Add missing NatSpec #7
Merged
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
0xDEnYO
added a commit
that referenced
this pull request
Jun 19, 2024
0xDEnYO
added a commit
that referenced
this pull request
Jul 2, 2024
0xDEnYO
added a commit
that referenced
this pull request
Jul 4, 2024
…iverStargateV2 v.1.0.0) (#678) * merged external changes * update deploy requirements * deploy logs reinstated * cleanup * stargate reviewer comments implemented * added a check to make sure taxi mode is used for dest calls (audit issue #14) * tests fixed * removed unused import (audit issue #10) * updated comment (audit issue #9) * updated test setup so that receive function in facet is not required (audit issue #6) * removed unnecessary parameter (reserveRecoverGas) in Receiver (audit issue #7) * use safeApprove instead of approve (audit issue #4) * forge install: solady v0.0.208 * inlines functions to save gas (audit issue #5) * improves validation of _from parameter / caller in ReceiverStargateV2 (audit issue #3) * removes receive function from StargateFacet (audit issue #6) * updates deploy script and redeploys ReceiverStargateV2 to staging (OPT) * adds a check that ensures receiver addresses match in case of no dst call * redeployed to polygon staging * confi: updates stargate config (adds missing networks/addresses) * mainnet deployments * Deploy ReceiverStargateV2 * update logs * deploy to bsc * deploy to prod --------- Co-authored-by: Ed Zynda <ezynda3@gmail.com> Co-authored-by: Leonardo Cascianelli <leo@li.finance>
0xDEnYO
added a commit
that referenced
this pull request
Aug 30, 2024
0xDEnYO
added a commit
that referenced
this pull request
Oct 23, 2024
…ssFacetPackedV3 v1.0.0, ReceiverAcrossV3 v1.0.0) (#687) * Implment and add tests for LibUtil::revertWith() * remove unneeded import * deploy to staging * temp - DO NOT PUSH * split facets, test files, deploy scripts etc. to V1/V3 * fix: replaces address parameter in facet * tests fixed * demoscript can do ERC20 and native bridging * ReceiverAcrossV3 + deploy script added (and deployed) * added dest calls on demoscript * ReceiverAcrossV3 updated (out-of-gas handling) & redeployed * ReceiverAcrossV3 updated (will revert for out-of-gas during swap exec) & redeployed * Successfully sent native+destCall with demoScript * simplified demo script to only use one fromChain * fixed failing test * fix spelling error in import * update forge coverage command in Github action * adds a check that ensures receiver addresses match in case of no dst call * solves stack-too-deep issue in GenericSwapFacetV3 test file (popped up due to solc upgrade) * adds destinationCallFlag validation * implements gas savings in ReceiverAcrossV3 and redeploys to staging * updates docs * removes coverage files as these should not be synced to github * gas optimization: use solady lib in ReceiverAcrossV3 * change min solc version to ^0.8.17 * removes native asset handling from receiver since this is not required for AcrossV3 * removes coverage files as these should not be synced to github * removes unused import * redeployed ReceiverAcrossV3 to arbitrum * updates CalldataVerificationFacet to support AcrossV3 * removes payable keyword (audit issue #13) * removes unused import (audit issue #4) * removes payable keyword from handleV3AcrossMessage function (audit issue #5) * removes unused import (audit issue #7) * adds more detailed explanations to revert handling in Receiver contract (audit issue #11) * narrows variable type (audit issue #9) * re-deploys facets to optimism staging * updates expected gas values in tests * trying to fix failing types action * undo last commit * updates typechain command in package.json * finally fixed $§%&$%§&$% CI issue * updates evm-version used for testing in Github action * updates evm-version used for testing in Github action #2 * removes forge coverage from github action (unused anyway) * disable PR reminder for PRs with label waitForBackend * redeployed AcrossFacetV3 and ReceiverAcrossV3 to OPT & POL staging * audit log updated and report added * Deploy AcrossV3 (except for zksync) * Deploy AcrossV3 packed (except for zksync) * Deploy to zksync * Deploy packed facet * add task to update approvals for AcrossFacetPackedV3 * Fix AcrossFacetPackedV3 script * update deploy requirements * Fix update scripts * Fix update scripts * Cleanup * fix imports * import paths updated for zkSync scripts * fixes one more import * adds ready_for_review triggers to git actions * adds support for exclusiveRelayer parameters * redeployed facets to arbitrum and optimism STAGING * update audit report (incl exclusivity relayer) * deployments to various networks * zksync deploy scripts updated * updates deploy script for AcrossFacetPackedV3 * proposed diamondCuts & periphery update to all relevant diamonds (except: zksync) * Deploy Across V3 to zkSync * update across demo scripts * Update logs for zksync * update coverage command in package.json * diamond logs updated * bump version of EmergencyPauseFacet * update pragma --------- Co-authored-by: Ed Zynda <ezynda3@gmail.com> Co-authored-by: Ed Zynda <ezynda3@users.noreply.github.com> Co-authored-by: Max Klenk <max@klenk.biz>
ezynda3
added a commit
that referenced
this pull request
Oct 28, 2024
* Implment and add tests for LibUtil::revertWith() * remove unneeded import * deploy to staging * temp - DO NOT PUSH * split facets, test files, deploy scripts etc. to V1/V3 * fix: replaces address parameter in facet * tests fixed * demoscript can do ERC20 and native bridging * ReceiverAcrossV3 + deploy script added (and deployed) * added dest calls on demoscript * ReceiverAcrossV3 updated (out-of-gas handling) & redeployed * ReceiverAcrossV3 updated (will revert for out-of-gas during swap exec) & redeployed * Successfully sent native+destCall with demoScript * simplified demo script to only use one fromChain * fixed failing test * fix spelling error in import * update forge coverage command in Github action * adds a check that ensures receiver addresses match in case of no dst call * solves stack-too-deep issue in GenericSwapFacetV3 test file (popped up due to solc upgrade) * adds destinationCallFlag validation * implements gas savings in ReceiverAcrossV3 and redeploys to staging * updates docs * removes coverage files as these should not be synced to github * gas optimization: use solady lib in ReceiverAcrossV3 * change min solc version to ^0.8.17 * removes native asset handling from receiver since this is not required for AcrossV3 * removes coverage files as these should not be synced to github * removes unused import * redeployed ReceiverAcrossV3 to arbitrum * updates CalldataVerificationFacet to support AcrossV3 * removes payable keyword (audit issue #13) * removes unused import (audit issue #4) * removes payable keyword from handleV3AcrossMessage function (audit issue #5) * removes unused import (audit issue #7) * adds more detailed explanations to revert handling in Receiver contract (audit issue #11) * narrows variable type (audit issue #9) * re-deploys facets to optimism staging * updates expected gas values in tests * trying to fix failing types action * undo last commit * updates typechain command in package.json * finally fixed $§%&$%§&$% CI issue * updates evm-version used for testing in Github action * updates evm-version used for testing in Github action #2 * removes forge coverage from github action (unused anyway) * disable PR reminder for PRs with label waitForBackend * redeployed AcrossFacetV3 and ReceiverAcrossV3 to OPT & POL staging * audit log updated and report added * Deploy AcrossV3 (except for zksync) * Deploy AcrossV3 packed (except for zksync) * Deploy to zksync * Deploy packed facet * add task to update approvals for AcrossFacetPackedV3 * Fix AcrossFacetPackedV3 script * update deploy requirements * Fix update scripts * Fix update scripts * Cleanup * fix imports * import paths updated for zkSync scripts * fixes one more import * adds ready_for_review triggers to git actions * adds support for exclusiveRelayer parameters * redeployed facets to arbitrum and optimism STAGING * update audit report (incl exclusivity relayer) * deployments to various networks * zksync deploy scripts updated * updates deploy script for AcrossFacetPackedV3 * proposed diamondCuts & periphery update to all relevant