feat(dao-contracts): emit events for languages

[jo-elimu]

#110

Summary by CodeRabbit

• New Features

  • Introduced an owner role with an owner-update action (emits OwnerUpdated); adding/removing languages now require the owner and emit LanguageCodeAdded/LanguageCodeRemoved.

• Tests

  • Added tests for owner set at deployment, owner updates (and event), and that non-owners cannot add/remove languages.

• Chores

  • Updated gas-report metrics, deployment/README instructions, and deployment configuration lookups.

_{✏️ Tip: You can customize this high-level summary in your review settings.}

[codecov]

Codecov Report

✅ All modified and coverable lines are covered by tests.
✅ Project coverage is 67.85%. Comparing base (0bdd11a) to head (a76f078).
⚠️ Report is 5 commits behind head on main.

❗ There is a different number of reports uploaded between BASE (0bdd11a) and HEAD (a76f078). Click for more details.

HEAD has 2 uploads less than BASE

Flag	BASE (0bdd11a)	HEAD (a76f078)
	4	2

Additional details and impacted files

@@             Coverage Diff             @@
##             main     #125       +/-   ##
===========================================
- Coverage   94.54%   67.85%   -26.69%     
===========================================
  Files           4        1        -3     
  Lines         165       28      -137     
  Branches       20        5       -15     
===========================================
- Hits          156       19      -137     
  Misses          9        9               

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:

• ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.
• 📦 JS Bundle Analysis: Save yourself from yourself by tracking and limiting bundle sizes in JS merges.

[coderabbitai]

Walkthrough

Adds an owner state and owner-only access control to Languages.sol, introduces OwnerUpdated/LanguageCodeAdded/LanguageCodeRemoved events and a constructor, updates add/remove language functions to emit events, adds updateOwner(), updates tests and gas report, and adjusts deployment artifacts and address lookups.

Changes

Cohort / File(s)	Summary
Languages contract — ownership & events dao-contracts/contracts/Languages.sol	Added address public owner; events OwnerUpdated(address), LanguageCodeAdded(string), LanguageCodeRemoved(string); constructor() sets owner = msg.sender; added updateOwner(address owner_) public with require(msg.sender == owner) and emit OwnerUpdated(owner_); addSupportedLanguage and removeSupportedLanguage now restrict to owner and emit corresponding events.
Tests — owner behavior & access control dao-contracts/test/Languages.ts	Added tests: verify owner set on deployment; non-owners cannot call updateOwner, addSupportedLanguage, or removeSupportedLanguage; owner can update owner and OwnerUpdated is emitted.
Gas report — updated metrics dao-contracts/hardhat-gas-report.md	Updated gas table values (add/remove language increased), added updateOwner gas row, and adjusted totals/related entries.
Deployment artifacts & addresses dao-contracts/ignition/deployments/.../LanguagesModule#Languages.json, dao-contracts/ignition/deployments/chain-11155111/deployed_addresses.json	ABI updated with constructor, new events, owner() getter, removeSupportedLanguage and updateOwner functions; deployed bytecode updated; deployed_addresses.json reordered/updated addresses.
Ignition module — dynamic address lookup dao-contracts/ignition/modules/Roles.ts	Replaced hardcoded sepolia addresses with dynamic lookups from ../deployments/chain-11155111/deployed_addresses.json for ELIMUModule#DummyERC20 and gELIMUModule#DummyERC20; mainnet values unchanged.
Docs — deployment commands dao-contracts/README.md	Adjusted Hardhat/Sepolia section labels and added ignition deployment command examples for ELIMU/gELIMU/Roles with verify/reset flags.

Sequence Diagram(s)

sequenceDiagram
  autonumber
  participant Deployer
  participant Contract as Languages.sol
  participant Owner
  participant Attacker as NonOwner

  rect `#E8F5E9`
    Deployer->>Contract: deploy()
    Note right of Contract: constructor() sets owner = Deployer
  end

  rect `#FFF3E0`
    Owner->>Contract: addSupportedLanguage(code)
    Contract-->>Owner: require(msg.sender == owner) pass
    Contract->>Contract: store code
    Contract->>Owner: emit LanguageCodeAdded(code)
  end

