.code));
+    bytes32 codeHash = keccak256(abi.encodePacked(DOMAIN_SEPARATOR, redeemable.recipient, _redeem.code));
     require(codeHash == redeemable.code, "invalid code");
 
     uint256 data = redeemable.data;

migrations/01_initial_migration.js

@@ -9,7 +9,7 @@ module.exports = function(deployer, network) {
   deployer.deploy(NFTBucketFactory);
   deployer.deploy(ERC20BucketFactory);
 
-  if (network === "development") {
+  if (network === "development" || network === "test") {
     deployer.deploy(TestToken, "Dev Test Token", "DTT", 18);
     deployer.deploy(TestNFT);
   }

test/erc20_spec.js

@@ -86,6 +86,7 @@ function mineAt(timestamp) {
 
 contract("ERC20Bucket", function () {
   let bucketInstance,
+    domainSeparator,
     factoryInstance,
     tokenInstance,
     shop,
@@ -134,6 +135,7 @@ contract("ERC20Bucket", function () {
     });
 
     bucketInstance = new web3.eth.Contract(ERC20Bucket.abi, rec.options.address);
+    domainSeparator = await bucketInstance.methods.DOMAIN_SEPARATOR().call();
   });
 
   it("deploy bucket via factory", async () => {
@@ -196,7 +198,7 @@ contract("ERC20Bucket", function () {
     let initialSupply = await bucketInstance.methods.totalSupply().call();
     let initialAvailableSupply = await bucketInstance.methods.availableSupply().call();
 
-    const redeemCodeHash = web3.utils.sha3(REDEEM_CODE);
+    const redeemCodeHash = web3.utils.soliditySha3(domainSeparator, keycard, REDEEM_CODE);
     const createRedeemable = bucketInstance.methods.createRedeemable(keycard, amount, redeemCodeHash);
     const createRedeemableGas = await createRedeemable.estimateGas();
     await createRedeemable.send({

test/nft_contract_spec.js

@@ -91,6 +91,7 @@ if (assert.match === undefined) {
 
 contract("NFTBucket", function () {
   let bucketInstance,
+    domainSeparator,
     factoryInstance,
     tokenInstance,
     shop,
@@ -141,6 +142,7 @@ contract("NFTBucket", function () {
     });
 
     bucketInstance = new web3.eth.Contract(NFTBucket.abi, rec.options.address);
+    domainSeparator = await bucketInstance.methods.DOMAIN_SEPARATOR().call();
   });
 
   it("deploy bucket via factory", async () => {
@@ -159,7 +161,7 @@ contract("NFTBucket", function () {
 
 
   function createRedeemableData(recipient) {
-      const redeemCodeHash = web3.utils.sha3(REDEEM_CODE);
+      const redeemCodeHash = web3.utils.soliditySha3(domainSeparator, recipient, REDEEM_CODE);
       return recipient + redeemCodeHash.replace("0x", "");
   }
 

truffle-config.js

@@ -45,11 +45,11 @@ module.exports = {
     // tab if you use this network and you must also set the `host`, `port` and `network_id`
     // options below to some value.
     //
-    development: {
+    // development: {
-     host: "127.0.0.1",     // Localhost (default: none)
+    //  host: "127.0.0.1",     // Localhost (default: none)
-     port: 7545,            // Standard Ethereum port (default: none)
+    //  port: 7545,            // Standard Ethereum port (default: none)
-     network_id: "*",       // Any network (default: none)
+    //  network_id: "*",       // Any network (default: none)
-    },
+    // },
 
     // Another network with more advanced options...
     // advanced: {