diamonds (except: zksync) * Deploy Across V3 to zkSync * update across demo scripts * Use foundry-zksync * Add missing floating pragmas and ignore tests and scripts when compiling for zksync * Use separate scripts for zksync * forge install: era-contracts * Fixes * Remove old scripts * Update verification and begin implementing create2 deployments * Try and predict address using system contract * Add remaining AcrossV3 deploy scripts * Add missing deploy scripts to zksync * Update logs * Update log for EmergencyPauseFacet * Auto build foundry-zksync docker image if it does not exist * Start adding special update scritps for zksync * Confirm deployment if already deployed * Redeploy EmergencyPauseFacet * Remove duplicates * Add comments and remove unfinished/incomplete scripts * Fix copy paste errors * Remove unused code * Update comments * Remove lcov dir * Add comment --------- Co-authored-by: Daniel Bläcker <d.blaecker@gmail.com> Co-authored-by: Max Klenk <max@klenk.biz>
ezynda3
added a commit
that referenced
this pull request
Jan 11, 2025
…p calls (CallDataVerificationFacet v1.2.0) [CalldataVerificationFacet v1.2.0,IAcrossSpokePool v1.0.0] (#767) * adds extraction handling for GenericSwapV3 single calldata * push test coverage to 100% * remove lcov-filtered.info * minor update * remove console import * gas optimization (audit issue #7) * adds handling for StargateV2 destination calls (audit issue #8) * gas optimization in extractGenericSwapParameters (audit issue #6) * update min callData length check (audit issue #4) * gas optimization in extractNonEVMAddress (audit issue #3) * update comments, fix typo (audit issue#2) * adds handling for AcrossV3 destination calls (audit issue #9) * typo fixed in comment * gas optimization * updates audit log and adds audit report * update log --------- Co-authored-by: Ed Zynda <ezynda3@users.noreply.github.com> Co-authored-by: Ed Zynda <ezynda3@gmail.com>
mirooon
added a commit
that referenced
this pull request
May 2, 2025
ezynda3
pushed a commit
that referenced
this pull request
May 9, 2025
…0] (#1116) * update LibAsset for gas efficiency * fix tests * added tests to improve coverage * bump major version due to breaking change in maxApproveERC20 * fix bug in isContract * remove comment * reorg LibAsset * update isContract to be ready for EIP7702 * added isContractWithDelegationDesignator test (audit issue #7) * simplified isContract logic * validate delegate address contracts for isContract() (audit issue #2). * added early return for native assets in setAllowance (audit issue #4) * added for early return on approving ERC20 with native asset (audit issue #4) * added check for native assets in transferFromERC20 (audit issue #5) * added EIP-7702 delegation designator constant * refactor isContract function * added audit * fixed audit log --------- Co-authored-by: Michal Mironczuk <michalmironczuk1@gmail.com>
ezynda3
added a commit
that referenced
this pull request
Jul 29, 2025
- Add PatchExecuted event emitted by all four execution functions - Add TokensDeposited event emitted when tokens are deposited - Events include caller, target, success status, and return data length - Added comprehensive tests to verify event emissions Addresses issue #7
ezynda3
added a commit
that referenced
this pull request
Aug 1, 2025
* prevent stack to deep * add demo script * refactor * TX is successful now * Cleanup * Fix cowswap call * Fix patch calls * Simplify * fix cow swap submission * use relay * use correct calc * fixes * use correct cowshed calls * use real sig * updates * calc offset * use viem * add tests * update tests * update tests * add approval * fix * refactor * more refactor * cleanup resources * begin adding dest call * use separate scripts * add patch calls to dest call * use offset finding utils * refactor * add deposit functions to patcher * allow depositing to patcher * fix route * tweaks * fix scripts * remove * clarifying comments * add documentation * fix payable issue * fixes * more fixes * more fixes * more fixes * remove commented code * fix * Improve Patcher documentation and code organization - Enhanced description with clearer wording about dynamic