From fdf8d4897ed045a0c97208876e02720846d92238 Mon Sep 17 00:00:00 2001 From: Dimitris Lamprinos Date: Tue, 24 Mar 2026 13:59:02 +0200 Subject: [PATCH 1/2] Make bridge mutable by admin on waitlist contract --- protocol/src/DepositWaitingList.sol | 8 +++++++- 1 file changed, 7 insertions(+), 1 deletion(-) diff --git a/protocol/src/DepositWaitingList.sol b/protocol/src/DepositWaitingList.sol index 09c9e8c2..a213b5a7 100644 --- a/protocol/src/DepositWaitingList.sol +++ b/protocol/src/DepositWaitingList.sol @@ -20,6 +20,7 @@ contract DepositWaitingList is AccessControl { error AmountBelowReserve(); error InvalidReserveBalance(); + event BridgeUpdated(address indexed oldBridge, address indexed newBridge); event WaitingDepositCreated( uint256 indexed depositId, address indexed from, @@ -42,7 +43,7 @@ contract DepositWaitingList is AccessControl { address to; } - Bridge public immutable bridge; + Bridge public bridge; mapping(uint256 => bytes32) public depositHashes; uint256 public nextDepositId; @@ -143,6 +144,11 @@ contract DepositWaitingList is AccessControl { IERC20(token).approve(address(bridge), type(uint256).max); } + function setBridge(address _bridge) external onlyRole(DEFAULT_ADMIN_ROLE) { + emit BridgeUpdated(address(bridge), _bridge); + bridge = Bridge(_bridge); + } + function _applyPermit(address token, address owner, uint256 amount, bytes calldata permit) internal { if (permit.length == 0) return; if (permit.length != PERMIT_LENGTH) revert InvalidPermitLength(); From 0937b3290e534d1c493979a00e99561bbde60748 Mon Sep 17 00:00:00 2001 From: Dimitris Lamprinos Date: Tue, 24 Mar 2026 14:04:59 +0200 Subject: [PATCH 2/2] Implement revokeToken --- protocol/src/DepositWaitingList.sol | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/protocol/src/DepositWaitingList.sol b/protocol/src/DepositWaitingList.sol index a213b5a7..67a30d38 100644 --- a/protocol/src/DepositWaitingList.sol +++ b/protocol/src/DepositWaitingList.sol @@ -144,6 +144,10 @@ contract DepositWaitingList is AccessControl { IERC20(token).approve(address(bridge), type(uint256).max); } + function revokeToken(address token) external onlyRole(RELAYER_ROLE) { + IERC20(token).approve(address(bridge), 0); + } + function setBridge(address _bridge) external onlyRole(DEFAULT_ADMIN_ROLE) { emit BridgeUpdated(address(bridge), _bridge); bridge = Bridge(_bridge);