  rect `#FFF3E0`
    Owner->>Contract: removeSupportedLanguage(code)
    Contract-->>Owner: require(msg.sender == owner) pass
    Contract->>Contract: remove code
    Contract->>Owner: emit LanguageCodeRemoved(code)
  end

  rect `#FFEBEE`
    Owner->>Contract: updateOwner(newOwner)
    Contract-->>Owner: require(msg.sender == owner) pass
    Contract->>Contract: owner = newOwner
    Contract->>Owner: emit OwnerUpdated(newOwner)
  end

  rect `#F3E5F5`
    Attacker->>Contract: addSupportedLanguage(code)
    Contract-->>Attacker: revert (require failed)
    Attacker->>Contract: removeSupportedLanguage(code)
    Contract-->>Attacker: revert (require failed)
    Attacker->>Contract: updateOwner(addr)
    Contract-->>Attacker: revert (require failed)
  end

Loading

Estimated code review effort

🎯 3 (Moderate) | ⏱️ ~20 minutes

• Check access-control requires and event parameter types in dao-contracts/contracts/Languages.sol.
• Verify tests in dao-contracts/test/Languages.ts cover success and revert paths.
• Confirm ABI/bytecode updates in ignition/deployments/.../LanguagesModule#Languages.json match contract changes.
• Validate deployed_addresses.json ordering/addresses and ignition/modules/Roles.ts lookup logic.
• Ensure hardhat-gas-report.md reflects measured gas after changes.

elimu.ai's mission is to build innovative learning software that empowers out-of-school children to teach themselves basic reading📖, writing✍🏽 and math🔢 within 6 months.

Pre-merge checks and finishing touches

✅ Passed checks (3 passed)

Check name	Status	Explanation
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.
Title check	✅ Passed	The PR title 'emit events for languages' accurately reflects the main change: adding event emissions (OwnerUpdated, LanguageCodeAdded, LanguageCodeRemoved) to the Languages contract.
Docstring Coverage	✅ Passed	Docstring coverage is 100.00% which is sufficient. The required threshold is 80.00%.

✨ Finishing touches

• 📝 Generate docstrings

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Post copyable unit tests in a comment

Tip

📝 Customizable high-level summaries are now available in beta!

You can now customize how CodeRabbit generates the high-level summary in your pull requests — including its content, structure, tone, and formatting.

• Provide your own instructions using the high_level_summary_instructions setting.
• Format the summary however you like (bullet lists, tables, multi-section layouts, contributor stats, etc.).
• Use high_level_summary_in_walkthrough to move the summary from the description to the walkthrough section.

Example instruction:

"Divide the high-level summary into five sections:

1. 📝 Description — Summarize the main change in 50–60 words, explaining what was done.
2. 📓 References — List relevant issues, discussions, documentation, or related PRs.
3. 📦 Dependencies & Requirements — Mention any new/updated dependencies, environment variable changes, or configuration updates.
4. 📊 Contributor Summary — Include a Markdown table showing contributions:
   | Contributor | Lines Added | Lines Removed | Files Changed |
5. ✔️ Additional Notes — Add any extra reviewer context.
   Keep each section concise (under 200 words) and use bullet or numbered lists for clarity."

Note: This feature is currently in beta for Pro-tier users, and pricing will be announced later.

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[coderabbitai]

Actionable comments posted: 2

🧹 Nitpick comments (1)

dao-contracts/contracts/Languages.sol (1)

11-12: Index event parameters for better observability.

The event parameters should be indexed to enable efficient filtering and searching of language code additions and removals in event logs. This is especially valuable for elimu.ai's mission-critical operations monitoring.

Apply this diff to index the language code parameters:

-    event LanguageCodeAdded(string);
-    event LanguageCodeRemoved(string);
+    event LanguageCodeAdded(string indexed languageCode);
+    event LanguageCodeRemoved(string indexed languageCode);

Note: Indexed string parameters are stored as keccak256 hashes in logs, which is standard for event filtering.

📜 Review details

Configuration used: CodeRabbit UI

Review profile: CHILL

Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between 0bdd11a and f22d701.

📒 Files selected for processing (2)

• dao-contracts/contracts/Languages.sol (1 hunks)
• dao-contracts/hardhat-gas-report.md (1 hunks)

⏰ Context from checks skipped due to timeout of 90000ms. You can increase the timeout in your CodeRabbit configuration to a maximum of 15 minutes (900000ms). (3)

• GitHub Check: build (14.x)
• GitHub Check: build (16.x)
• GitHub Check: build (16.x)

🔇 Additional comments (1)

dao-contracts/hardhat-gas-report.md (1)

16-18: Gas metrics correctly reflect event emissions.