value retrieval - Added CoWSwap use case example for intent-based orders - Updated mermaid diagram with better flow visualization and internal logic subgraph - Organized imports in demoPatcher.ts for better code structure 🤖 Generated with [opencode](https://opencode.ai) Co-Authored-By: opencode <noreply@opencode.ai> * Implement comprehensive Patcher contract improvements - Update SPDX license to LGPL-3.0-only - Clarify comment wording about execution timing - Add LibUtil import for better error handling and validation - Replace assembly revert with LibUtil.revertWith() for cleaner code - Add zero address validation for valueSource and finalTarget parameters - Add validation to prevent empty offsets arrays (contract should only be used when patching is needed) - Optimize loop variable type from uint256 to uint8 for gas efficiency - Remove test that expected empty offsets to work (anti-pattern) - Add new test to verify empty offsets are properly rejected All changes maintain backward compatibility while improving security and gas efficiency. 🤖 Generated with [opencode](https://opencode.ai) Co-Authored-By: opencode <noreply@opencode.ai> * Finalize Patcher contract optimizations and test coverage - Optimize calldatacopy usage for gas efficiency - Change loop variable from uint256 to uint8 for optimization - Add comprehensive test coverage for CallExecutionFailed error path - Achieve 100% function and error path coverage 🤖 Generated with [opencode](https://opencode.ai) Co-Authored-By: opencode <noreply@opencode.ai> * Update test/solidity/Periphery/Patcher.t.sol Co-authored-by: coderabbitai[bot] <136622811+coderabbitai[bot]@users.noreply.github.com> * follow convention * Update deployments/arbitrum.diamond.staging.json Co-authored-by: coderabbitai[bot] <136622811+coderabbitai[bot]@users.noreply.github.com> * fixes * fix: add frontrunning warnings and validate return data length - Add clear documentation about frontrunning risks in depositAndExecute functions - Add validation that _getDynamicValue only accepts 32-byte return values - Add InvalidReturnDataLength error for non-uint256 return types - Update Patcher.md with security warnings and return type requirements - Add comprehensive tests for invalid return data scenarios Addresses issues #9 (frontrunning) and #6 (return type validation) * gas: remove unchecked loop increments - Remove unchecked blocks from loop increments in _processPatches and _applyPatches - Modern Solidity compilers (0.8.22+) automatically optimize loop increments - Improves code readability with no gas penalty Addresses issue #8 * gas: remove redundant return parameter from _depositAndApprove - Remove unused return value from _depositAndApprove function - Change amount from return variable to local variable - Saves gas by eliminating unnecessary memory allocation Addresses issue #5 * gas: replace Yul calldatacopy with direct assignment - Replace assembly calldatacopy with direct bytes assignment - Simpler code with better gas efficiency - Tests show gas improvements across multiple functions Addresses issue #2 * security: reset token approvals after execution - Reset ERC20 approvals to 0 after executing external calls - Prevents lingering approvals to untrusted targets - Added tests to verify approval reset behavior - Updated documentation to reflect security improvement Addresses issue #10 * feat: add events for off-chain tracking - Add PatchExecuted event emitted by all four execution functions - Add TokensDeposited event emitted when tokens are deposited - Events include caller, target, success status, and return data length - Added comprehensive tests to verify event emissions Addresses issue #7 * test: add test for events with return data - Add processValueWithReturn function to MockTarget that returns data - Add test to verify PatchExecuted event correctly captures return data length - Verify that return data is properly forwarded and can be decoded - Confirms event system works for functions with various return data sizes * docs: add warnings about entire balance usage and non-refunds - Document that deposit functions transfer ENTIRE token balance - Add clear warnings that excess tokens/ETH are NOT refunded - Explain that excess funds can be stolen by anyone - Add Important Limitations section to Patcher.md - Update best practices with safety recommendations Addresses issues #4 and #1 * update audit log --------- Co-authored-by: opencode <noreply@opencode.ai> Co-authored-by: coderabbitai[bot] <136622811+coderabbitai[bot]@users.noreply.github.com>
