feat: use ACM instead of onlyOwner

contracts/Bridge/XVSProxyOFTDest.sol

@@ -4,17 +4,12 @@ pragma solidity 0.8.13;
 import { ProxyOFTV2 } from "./oft/ProxyOFTV2.sol";
 import { ILayerZeroUserApplicationConfig } from "./interfaces/ILayerZeroUserApplicationConfig.sol";
 import { Pausable } from "@openzeppelin/contracts/security/Pausable.sol";
-import { IAccessControlManagerV8 } from "@venusprotocol/governance-contracts/contracts/Governance/IAccessControlManagerV8.sol";
 import { IXVS } from "./interfaces/IXVS.sol";
 import { ResilientOracleInterface } from "@venusprotocol/oracle/contracts/interfaces/OracleInterface.sol";
 import { ensureNonzeroAddress } from "../lib/validators.sol";
-import { EXP_SCALE } from "../lib/constants.sol";
+import { ExponentialNoError } from "../ExponentialNoError.sol";
 
-contract XVSProxyOFTDest is Pausable, ILayerZeroUserApplicationConfig, ProxyOFTV2 {
-    /**
-     * @notice Address of access control manager contract.
-     */
-    address public accessControlManager;
+contract XVSProxyOFTDest is Pausable, ILayerZeroUserApplicationConfig, ExponentialNoError, ProxyOFTV2 {
     /**
      * @notice The address of ResilientOracle contract wrapped in its interface.
      */
@@ -189,20 +184,19 @@ contract XVSProxyOFTDest is Pausable, ILayerZeroUserApplicationConfig, ProxyOFTV
         uint16 dstChainId_,
         uint256 amount_
     ) internal {
-        if (whitelist[from_]) {
-            return;
-        }
+        bool isWhiteListedUser = whitelist[from_];
+
         uint256 amountInUsd;
-        uint256 oraclePrice = oracle.getPrice(address(innerToken));
-        amountInUsd = (oraclePrice * amount_) / EXP_SCALE;
+        Exp memory oraclePrice = Exp({ mantissa: oracle.getPrice(address(innerToken)) });
+        amountInUsd = mul_ScalarTruncate(oraclePrice, amount_);
 
         uint256 currentBlock = block.timestamp;
         uint256 lastDayWindowStart = chainIdToLast24HourWindowStart[dstChainId_];
         uint256 transferredInWindow = chainIdToLast24HourTransferred[dstChainId_];
         uint256 maxSingleTransactionLimit = chainIdToMaxSingleTransactionLimit[dstChainId_];
         uint256 maxDailyLimit = chainIdToMaxDailyLimit[dstChainId_];
 
-        if (amountInUsd > maxSingleTransactionLimit) {
+        if (amountInUsd > maxSingleTransactionLimit && !isWhiteListedUser) {
             revert MaxSingleTransactionLimitExceed(amountInUsd, maxSingleTransactionLimit);
         }
 
@@ -213,18 +207,10 @@ contract XVSProxyOFTDest is Pausable, ILayerZeroUserApplicationConfig, ProxyOFTV
             transferredInWindow += amountInUsd;
         }
 
-        if (transferredInWindow > maxDailyLimit) {
+        if (transferredInWindow > maxDailyLimit && !isWhiteListedUser) {
             revert MaxDailyLimitExceed(amountInUsd, maxDailyLimit);
         }
         chainIdToLast24HourTransferred[dstChainId_] = transferredInWindow;
         return;
     }
-
-    /// @dev Checks the caller is allowed to call the specified fuction
-    function _ensureAllowed(string memory functionSig_) internal view {
-        require(
-            IAccessControlManagerV8(accessControlManager).isAllowedToCall(msg.sender, functionSig_),
-            "access denied"
-        );
-    }
 }

contracts/Bridge/XVSProxyOFTSrc.sol

@@ -4,17 +4,11 @@ pragma solidity 0.8.13;
 import { ProxyOFTV2 } from "./oft/ProxyOFTV2.sol";
 import { ILayerZeroUserApplicationConfig } from "./interfaces/ILayerZeroUserApplicationConfig.sol";
 import { Pausable } from "@openzeppelin/contracts/security/Pausable.sol";
-import { IAccessControlManagerV8 } from "@venusprotocol/governance-contracts/contracts/Governance/IAccessControlManagerV8.sol";
 import { ResilientOracleInterface } from "@venusprotocol/oracle/contracts/interfaces/OracleInterface.sol";
 import { ensureNonzeroAddress } from "../lib/validators.sol";
-import { EXP_SCALE } from "../lib/constants.sol";
 import { ExponentialNoError } from "../ExponentialNoError.sol";
 
 contract XVSProxyOFTSrc is Pausable, ILayerZeroUserApplicationConfig, ExponentialNoError, ProxyOFTV2 {
-    /**
-     * @notice Address of access control manager contract.
-     */
-    address public accessControlManager;
     /**
      * @notice The address of ResilientOracle contract wrapped in its interface.
      */
@@ -174,7 +168,11 @@ contract XVSProxyOFTSrc is Pausable, ILayerZeroUserApplicationConfig, Exponentia
         return super._debitFrom(from_, dstChainId_, toAddress_, amount_);
     }
 
