feat: add crosschain evm guards

[s2imonovic]

Add crosschain evm guards

---

Note

Medium Risk
Introduces new gating logic that can cause previously-valid deposit/depositAndCall calls to revert when restriction mode is enabled, impacting cross-chain funding flows if misconfigured.

Overview
Adds an optional deposit restriction mode to GatewayEVM that blocks deposit/depositAndCall unless the asset is explicitly allowlisted (including native ETH via address(0)), reverting with the new AssetDepositNotAllowed error.

Admins can toggle restrictions via setDepositsRestricted and manage the allowlist via setDepositAllowedAsset; enabling restriction auto-allowlists zetaToken. The IGatewayEVM interface, events, upgrade test contract storage layout, and Foundry tests are updated accordingly.

^{Reviewed by Cursor Bugbot for commit f110ea2. Configure here.}

Summary by CodeRabbit

Release Notes

• New Features
  • Administrators can now enable deposit restrictions on the Gateway and configure which assets are allowed for deposits. When restrictions are enabled, only assets in the whitelist can be deposited. New events are emitted to track changes to restrictions and asset allowances.

[coderabbitai]

📝 Walkthrough

Walkthrough

Introduces a deposit restriction mechanism to GatewayEVM comprising a depositsRestricted state flag, per-asset allowlist mapping, and admin-only configuration functions. Deposit validation is enforced across all ETH and ERC20 entry points, preventing restricted-mode assets from being deposited unless explicitly allowlisted.

Changes

Cohort / File(s)	Summary
Core Implementation contracts/evm/GatewayEVM.sol	Added depositsRestricted boolean state and depositAllowedAssets allowlist mapping. Introduced setDepositsRestricted(bool) and setDepositAllowedAsset(address,bool) admin functions. Integrated _validateAllowedDepositAsset(address) validation across all six deposit/depositAndCall entry points (native and ERC20 variants).
Interface Definitions contracts/evm/interfaces/IGatewayEVM.sol	Added UpdatedDepositsRestricted(bool) and UpdatedDepositAllowedAsset(address,bool) events. Introduced AssetDepositNotAllowed(address) custom error. Extended interface with setDepositsRestricted(bool) and setDepositAllowedAsset(address,bool) function signatures.
Test Coverage test/GatewayEVM.t.sol	Added comprehensive unit tests validating admin access controls, state transitions, event emissions, and deposit gating behavior. Tests verify that restriction mode blocks non-allowlisted assets and permits configured assets; confirms AssetDepositNotAllowed reverts and custody balance updates.
Test Utilities test/utils/upgrades/GatewayEVMUpgradeTest.sol	Mirrored production implementation with deposit restriction state, admin functions, and validation logic across all deposit entry points for upgrade compatibility testing.

Estimated code review effort

🎯 3 (Moderate) | ⏱️ ~20 minutes

🚥 Pre-merge checks | ✅ 5

✅ Passed checks (5 passed)

Check name	Status	Explanation
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.
Title check	✅ Passed	The title 'feat: add crosschain evm guards' refers to the core feature being implemented—deposit restriction controls and asset allowlisting in GatewayEVM—which represents the primary objective of the changeset.
Docstring Coverage	✅ Passed	No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.
Linked Issues check	✅ Passed	Check skipped because no linked issues were found for this pull request.
Out of Scope Changes check	✅ Passed	Check skipped because no linked issues were found for this pull request.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing Touches

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Commit unit tests in branch feat/crosschain-evm-guards

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[coderabbitai]

Actionable comments posted: 1

🤖 Prompt for all review comments with AI agents

Verify each finding against the current code and only fix it if needed.

Inline comments:
In `@test/GatewayEVM.t.sol`:
- Around line 1291-1295: The failing CI is due to formatting on the block
containing token.approve, gateway.deposit, gateway.depositAndCall, and assertEq;
run forge fmt (or otherwise reformat that statement block) so the line with
gateway.depositAndCall{ value: ADDITIONAL_ACTION_FEE_WEI }(...) conforms to the
project's formatter (wrap arguments/attributes or split into multiple lines) and
then re-run forge fmt --check to ensure token.approve, gateway.deposit,
gateway.depositAndCall, and the final assertEq line match the repo style.

🪄 Autofix (Beta)

Fix all unresolved CodeRabbit comments on this PR:

• Push a commit to this branch (recommended)
• Create a new PR with the fixes

---

ℹ️ Review info

⚙️ Run configuration

Configuration used: Organization UI

Review profile: CHILL

Plan: Pro

Run ID: a0078275-6b33-4334-9b71-09b78cd1a7ad

📥 Commits

Reviewing files that changed from the base of the PR and between f8f4aef and f110ea2.

📒 Files selected for processing (4)

• contracts/evm/GatewayEVM.sol
• contracts/evm/interfaces/IGatewayEVM.sol
• test/GatewayEVM.t.sol
• test/utils/upgrades/GatewayEVMUpgradeTest.sol

[coderabbitai]

⚠️ Potential issue | 🟡 Minor

Apply forge fmt to unblock CI.

Line 1293 exceeds the formatter’s expected layout, and the pipeline already reports forge fmt --check failing here.

Proposed formatting fix

-        gateway.depositAndCall{ value: ADDITIONAL_ACTION_FEE_WEI }(destination, amount, address(token), payload, revertOptions);
+        gateway.depositAndCall{ value: ADDITIONAL_ACTION_FEE_WEI }(
+            destination, amount, address(token), payload, revertOptions
+        );

📝 Committable suggestion

‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.

Suggested change

	token.approve(address(gateway), amount * 2);
	gateway.deposit(destination, amount, address(token), revertOptions);
	gateway.depositAndCall{ value: ADDITIONAL_ACTION_FEE_WEI }(destination, amount, address(token), payload, revertOptions);
	assertEq(amount * 2, token.balanceOf(address(custody)));
	token.approve(address(gateway), amount * 2);
	gateway.deposit(destination, amount, address(token), revertOptions);
	gateway.depositAndCall{ value: ADDITIONAL_ACTION_FEE_WEI }(
	destination, amount, address(token), payload, revertOptions
	);
	assertEq(amount * 2, token.balanceOf(address(custody)));

🧰 Tools

🪛 GitHub Actions: Lint TS/JS/Sol

[error] 1293-1295: forge fmt --check failed due to formatting differences in test/GatewayEVM.t.sol. gateway.depositAndCall call formatting should match forge fmt output.

🤖 Prompt for AI Agents

Verify each finding against the current code and only fix it if needed.

In `@test/GatewayEVM.t.sol` around lines 1291 - 1295, The failing CI is due to
formatting on the block containing token.approve, gateway.deposit,
gateway.depositAndCall, and assertEq; run forge fmt (or otherwise reformat that
statement block) so the line with gateway.depositAndCall{ value:
ADDITIONAL_ACTION_FEE_WEI }(...) conforms to the project's formatter (wrap
arguments/attributes or split into multiple lines) and then re-run forge fmt
--check to ensure token.approve, gateway.deposit, gateway.depositAndCall, and
the final assertEq line match the repo style.