0xDEnYO
added a commit
that referenced
this pull request
Aug 28, 2025
0xDEnYO
added a commit
that referenced
this pull request
Sep 12, 2025
…sSpokePoolV4 v1.0.0,ReceiverAcrossV4 v1.0.0] (#1299) * first draft AcrossFacetV4 * update interface * docs added * fix event and input validation * add deploy and update scripts for facet * added Across chainId for Solana * add ReceiverAcrossV4 * add initial test file for AcrossFacetV4 * add initial AcrossFacetPackedV4 and related files * remove max-line-length rule from linter * add constructor parameter validation * fix tests for AcrossFacetV4 * all existing tests fixed * add initial tests for outputMultiplier * reorg test files * all tests fixed * update licenses of deploy scripts * update deploy requirements * deployed to ARB/OPT staging * remove safeTransferLib from packed facet * add sendingAssetId in bytes32 as parameter * fix some tests * tests fixed * updated staging deployments * update AcrossV4 demoscript * update interface * update deploy log * rename test case * fix comments in demo script * smaller fixes * add constructor parameter validation to packed facet * add missing validation for parameter * use existing helper function to access deployments * fix Receiver docs file * added type helpers for bridgeData in demoScripts * add receiver address validation * remove failing (outdated) LibAsset test * add non-0 receiver address validation * add tests to increase coverage * add test API URL * redeployed AcrossV4 to staging * fixed demo script * Update test/solidity/Facets/Across/V4/AcrossFacetPackedV4.t.sol Co-authored-by: coderabbitai[bot] <136622811+coderabbitai[bot]@users.noreply.github.com> * fix tests * fix demo script * update license identifier * use consola instead of console * Update test/solidity/Facets/Across/V4/AcrossFacetV4.t.sol Co-authored-by: coderabbitai[bot] <136622811+coderabbitai[bot]@users.noreply.github.com> * comment updated (audit issue #1) * added refundAddress validation (and disclaimer in packed facet) * added disclaimer (audit issue #3) * replace hardcoded value with constant (audit issue #4) * replace exclusivityDeadline with exclusivityParameter (audit issue #5) * update data length validation (audit issue #6) * removed sendingAssetId from PackedParameters struct (audit issue #7) * redeployed to ARB staging * fix docs * Update script/demoScripts/demoAcrossV4.ts Co-authored-by: coderabbitai[bot] <136622811+coderabbitai[bot]@users.noreply.github.com> * Update test/solidity/Facets/Across/V4/AcrossFacetPackedV4.t.sol Co-authored-by: coderabbitai[bot] <136622811+coderabbitai[bot]@users.noreply.github.com> * another docs fix * Update test/solidity/Facets/Across/V4/AcrossFacetPackedV4.t.sol Co-authored-by: coderabbitai[bot] <136622811+coderabbitai[bot]@users.noreply.github.com> * rename tests * Update test/solidity/Facets/Across/V4/AcrossFacetV4OutputAmountIntegration.t.sol Co-authored-by: coderabbitai[bot] <136622811+coderabbitai[bot]@users.noreply.github.com> * fixed tests * update logic in AcrossFacetPacked to allow long destinationChainIds such as Solana * fix unit tests * update docs * added tests to Solana for AcrossFacetPacked * Update docs/AcrossFacetPackedV4.md Co-authored-by: coderabbitai[bot] <136622811+coderabbitai[bot]@users.noreply.github.com> * set outputAmount explicitly * fix integration tests * fix docs * fix issue in test * OPT staging update * PR cleanup * remove temporary test file * redeployed packed facet to OPT/ARB staging * remove unnecessary comments and type conversions * fix comment (audit issue #11) * add evm vs non-evm distinction to decoding functions (audit issue #12) * audit report added * fix json * remove unrelated filess --------- Co-authored-by: coderabbitai[bot] <136622811+coderabbitai[bot]@users.noreply.github.com>