-    function _isEligibleToSend(address from_, uint16 dstChainId_, uint256 amount_) internal {
+    function _isEligibleToSend(
+        address from_,
+        uint16 dstChainId_,
+        uint256 amount_
+    ) internal {
         bool isWhiteListedUser = whitelist[from_];
 
         uint256 amountInUsd;
@@ -204,12 +202,4 @@ contract XVSProxyOFTSrc is Pausable, ILayerZeroUserApplicationConfig, Exponentia
         chainIdToLast24HourTransferred[dstChainId_] = transferredInWindow;
         return;
     }
-
-    /// @dev Checks the caller is allowed to call the specified fuction
-    function _ensureAllowed(string memory functionSig_) internal view {
-        require(
-            IAccessControlManagerV8(accessControlManager).isAllowedToCall(msg.sender, functionSig_),
-            "access denied"
-        );
-    }
 }

contracts/Bridge/lzApp/LzApp.sol

@@ -3,6 +3,7 @@
 pragma solidity ^0.8.0;
 
 import { Ownable } from "@openzeppelin/contracts/access/Ownable.sol";
+import { IAccessControlManagerV8 } from "@venusprotocol/governance-contracts/contracts/Governance/IAccessControlManagerV8.sol";
 import { ILayerZeroReceiver } from "../interfaces/ILayerZeroReceiver.sol";
 import { ILayerZeroEndpoint } from "../interfaces/ILayerZeroEndpoint.sol";
 import { BytesLib } from "../util/BytesLib.sol";
@@ -12,6 +13,10 @@ import { BytesLib } from "../util/BytesLib.sol";
  */
 abstract contract LzApp is Ownable, ILayerZeroReceiver {
     using BytesLib for bytes;
+    /**
+     * @notice Address of access control manager contract.
+     */
+    address public accessControlManager;
 
     // ua can not send payload larger than this by default, but it can be changed by the ua owner
     uint256 public constant DEFAULT_PAYLOAD_SIZE_LIMIT = 10000;
@@ -121,23 +126,27 @@ abstract contract LzApp is Ownable, ILayerZeroReceiver {
 
     // _path = abi.encodePacked(remoteAddress, localAddress)
     // this function set the trusted path for the cross-chain communication
-    function setTrustedRemote(uint16 _remoteChainId, bytes calldata _path) external onlyOwner {
+    function setTrustedRemote(uint16 _remoteChainId, bytes calldata _path) external {
+        _ensureAllowed("setTrustedRemote(uint16,bytes)");
         trustedRemoteLookup[_remoteChainId] = _path;
         emit SetTrustedRemote(_remoteChainId, _path);
     }
 
-    function setTrustedRemoteAddress(uint16 _remoteChainId, bytes calldata _remoteAddress) external onlyOwner {
+    function setTrustedRemoteAddress(uint16 _remoteChainId, bytes calldata _remoteAddress) external {
+        _ensureAllowed("setTrustedRemoteAddress(uint16,bytes)");
         trustedRemoteLookup[_remoteChainId] = abi.encodePacked(_remoteAddress, address(this));
         emit SetTrustedRemoteAddress(_remoteChainId, _remoteAddress);
     }
 
     function getTrustedRemoteAddress(uint16 _remoteChainId) external view returns (bytes memory) {
+        _ensureAllowed("getTrustedRemoteAddress(uint16)");
         bytes memory path = trustedRemoteLookup[_remoteChainId];
         require(path.length != 0, "LzApp: no trusted path record");
         return path.slice(0, path.length - 20); // the last 20 bytes should be address(this)
     }
 
-    function setPrecrime(address _precrime) external onlyOwner {
+    function setPrecrime(address _precrime) external {
+        _ensureAllowed("setPrecrime(address)");
         precrime = _precrime;
         emit SetPrecrime(_precrime);
     }
@@ -146,14 +155,16 @@ abstract contract LzApp is Ownable, ILayerZeroReceiver {
         uint16 _dstChainId,
         uint16 _packetType,
         uint256 _minGas
-    ) external onlyOwner {
+    ) external {
+        _ensureAllowed("setMinDstGas(uint16,uint16,uint256)");
         require(_minGas > 0, "LzApp: invalid minGas");
         minDstGasLookup[_dstChainId][_packetType] = _minGas;
         emit SetMinDstGas(_dstChainId, _packetType, _minGas);
     }
 
     // if the size is 0, it means default size limit
-    function setPayloadSizeLimit(uint16 _dstChainId, uint256 _size) external onlyOwner {
+    function setPayloadSizeLimit(uint16 _dstChainId, uint256 _size) external {
+        _ensureAllowed("setPayloadSizeLimit(uint16,uint256)");
         payloadSizeLimitLookup[_dstChainId] = _size;
     }
 
@@ -162,4 +173,12 @@ abstract contract LzApp is Ownable, ILayerZeroReceiver {
         bytes memory trustedSource = trustedRemoteLookup[_srcChainId];
         return keccak256(trustedSource) == keccak256(_srcAddress);
     }
+
+    /// @dev Checks the caller is allowed to call the specified fuction
+    function _ensureAllowed(string memory functionSig_) internal view {
+        require(
+            IAccessControlManagerV8(accessControlManager).isAllowedToCall(msg.sender, functionSig_),
+            "access denied"
+        );
+    }
 }

contracts/Bridge/oft/OFTCoreV2.sol

@@ -75,7 +75,8 @@ abstract contract OFTCoreV2 is NonblockingLzApp {
         );
     }
 
-    function setUseCustomAdapterParams(bool _useCustomAdapterParams) public virtual onlyOwner {
+    function setUseCustomAdapterParams(bool _useCustomAdapterParams) public virtual {
+        _ensureAllowed("setUseCustomAdapterParams(bool)");
         useCustomAdapterParams = _useCustomAdapterParams;
         emit SetUseCustomAdapterParams(_useCustomAdapterParams);
     }