base-org · suraneti · Oct 17, 2024
diff --git a/contracts/src/IRIP7755Registry.sol b/contracts/src/IRIP7755Registry.sol
@@ -0,0 +1,26 @@
+// SPDX-License-Identifier: MIT
+pragma solidity 0.8.24;
+
+/// @title RIP7755Registry Interface
+///
+/// @notice An interface for the RIP-7755 registry contract. This interface defines the methods
+/// that allow contracts to check, add, or remove trusted origination contracts.
+interface IRIP7755Registry {
+
+    /// @notice Checks if a given origination contract is trusted
+    ///
+    /// @param originationContract The address of the origination contract
+    ///
+    /// @return _ A status indicating whether the contract is trusted
+    function checkTrustedContract(address originationContract) external view returns (bool);
+
+    /// @notice Adds an origination contract to the trusted list
+    ///
+    /// @param originationContract The address of the origination contract to be trusted
+    function addTrustedContract(address originationContract) external;
+
+    /// @notice Removes an origination contract from the trusted list
+    ///
+    /// @param originationContract The address of the origination contract to be removed
+    function removeTrustedContract(address originationContract) external;
+}
diff --git a/contracts/src/RIP7755Registry.sol b/contracts/src/RIP7755Registry.sol
@@ -0,0 +1,41 @@
+// SPDX-License-Identifier: MIT
+pragma solidity 0.8.24;
+
+import {Ownable} from "@openzeppelin/contracts/access/Ownable.sol";
+import {Address} from "openzeppelin-contracts/contracts/utils/Address.sol";
+
+/// @title RIP7755Registry
+///
+/// @author Coinbase (https://github.com/base-org/RIP-7755-poc)
+///
+/// @notice A registry contract within RIP-7755. This contract serves as a registry for managing
+/// and verifying trusted origination contracts.
+contract RIP7755Registry is Ownable {
+    using Address for address;
+
+    /// @notice A mapping that tracks whether an origination contract is trusted
+    mapping(address => bool) private _trustedContract;
+
+    /// @notice Checks if a given origination contract is trusted
+    ///
+    /// @param originationContract The address of the origination contract
+    ///
+    /// @return _ A status indicating whether the contract is trusted
+    function checkTrustedContract(address originationContract) external view returns (bool) {
+        return _trustedContract[originationContract];
+    }
+
+    /// @notice Adds an origination contract to the trusted list
+    ///
+    /// @param originationContract The address of the origination contract to be trusted
+    function addTrustedContract(address originationContract) external onlyOwner {
+        _trustedContract[originationContract] = true;
+    }
+
+    /// @notice Removes an origination contract from the trusted list
+    ///
+    /// @param originationContract The address of the origination contract to be removed
+    function removeTrustedContract(address originationContract) external onlyOwner {
+        _trustedContract[originationContract] = false;
+    }
+}
diff --git a/contracts/src/RIP7755Verifier.sol b/contracts/src/RIP7755Verifier.sol
@@ -4,6 +4,7 @@ pragma solidity 0.8.24;
 import {Address} from "openzeppelin-contracts/contracts/utils/Address.sol";
 
 import {IPrecheckContract} from "./IPrecheckContract.sol";
+import {IRIP7755Registry} from "./IRIP7755Registry.sol";
 import {CrossChainRequest} from "./RIP7755Structs.sol";
 
 /// @title RIP7755Verifier
@@ -31,6 +32,9 @@ contract RIP7755Verifier {
     // Main storage location used as the base for the fulfillmentInfo mapping following EIP-7201. (keccak256("RIP-7755"))
     bytes32 private constant _MAIN_STORAGE_LOCATION = 0x43f1016e17bdb0194ec37b77cf476d255de00011d02616ab831d2e2ce63d9ee2;
 
+    // Address of the RIP7755Registry contract 
+    IRIP7755Registry private _registry;
+
     /// @notice Event emitted when a cross chain call is fulfilled
     /// @param requestHash The keccak256 hash of a `CrossChainRequest`
     /// @param fulfilledBy The account that fulfilled the cross chain call
@@ -42,9 +46,16 @@ contract RIP7755Verifier {
     /// @notice This error is thrown when an account submits a cross chain call with a `verifyingContract` different than this contract's address
     error InvalidVerifyingContract();
 
+    /// @notice This error is thrown when an account submits a cross chain call with a `originationContract` untrusted contract's address
+    error UntrustedOriginationContract();
+
     /// @notice This error is thrown when an account attempts to submit a cross chain call that has already been fulfilled
     error CallAlreadyFulfilled();
 
+    constructor(IRIP7755Registry registry) {
+        _registry = registry;
+    }
+
     /// @notice Returns the stored fulfillment info for a passed in call hash
     ///
     /// @param requestHash A keccak256 hash of a CrossChainRequest
@@ -72,7 +83,10 @@ contract RIP7755Verifier {
             IPrecheckContract(request.precheckContract).precheckCall(request, msg.sender);
         }
 
-        // TODO: Check for trusted originationContract
+        // Check for trusted originationContract
+        if (!IRIP7755Registry(_registry).checkTrustedContract(request.originationContract)) {
+            revert UntrustedOriginationContract();
+        }
 
         bytes32 requestHash = hashRequest(request);