0xDEnYO
added a commit
that referenced
this pull request
Sep 16, 2025
* first draft AcrossFacetV4 * update interface * docs added * fix event and input validation * add deploy and update scripts for facet * added Across chainId for Solana * add ReceiverAcrossV4 * add initial test file for AcrossFacetV4 * add initial AcrossFacetPackedV4 and related files * remove max-line-length rule from linter * add constructor parameter validation * fix tests for AcrossFacetV4 * all existing tests fixed * add initial tests for outputMultiplier * reorg test files * all tests fixed * update licenses of deploy scripts * update deploy requirements * deployed to ARB/OPT staging * remove safeTransferLib from packed facet * add sendingAssetId in bytes32 as parameter * fix some tests * tests fixed * updated staging deployments * update AcrossV4 demoscript * update interface * update deploy log * rename test case * fix comments in demo script * smaller fixes * add constructor parameter validation to packed facet * add missing validation for parameter * use existing helper function to access deployments * fix Receiver docs file * added type helpers for bridgeData in demoScripts * add receiver address validation * remove failing (outdated) LibAsset test * add non-0 receiver address validation * add tests to increase coverage * add test API URL * redeployed AcrossV4 to staging * fixed demo script * Update test/solidity/Facets/Across/V4/AcrossFacetPackedV4.t.sol Co-authored-by: coderabbitai[bot] <136622811+coderabbitai[bot]@users.noreply.github.com> * fix tests * fix demo script * update license identifier * use consola instead of console * Update test/solidity/Facets/Across/V4/AcrossFacetV4.t.sol Co-authored-by: coderabbitai[bot] <136622811+coderabbitai[bot]@users.noreply.github.com> * comment updated (audit issue #1) * added refundAddress validation (and disclaimer in packed facet) * added disclaimer (audit issue #3) * replace hardcoded value with constant (audit issue #4) * replace exclusivityDeadline with exclusivityParameter (audit issue #5) * update data length validation (audit issue #6) * removed sendingAssetId from PackedParameters struct (audit issue #7) * redeployed to ARB staging * fix docs * Update script/demoScripts/demoAcrossV4.ts Co-authored-by: coderabbitai[bot] <136622811+coderabbitai[bot]@users.noreply.github.com> * Update test/solidity/Facets/Across/V4/AcrossFacetPackedV4.t.sol Co-authored-by: coderabbitai[bot] <136622811+coderabbitai[bot]@users.noreply.github.com> * another docs fix * Update test/solidity/Facets/Across/V4/AcrossFacetPackedV4.t.sol Co-authored-by: coderabbitai[bot] <136622811+coderabbitai[bot]@users.noreply.github.com> * rename tests * Update test/solidity/Facets/Across/V4/AcrossFacetV4OutputAmountIntegration.t.sol Co-authored-by: coderabbitai[bot] <136622811+coderabbitai[bot]@users.noreply.github.com> * fixed tests * update logic in AcrossFacetPacked to allow long destinationChainIds such as Solana * fix unit tests * update docs * added tests to Solana for AcrossFacetPacked * Update docs/AcrossFacetPackedV4.md Co-authored-by: coderabbitai[bot] <136622811+coderabbitai[bot]@users.noreply.github.com> * set outputAmount explicitly * fix integration tests * fix docs * fix issue in test * OPT staging update * PR cleanup * remove temporary test file * redeployed packed facet to OPT/ARB staging * remove unnecessary comments and type conversions * fix comment (audit issue #11) * add evm vs non-evm distinction to decoding functions (audit issue #12) * audit report added * fix json * remove unrelated filess * add helper functions for multichain (and -evm) execution * deployed to lens * deployed to zksync * deployed to 3 cancun networks * deployed 12 london networks * verified zksync * diamond logs updated * remove unrelated files --------- Co-authored-by: coderabbitai[bot] <136622811+coderabbitai[bot]@users.noreply.github.com>
ezynda3
added a commit
that referenced
this pull request
Oct 6, 2025
- Remove payable modifier from startBridgeTokensViaEco to prevent accidental native token deposits that would be permanently locked - Add refundExcessNative modifier to swapAndStartBridgeTokensViaEco to refund any excess native tokens sent beyond swap requirements - Update test to reflect non-payable function signature Resolves audit issue #7