The updated gas consumption figures appropriately account for the new event emissions:

• addSupportedLanguage: +1,706 gas for event emission
• removeSupportedLanguage: +1,706 gas for event emission
• Deployment cost: +39,568 gas for event signature storage

These metrics support transparent monitoring of the DAO's operations as it fulfills elimu.ai's mission to build innovative learning software that empowers out-of-school children to teach themselves basic reading📖, writing✍🏽 and math🔢 within 6 months.

Also applies to: 28-28

[coderabbitai]

Actionable comments posted: 3

🧹 Nitpick comments (1)

dao-contracts/contracts/Languages.sol (1)

13-15: Consider indexing event parameters for better filtering.

Event parameters are not indexed, which makes off-chain filtering less efficient. For a DAO managing language support that serves elimu.ai's mission to build innovative learning software that empowers out-of-school children to teach themselves basic reading📖, writing✍🏽 and math🔢 within 6 months, indexed events would help observers track language additions and ownership changes more easily.

Apply this diff to add indexed parameters:

-    event OwnerUpdated(address);
-    event LanguageCodeAdded(string);
-    event LanguageCodeRemoved(string);
+    event OwnerUpdated(address indexed newOwner);
+    event LanguageCodeAdded(string indexed languageCode);
+    event LanguageCodeRemoved(string indexed languageCode);

📜 Review details

Configuration used: CodeRabbit UI

Review profile: CHILL

Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between f22d701 and 367fa7c.

📒 Files selected for processing (3)

• dao-contracts/contracts/Languages.sol (1 hunks)
• dao-contracts/hardhat-gas-report.md (1 hunks)
• dao-contracts/test/Languages.ts (2 hunks)

⏰ Context from checks skipped due to timeout of 90000ms. You can increase the timeout in your CodeRabbit configuration to a maximum of 15 minutes (900000ms). (3)

• GitHub Check: build (16.x)
• GitHub Check: build (14.x)
• GitHub Check: build (16.x)

🔇 Additional comments (5)

dao-contracts/contracts/Languages.sol (3)

8-8: Owner state variable looks good.

The public visibility enables external verification of ownership, which is appropriate for elimu.ai's mission to build innovative learning software that empowers out-of-school children to teach themselves basic reading📖, writing✍🏽 and math🔢 within 6 months, ensuring transparency in contract governance.

---

17-19: Constructor correctly initializes ownership.

The constructor properly sets the deployer as the initial owner, establishing clear ownership from deployment.

---

33-37: Access control successfully added.

The function now includes proper access control, addressing the critical security vulnerability identified in previous reviews. This protects the language removal function from unauthorized access, safeguarding the language support system for elimu.ai's mission to build innovative learning software that empowers out-of-school children to teach themselves basic reading📖, writing✍🏽 and math🔢 within 6 months.

dao-contracts/test/Languages.ts (1)

22-26: Deployment test correctly verifies owner initialization.

The test properly validates that the contract owner is set to the deploying address, establishing accountability for language management functions that support elimu.ai's mission to build innovative learning software that empowers out-of-school children to teach themselves basic reading📖, writing✍🏽 and math🔢 within 6 months.

dao-contracts/hardhat-gas-report.md (1)

16-30: Gas metrics updated appropriately.

The gas report reflects the expected increases from adding ownership management and access control. The new updateOwner function and increased gas costs for addSupportedLanguage and removeSupportedLanguage are consistent with the added require statements and event emissions. These metrics provide valuable transparency for the DAO's governance operations that support elimu.ai's mission to build innovative learning software that empowers out-of-school children to teach themselves basic reading📖, writing✍🏽 and math🔢 within 6 months.

[coderabbitai]

Actionable comments posted: 0

🧹 Nitpick comments (1)

dao-contracts/ignition/deployments/chain-11155111/artifacts/LanguagesModule#Languages.json (1)

11-49: Consider indexing event parameters for better filtering.

