From e4e11d270b9def6ab9a8f91a7b08e6df1574ffd9 Mon Sep 17 00:00:00 2001
From: Serhii Volovyk <SergeyVolovyk@gmail.com>
Date: Tue, 18 Feb 2025 11:58:22 +0200
Subject: [PATCH] restrict 10x

---
 .../contracts/ChainSignatures.sol             |  3 ++-
 .../contract-eth/test/ChainSignatures.test.js | 23 +++++++++++++++++--
 2 files changed, 23 insertions(+), 3 deletions(-)

diff --git a/chain-signatures/contract-eth/contracts/ChainSignatures.sol b/chain-signatures/contract-eth/contracts/ChainSignatures.sol
index 7df9f4bb..fb1c6c50 100644
--- a/chain-signatures/contract-eth/contracts/ChainSignatures.sol
+++ b/chain-signatures/contract-eth/contracts/ChainSignatures.sol
@@ -110,7 +110,8 @@ contract ChainSignatures is AccessControl {
      * @param _request The signature request details.
      */
     function sign(SignRequest memory _request) external payable {
-        require(msg.value == signatureDeposit, "Insufficient deposit");
+        require(msg.value >= signatureDeposit, "Insufficient deposit");
+        require(msg.value <= signatureDeposit * 10, "Deposit too high");
 
         emit SignatureRequested(
             msg.sender,
diff --git a/chain-signatures/contract-eth/test/ChainSignatures.test.js b/chain-signatures/contract-eth/test/ChainSignatures.test.js
index 686cc6bd..d5ec3571 100644
--- a/chain-signatures/contract-eth/test/ChainSignatures.test.js
+++ b/chain-signatures/contract-eth/test/ChainSignatures.test.js
@@ -18,9 +18,9 @@ describe("ChainSignatures", function () {
   describe("Changing signatureDeposit", function () {
     it("Should change signatureDeposit by setSignatureDeposit", async function () {
       const requiredDepositBeforeChange = await chainSignatures.getSignatureDeposit();
-      const depositExpectedInWei = ethers.parseUnits("50000", "gwei"); 
+      const depositExpectedInWei = ethers.parseUnits("50000", "gwei");
       expect(requiredDepositBeforeChange).to.equal(depositExpectedInWei);
-      const depositToSetInWei = ethers.parseUnits("100000", "gwei"); 
+      const depositToSetInWei = ethers.parseUnits("100000", "gwei");
       await chainSignatures.connect(owner).setSignatureDeposit(depositToSetInWei);
       const requiredDepositAfterChange = await chainSignatures.getSignatureDeposit();
       expect(requiredDepositAfterChange).to.equal(depositToSetInWei);
@@ -162,5 +162,24 @@ describe("ChainSignatures", function () {
       expect(parsedEvent.args[1]).to.equal(addr2.address);
       expect(parsedEvent.args[2]).to.equal(errorMessage);
     });
+
+    it("Should not accept a signature deposit with 10x of required deposit", async function () {
+      const payload = ethers.keccak256(ethers.toUtf8Bytes("Test payload"));
+      const path = "test/path";
+      const requiredDeposit = await chainSignatures.getSignatureDeposit();
+
+      const maxDeposit = requiredDeposit * 10n;
+      await expect(chainSignatures.connect(addr1).sign({ payload, path, keyVersion: 0, algo: "", dest: "", params: "" }, { value: maxDeposit }))
+        .to.emit(chainSignatures, "SignatureRequested")
+        .withArgs(addr1.address, payload, 0, maxDeposit, 31337, path, "", "", "");
+
+      const excessiveDeposit = requiredDeposit * 10n + 1n;
+      await expect(
+        chainSignatures.connect(addr1).sign(
+          { payload, path, keyVersion: 0, algo: "", dest: "", params: "" },
+          { value: excessiveDeposit }
+        )
+      ).to.be.revertedWith("Deposit too high");
+    });
   });
 });