ezynda3
added a commit
that referenced
this pull request
Oct 10, 2025
* config: whitelist new OKX contract * bootstrap * real fork test * refactor * deploy to staging * simple demo * fix * docs * revert * update * fix tests * redeploy to staging + update demo script * update demo script * update contract, test, demo to work with updated Eco interface * redeploy to staging and update demo * Upgrade EcoFacet to use Portal V2 contract (#1379) * feat: upgrade EcoFacet to use Portal V2 contract - Update IEcoPortal interface to match Portal V2 structure - Rename intentSource to portal throughout the codebase - Add routeDeadline field to EcoData struct - Update Intent struct to include destination field - Modify Route and Reward structs to match V2 specification - Update config with new Portal contract addresses - Adjust tests and deployment scripts for Portal V2 🤖 Generated with [Claude Code](https://claude.ai/code) Co-Authored-By: Claude <noreply@anthropic.com> * fix: field order in reward struct * feat: add Tron and Solana support to EcoFacet - Add second publishAndFund overload to IEcoPortal for Solana's encoded route - Add encodedRoute field to EcoData struct for Borsh-encoded Solana data - Implement chain ID mapping (_getEcoChainId) for Tron (728126428) and Solana (1399811149) - Extract _buildReward helper to avoid code duplication - Update _publishIntent with conditional logic for Solana vs EVM/Tron paths - Add comprehensive tests for both Tron and Solana bridging - Add Tron configuration to eco.json * refactor: simplify EcoFacet to use encodedRoute universally - Use encodedRoute parameter for all chains (EVM, Tron, Solana) - Remove destinationCalls and route building logic - Remove unused fields from EcoData struct (receivingAssetId, salt, destinationPortal, routeDeadline) - Update tests to use real Eco Portal on Base mainnet (0x2b7F87a98707e6D19504293F6680498731272D4f) - Fix all failing unit tests to work with simplified contract 🤖 Generated with [Claude Code](https://claude.ai/code) Co-Authored-By: Claude <noreply@anthropic.com> * refactor: remove Intent struct and simplify EcoFacet implementation - Remove unused Intent, Route, and Call structs from IEcoPortal interface - Eliminate intermediate Intent struct construction in _startBridge - Inline _publishIntent logic directly into _startBridge for clarity - Directly pass parameters to publishAndFund without creating unnecessary structs - Keep only the publishAndFund overload that accepts individual parameters This simplification reduces code complexity and improves efficiency by avoiding unnecessary intermediate data structures while maintaining the same functionality. 🤖 Generated with [Claude Code](https://claude.ai/code) Co-Authored-By: Claude <noreply@anthropic.com> --------- Co-authored-by: Claude <noreply@anthropic.com> * update demo script * handle solana * add swap demo * update docs * update constants * boost coverage * update * update * fix: address PR review comments for EcoFacet - Rename portal to PORTAL for consistency with recent facets - Add NatSpec documentation for constructor - Store Eco chain IDs as immutable variables - Add chain ID bounds check to prevent uint64 overflow - Update solver reward documentation to clarify native/ERC20 usage - Clarify encoded route description - Optimize gas by reducing redundant isNative checks - Fix test function names to follow naming convention - Add destination calls validation modifier - Remove problematic destination calls test - Document receiverAddress vs nonEVMReceiver usage * validate * validate * cleanup * verify solana * update portal * fix: improve Solana recipient extraction from Borsh-encoded routes (#1392) - Validate route is exactly 319 bytes for Solana transfers - Extract recipient from correct position (bytes 251-282) in TransferChecked instruction - Add detailed comments explaining Borsh encoding structure 🤖 Generated with [Claude Code](https://claude.ai/code) Co-authored-by: Claude <noreply@anthropic.com> * update to