Supporting elimu.ai's mission to build innovative learning software that empowers out-of-school children to teach themselves basic reading📖, writing✍🏽 and math🔢 within 6 months means the DAO may need to track language additions/removals efficiently. The LanguageCodeAdded, LanguageCodeRemoved, and OwnerUpdated events currently have no indexed parameters, making it harder to filter event logs by specific language codes or owner addresses off-chain.

Consider updating the Solidity source to index the event parameters:

event LanguageCodeAdded(string indexed languageCode);
event LanguageCodeRemoved(string indexed languageCode);
event OwnerUpdated(address indexed newOwner);

Note: String parameters can be indexed (stored as their keccak256 hash), allowing filtering even though the full string isn't directly searchable.

📜 Review details

Configuration used: CodeRabbit UI

Review profile: CHILL

Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between 0e92f17 and a76f078.

📒 Files selected for processing (4)

• dao-contracts/README.md (1 hunks)
• dao-contracts/ignition/deployments/chain-11155111/artifacts/LanguagesModule#Languages.json (3 hunks)
• dao-contracts/ignition/deployments/chain-11155111/deployed_addresses.json (1 hunks)
• dao-contracts/ignition/modules/Roles.ts (1 hunks)

🧰 Additional context used

🧠 Learnings (2)

📓 Common learnings

Learnt from: jo-elimu
Repo: elimu-ai/web3-smart-contracts PR: 125
File: dao-contracts/contracts/Languages.sol:27-31
Timestamp: 2025-11-24T08:10:31.324Z
Learning: In the Languages.sol contract in dao-contracts/contracts/Languages.sol, the owner-based access control pattern is intentional because the owner will be the DAO contract itself, not individual administrators. This means changes to supported languages require DAO governance votes.

📚 Learning: 2025-11-24T08:10:31.324Z

Learnt from: jo-elimu
Repo: elimu-ai/web3-smart-contracts PR: 125
File: dao-contracts/contracts/Languages.sol:27-31
Timestamp: 2025-11-24T08:10:31.324Z
Learning: In the Languages.sol contract in dao-contracts/contracts/Languages.sol, the owner-based access control pattern is intentional because the owner will be the DAO contract itself, not individual administrators. This means changes to supported languages require DAO governance votes.

Applied to files:

• dao-contracts/ignition/deployments/chain-11155111/artifacts/LanguagesModule#Languages.json

⏰ Context from checks skipped due to timeout of 90000ms. You can increase the timeout in your CodeRabbit configuration to a maximum of 15 minutes (900000ms). (4)

• GitHub Check: build (14.x)
• GitHub Check: build (16.x)
• GitHub Check: build (16.x)
• GitHub Check: build (14.x)

🔇 Additional comments (6)

dao-contracts/ignition/deployments/chain-11155111/artifacts/LanguagesModule#Languages.json (2)

82-94: LGTM: Owner function added correctly.

The owner() view function returning an address aligns with the PR objectives to add owner management for DAO governance.

---

95-123: LGTM: Artifact reflects contract changes correctly.

The added removeSupportedLanguage and updateOwner functions, along with updated bytecode, are consistent with the PR's goal to add event emissions and owner-based access control.

dao-contracts/ignition/deployments/chain-11155111/deployed_addresses.json (1)

2-5: LGTM: Deployment addresses updated for redeployment.

The updated addresses reflect the redeployment of contracts to Sepolia testnet after adding owner management and events to the Languages contract. This is expected and correct.

dao-contracts/README.md (1)

25-44: LGTM: Clearer deployment documentation.

The updated section headers and comprehensive deployment commands improve developer experience by providing clear instructions for deploying all modules to both local and Sepolia networks. This supports the team in maintaining infrastructure for elimu.ai's mission to empower out-of-school children with learning software.

dao-contracts/ignition/modules/Roles.ts (2)

20-20: Same verification applies for gELIMU address lookup.

This line has the same deployment order dependency as line 12. The gELIMU.ts module must be deployed before Roles.ts.

The verification script from the previous comment will check this dependency as well.

---

12-12: Deployment order verified—no issues found.

The README correctly documents the deployment sequence with ELIMU.ts deploying before Roles.ts on Sepolia (lines 40–43). The deployed_addresses.json file contains the required "ELIMUModule#DummyERC20" key, confirming that the dynamic address lookup in Roles.ts will function correctly when following the documented order. The code is properly sequenced.