feat: add safe support + managed cross-chain bridge execution foundation#6
Draft
dan13ram wants to merge 15 commits into
Draft
feat: add safe support + managed cross-chain bridge execution foundation#6dan13ram wants to merge 15 commits into
dan13ram wants to merge 15 commits into
Conversation
|
Important Review skippedDraft detected. Please check the settings in the CodeRabbit UI or the ⚙️ Run configurationConfiguration used: defaults Review profile: CHILL Plan: Pro Run ID: You can disable this status message by setting the Use the checkbox below for a quick retry:
✨ Finishing Touches🧪 Generate unit tests (beta)
Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out. Comment |
dan13ram
changed the title
Critical fix for upgrade safety: - Generate baseline storage layouts for Manager, Treasury, Governor - Add Makefile with storage verification utilities - Add VerifyStorageLayout.s.sol script for CI/CD integration - Create PRODUCTION_READINESS.md tracking document Storage analysis shows V2 additions are properly appended: - Manager: slots 4-5 (sourceBridgeAdapterByDao, bridgeAddressesByDaoByChain) - Treasury: slots 4-7 (_safeCount, safes, safeIds, globalPolicy) - Governor: no storage changes in this PR Resolves PRODUCTION_READINESS.md #1 (Storage Layout Verification)
On-chain verification that module is enabled before Safe registration: - Add isModuleEnabled() to IGnosisSafe interface - Verify module enablement in Treasury._registerSafe() - Add MODULE_NOT_ENABLED error - Implement isSafeReady() view function for frontend checks - Update MockGnosisSafe with isModuleEnabled support Tests added: - testRevert_RegisterSafe_ModuleNotEnabled - test_IsSafeReady - test_IsSafeReady_InvalidInputs Fixes: - DeployBridgeInfrastructure.s.sol envOr compatibility - VerifyStorageLayout.s.sol unicode chars + view modifier All TreasuryV2Test tests passing (11/11) Resolves PRODUCTION_READINESS.md #6 (Safe Module Verification)
Circuit breakers and spending limits for Safe execution: Storage additions (slots 8-12, safely appended): - safeSpendingLimits: per-transaction value limits - safeSpendingTrackers: daily spending limits with auto-reset - safePaused: per-safe pause state - allSafesPaused: global emergency pause - guardian: address with pause powers Features: - Per-transaction spending limits - Daily spending limits with 24hr auto-reset - Per-safe pause/unpause (guardian or governance) - Global all-safes emergency pause - Guardian role management (governance-only) - execOnSafe now checks pause + limits before execution New functions: - setSafeSpendingLimits(safeId, perTxLimit, dailyLimit) - pauseSafe(safeId) / unpauseSafe(safeId) - pauseAllSafes() / unpauseAllSafes() - setGuardian(address) / getGuardian() Tests: 20/20 passing in TreasuryV2Safety.t.sol - Spending limit enforcement (per-tx and daily) - Daily limit reset after 24 hours - Pause/unpause mechanics (per-safe and global) - Guardian authorization - Combined safety scenarios Resolves PRODUCTION_READINESS.md #4 (Governance Safety Mechanisms)
Production-ready LayerZero V2 implementation: LayerZero Adapter Enhancements: - Implemented proper lzReceive() callback for auto-delivery - Added peer verification for source endpoints - Fee estimation via quoteFee() function - Automatic fee validation and refund mechanism - Executor routing by daoId - setDelegate() for endpoint delegation New Features: - setPeer(srcEid, peer): configure trusted source peers - setExecutor(daoId, executor, adapterId): map DAOs to executors - quoteFee(): estimate cross-chain message costs - lzReceive(): verified callback from LayerZero endpoint - Native fee forwarding with automatic refunds Interface Updates: - ITransportAdapter.sendMessage() now payable - ILayerZeroEndpointV2 expanded with quote() and setDelegate() - Origin struct for lzReceive params Bridge Flow Updates: - SourceBridgeAdapter.sendCommand() now payable - Fee forwarding from treasury → source → transport - MockTransportAdapter updated for testing Security: - Only endpoint can call lzReceive() - Peer verification prevents unauthorized sources - Fee validation prevents underpayment - Excess fees automatically refunded Breaking Changes: - Manual relayMessage() removed (use lzReceive) - sendMessage() requires msg.value for fees Tests: All bridge tests passing (GovernanceBridgeFlowTest: 1/1) Resolves PRODUCTION_READINESS.md #2 (LayerZero Adapter Completion)
Completed tasks marked: - #1 Storage Layout Verification ✅ - #2 LayerZero Adapter Completion ✅ - #4 Governance Safety Mechanisms ✅ - #6 Safe Module Verification ✅ Overall: 38% complete (5/13 tasks) - CRITICAL: 50% (2/4) - HIGH: 75% (3/4) Session stats: - 4 commits - +1,414 lines / -52 lines - 31 new tests (all passing) - Storage verified safe - Bridge fully functional
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
No description provided.