Edge case first tx auth transfer issue

[cag]

There's an issue with using the CPKFactory:

https://github.com/gnosis/contract-proxy-kit/blob/bd3e9160a3c4e7c14f34bb5674475eee8560a629/contracts/CPKFactory.sol#L44

Specifically, the line above could fail but the whole transaction could succeed. Should have required the transaction to succeed.

[gitpusha]

Hi everyone. Let me know if I can provide more information on the bug.

[gitpusha]

So this is how I discovered the bug 🐛

I used CPK 1.1.1.

I instantiated the cpk with some modifications to the Rinkeby network:

Notably I use the new gnosis mastercopy at 0x6851d6fdfafd08c0295c392436245e5bc78b0185, instead of the default one 0x34CfAC646f301356fAa8B21e94227e3583Fe3F5F.

Then I sent the first cpk.execTransactions() which deploys my proxy under the hood.

Afterwards, the owner of the Proxy is the CPK Factory.

Therefore, I am not able to interact with that Proxy anymore I get this error: 'Invalid owner provided'

So I checked what the cpk says about ownership vs. what the on-chain GnosisSafeProxy says about it

And they don't match

gnosisSafe = await bre.ethers.getContractAt("IGnosisSafe", cpk.address);
console.log(await cpk.getOwnerAccount());
console.log(await gnosisSafe.getOwners());

Output:

0x7015763d0a8F04263633106DE7a8F33B2334E51e (my signer address) ['0x336c19296d3989e9e0c2561ef21c964068657c38' ] (CPKFactory)

So cpk say the owner is 0x7015763d0a8F04263633106DE7a8F33B2334E51e - this is as expected

However, if I check the actual GnosisSafe with getOwners

It says 0x336c19296d3989e9e0c2561ef21c964068657c38 is the owner

And this is on-chain so it's the single source of truth: 0x336c19296d3989e9e0c2561ef21c964068657c38 (this is the CPK Factory)

This is the GnosisSafe that was deployed: https://rinkeby.etherscan.io/address/0x3d8A63b58CFdAA9d9FB7767CC2b1c3f0107eed20#internaltx

As you can see there were issues during setup: