update docs & rfk scripts & add audit

firstbatchxyz · Dec 23, 2024 · f42aba5 · f42aba5
1 parent cfde01c
commit f42aba5
Show file tree

Hide file tree

Showing 22 changed files with 139 additions and 480 deletions.
diff --git a/.gitignore b/.gitignore
@@ -9,6 +9,7 @@ coverage/
 !/broadcast
 /broadcast/*/31337/
 /broadcast/*/84532/
+!/broadcast/*/84532/run-latest.json
 /broadcast/**/dry-run/
 
 # Forge files

diff --git a/.gitmodules b/.gitmodules
@@ -1,9 +1,6 @@
 [submodule "lib/forge-std"]
 	path = lib/forge-std
 	url = https://github.com/foundry-rs/forge-std
-[submodule "lib/openzeppelin-contracts"]
-	path = lib/openzeppelin-contracts
-	url = https://github.com/OpenZeppelin/openzeppelin-contracts
 [submodule "lib/openzeppelin-foundry-upgrades"]
 	path = lib/openzeppelin-foundry-upgrades
 	url = https://github.com/OpenZeppelin/openzeppelin-foundry-upgrades

diff --git a/.solhint.json b/.solhint.json
@@ -0,0 +1,6 @@
+{
+  "extends": "solhint:default",
+  "rules": {
+    "max-line-length": ["off", 120]
+  }
+}
diff --git a/.vscode/extensions.json b/.vscode/extensions.json
@@ -0,0 +1,3 @@
+{
+  "recommendations": ["JuanBlanco.solidity"]
+}
diff --git a/.vscode/settings.json b/.vscode/settings.json
@@ -2,5 +2,10 @@
   "solidity.packageDefaultDependenciesContractsDirectory": "src",
   "solidity.packageDefaultDependenciesDirectory": "lib",
   "editor.formatOnSave": true,
-  "solidity.formatter": "forge"
+  "[solidity]": {
+    "editor.defaultFormatter": "JuanBlanco.solidity"
+  },
+  "solidity.formatter": "forge",
+  "solidity.compileUsingRemoteVersion": "v0.8.26",
+  "solidity.defaultCompiler": "localFile"
 }
diff --git a/README.md b/README.md
@@ -23,8 +23,6 @@
     </a>
 </p>
 
-Swan is a decentralized protocol where AI agents dynamically interact with users who create artifacts inlined with agent's narratives.
-
 ## Installation
 
 First, make sure you have the requirements:
@@ -47,19 +45,14 @@ forge install
 Compile the contracts with:
 
 ```sh
-forge clean && forge build
+forge build
 ```
 
-### Upgradability
-
-We are using [openzeppelin-foundry-upgrades](https://github.com/OpenZeppelin/openzeppelin-foundry-upgrades) library. To make sure upgrades are **safe**, you must do one of the following (as per their [docs](https://github.com/OpenZeppelin/openzeppelin-foundry-upgrades?tab=readme-ov-file#before-running)) before you run `forge script` or `forge test`:
-
-- `forge clean` beforehand, e.g. `forge clean && forge test`
-- include `--force` option when running, e.g. `forge test --force`
-
 > [!NOTE]
 >
-> Note that for some users this may fail (see [issue](https://github.com/firstbatchxyz/dria-oracle-contracts/issues/16)) due to a missing NPM package called `@openzeppelin/upgrades-core`. To fix it, do:
+> We are using [openzeppelin-foundry-upgrades](https://github.com/OpenZeppelin/openzeppelin-foundry-upgrades) library, which [requires](https://github.com/OpenZeppelin/openzeppelin-foundry-upgrades?tab=readme-ov-file#before-running) clean-up per compilation to ensure upgrades are done safely. We use `force = true` option in `foundry.toml` for this, which may increase build times.
+>
+> Note that for some users this may fail (see [issue](https://github.com/firstbatchxyz/dria-oracle-contracts/issues/16)) due to a missing NPM package called `@openzeppelin/upgrades-core`. To fix it, you can install the package manually:
 >
 > ```sh
 > npm install @openzeppelin/upgrades-core@latest -g
@@ -117,7 +110,7 @@ You will use this endpoint for the commands that interact with the blockchain, s
 Deploy the contract with:
 
 ```sh
-forge clean && forge script ./script/Deploy.s.sol:Deploy<CONTRACT_NAME> \
+forge script ./script/Deploy.s.sol:Deploy<CONTRACT_NAME> \
 --rpc-url <RPC_URL> \
 --account <WALLET_NAME> \
 --broadcast
@@ -128,7 +121,7 @@ You can see deployed contract addresses under the `deployment/<chainid>.json`
 You can verify the contract during deployment by adding the verification arguments as well:
 
 ```sh
-forge clean && forge script ./script/Deploy.s.sol:Deploy<CONTRACT_NAME> \
+forge script ./script/Deploy.s.sol:Deploy<CONTRACT_NAME> \
 --rpc-url <RPC_URL> \
 --account <WALLET_NAME> \
 --broadcast \
@@ -157,57 +150,84 @@ Note that the `--verifier-url` value should be the target explorer's homepage UR
 >
 > The `--verifier` can accept any of the following: `etherscan`, `blockscout`, `sourcify`, `oklink`. We are using Blockscout most of the time.
 
+### Generate ABIs
+
+To interact with the contracts, you need the contract ABIs. We store the ABIs under the [`abis`](./abis/) folder, and these can be generated using the following script:
+
+```sh
+./export-abis.sh
+```
+
+### Upgrade Contract
+
+Upgrading an existing contract is done as per the instructions in [openzeppelin-foundry-upgrades](https://github.com/OpenZeppelin/openzeppelin-foundry-upgrades) repository.
+The `--sender <ADDRESS>` field is required when deploying a contract,
+
 ## Testing & Diagnostics
 
 Run tests on local network:
 
 ```sh
-forge clean && forge test
+forge test
 
 # or -vvv to show reverts in detail
-forge clean && forge test -vvv
+forge test -vvv
 ```
 
 or fork an existing chain and run the tests on it:
 
 ```sh
-forge clean && forge test --rpc-url <RPC_URL>
+forge test --rpc-url <RPC_URL>
 ```
 
 ### Code Coverage
 
 We have a script that generates the coverage information as an HTML page. This script requires [`lcov`](https://linux.die.net/man/1/lcov) and [`genhtml`](https://linux.die.net/man/1/genhtml) command line tools. To run, do:
 
 ```sh
-forge clean && ./coverage.sh
+./coverage.sh
 ```
 
 Alternatively, you can see a summarized text-only output as well:
 
 ```sh
-forge clean && forge coverage --no-match-coverage "(test|mock|script)"
+forge coverage --no-match-coverage "(test|mock|script)"
 ```
 
 ### Storage Layout
 
-Get storage layout with:
+You can print storage layouts for each contract using:
 
 ```sh
 ./storage.sh
 ```
 
-You can see storage layouts under the [`storage`](./storage/) directory.
+The resulting Markdown files will be created under the [`storage`](./storage/) directory.
 
 ### Gas Snapshot
 
-Take the gas snapshot with:
+You can examine the gas usage metrics using the command:
 
 ```sh
-forge clean && forge snapshot
+forge snapshot --snap ./test/.gas-snapshot
 ```
 
 You can see the snapshot `.gas-snapshot` file in the current directory.
 
+### Styling
+
+You can format the contracts with:
+
+```sh
+forge fmt ./src/**/*.sol ./script/**/*.sol
+```
+
+If you have solhint installed, you can lint all contracts with:
+
+```sh
+solhint 'contracts/**/*.sol'
+```
+
 ## Documentation
 
 We have auto-generated MDBook documentations under the [`docs`](./docs) folder, generated with the following command:
@@ -221,4 +241,4 @@ forge doc --serve
 
 ## License
 
-We are using Apache-2.0 license.
+We are using [Apache-2.0](./LICENSE) license.
diff --git a/abis/parseAbi.cjs b/abis/parseAbi.cjs
@@ -0,0 +1,24 @@
+const fs = require("fs");
+
+if (process.argv.length < 3) {
+  console.error("Please provide a filename as a parameter.");
+  process.exit(1);
+}
+
+const filename = process.argv[2];
+
+const data = fs.readFileSync(filename, "utf8");
+try {
+  const jsonData = JSON.parse(data);
+  const abi = jsonData.abi;
+  if (!abi) {
+    console.error("No `abi` field found in the JSON data.");
+    process.exit(1);
+  }
+
+  fs.writeFileSync(filename, JSON.stringify(abi, null, 2));
+  console.log("ABI extracted and written to", filename);
+} catch (parseErr) {
+  console.error(`Error parsing JSON: ${parseErr}`);
+  process.exit(1);
+}
diff --git a/abis/parseAbi.js b/abis/parseAbi.js
diff --git a/audits/CodeHawks-28-11-2024.pdf b/audits/CodeHawks-28-11-2024.pdf