Base Hook Middleware

[Jun1on]

Related Issue

Hooks can be made to do bad things. Because anyone can create their own arbitrary logic for a hook contract, it's difficult for third parties to decide which hooks are "safe" and which are "dangerous". We propose a hook middleware that performs sanity checks on the result of a hooks to block malicious actions.

Description of changes

Middleware factory creates middlewares.

https://github.com/user-attachments/assets/a7016ed2-2863-42aa-bc69-54fe2549e016

Each middleware is the hook and points to another hook as the implementation. This allows for some convenient configurations where a pool can use a hook and another pool can use the middlewared hook.

all are valid configurations

Best of all, attaching a middleware to a hook is easy and usually requires no extra coding. The main caveat[^1] is (because of the proxy pattern) constructors will never be called, so it may be necessary to revise the implementation contract to use an initialize function if the constructor needs to set non-immutable variables.

For now, this branch implements and tests only base contracts, which do nothing. middleware-remove and middleware-protect extend these base contracts to include specific protections. Of course, these are only proposed solutions, and anyone can create their own middleware factory design as they see fit.

[^1]: there are some more small caveats. let's say hook A calls a permissioned function on external contract E. a middleware pointing to hook A would then not be able to call contract E.