properly validate * fix * update docs * update tests * fix * fix coverage * validate ATA vs solana address * Update script/demoScripts/demoEco.ts Co-authored-by: coderabbitai[bot] <136622811+coderabbitai[bot]@users.noreply.github.com> * eliminate redundant checks * remove useless internal func * update docs * remove changelog * fixes * update helper func names * validate solana dst against NON_EVM_RECEIVER * document known issue with positive slippage * update tests * optimizations * redeploy to staging * add clarification * remove * combine helpers * remove extra checks * refactor * remove native token support * fix: reject NON_EVM_ADDRESS for non-Solana destinations Prevents invalid configurations where NON_EVM_ADDRESS is used for EVM-compatible chains like TRON. Only Solana destinations should use NON_EVM_ADDRESS as the receiver. Resolves audit issue #9 * fix: prevent native token loss and refund excess - Remove payable modifier from startBridgeTokensViaEco to prevent accidental native token deposits that would be permanently locked - Add refundExcessNative modifier to swapAndStartBridgeTokensViaEco to refund any excess native tokens sent beyond swap requirements - Update test to reflect non-payable function signature Resolves audit issue #7 * fix: add lower bound validation for Solana address length Add minimum length check (32 characters) for Solana addresses to match documented behavior. Solana addresses are base58-encoded and must be between 32-44 characters. Resolves audit issue #6 * fix: validate prover and rewardDeadline parameters Add validation for critical reward parameters in _validateEcoData: - Ensure prover address is not zero - Ensure rewardDeadline is non-zero and in the future These parameters are essential for the Eco Protocol reward mechanism. Resolves audit issue #10 * fix: emit BridgeToNonEVMChain only for Solana destinations Change event emission logic to use chain ID check instead of nonEVMReceiver length. This ensures the event only fires for actual non-EVM destinations (Solana) and prevents misleading events for EVM-compatible chains. Resolves audit issue #3 * refactor: inline depositAmount calculation for gas savings Remove intermediate depositAmount variable and pass expression directly to LibAsset.depositAsset. Saves ~100 gas by eliminating unnecessary stack operations. Resolves audit issue #4 * refactor: replace magic numbers with named constants Define and use constants for: - NATIVE_REWARD_AMOUNT (0) - ALLOW_PARTIAL_FILL (false) - SOLANA_ENCODED_ROUTE_LENGTH (319) - SOLANA_RECEIVER_OFFSET (251) - SOLANA_RECEIVER_END (283) - SOLANA_ADDRESS_MIN_LENGTH (32) - SOLANA_ADDRESS_MAX_LENGTH (44) Improves code maintainability and makes the intent behind each value explicit. Resolves audit issue #1 * refactor: remove redundant explicit zero value in portal call Remove '{ value: 0 }' from PORTAL.publishAndFund call as it's redundant (default is 0). Simplifies code and slightly reduces bytecode size. Resolves audit issue #8 * refactor: remove redundant receiverAddress from EcoData BREAKING CHANGE: Remove receiverAddress field from EcoData struct as it duplicates _bridgeData.receiver. The receiver is already validated from the encodedRoute for EVM chains and through nonEVMReceiver for Solana. This saves gas and simplifies the API by removing redundant data. Resolves audit issue #2 * fix: update demoEco.ts to use new EcoData structure Remove receiverAddress field from EcoData struct usage in demo script to match the updated contract interface. * redeploy to staging * add inline doc about native refunds * fix typo * redeploy to staging * update internal calculations to deduct fee from passed minAmount * remove unneeded var * chore: add EcoFacet and IEcoPortal v1.0.0 audit entry --------- Co-authored-by: Mathias Möller <matze.moeller@gmail.com> Co-authored-by: Carlos Febres <carlosfebres97@gmail.com> Co-authored-by: Claude <noreply@anthropic.com> Co-authored-by: coderabbitai[bot] <136622811+coderabbitai[bot]@users.noreply.github.com>
mirooon
added a commit
that referenced
this pull request
Nov 3, 2025
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
No description provided.