Feat: fast bridge refunds

[ChiTimesChi]

Description
A clear and concise description of the features you're adding in this pull request.

Additional context
Add any other context about the problem you're solving.

Metadata

• Fixes #[Link to Issue]

Summary by CodeRabbit

• New Features
  • Enhanced role-based access control in contracts for improved security and flexibility.
  • Introduced REFUNDER_ROLE and generic role management functions in the Admin contract.
  • Updated FastBridge with a REFUND_DELAY parameter and revamped access control for key functions.
• Refactor
  • Consolidated role modifiers into a single onlyRole modifier for better code maintenance.
  • Improved the method of adding relayers in deployment scripts using role-based access control.
• Tests
  • Added new tests for refund functionality and role management.
  • Updated existing tests to align with role management and bridge transaction logic changes.
• Chores
  • Enhanced configuration settings in foundry.toml for consistent development practices.

[coderabbitai]

Walkthrough

The updates across the contracts-rfq package reflect a shift towards a more role-based access control system, enhancing security and flexibility. Key changes include the introduction of a REFUNDER_ROLE, the replacement of specific role modifiers with a generic onlyRole modifier, and significant adjustments to the FastBridge contract to modify refund eligibility and streamline role management. Additionally, configuration adjustments and testing enhancements support these functional improvements.

Changes

Files	Summary
.../Admin.sol, .../FastBridge.sol, .../interfaces/IAdmin.sol	Introduced REFUNDER_ROLE, replaced specific role modifiers with onlyRole, updated function modifiers, implemented role-based access control, and removed specific role-related events and functions.
.../foundry.toml	Added block_timestamp and evm_version settings.
.../script/FastBridge.s.sol, .../test/FastBridge.t.sol, .../script/ConfigureFastBridge.s.sol	Modified role management methods, replaced direct additions with grantRole, updated logic and tests for role management and permissions, enhanced refund-related testing, introduced a contract for configuring FastBridge, and created scripts for deployment and configuration.
.../package.json, .../remappings.txt	Added a new package to dependencies, updated dev dependencies, and added remappings for new package paths.
.../test/UniversalTokenLib.t.sol, .../test/FastBridgeMock.sol	Updated test functions for readability and code organization.
.../devops.json, .../configs/global/FastBridge.json	Introduced deployment configurations and account settings for different environments.
.../script/fb-config.sh, .../script/fb-deploy.sh	Added bash scripts for configuring and deploying contracts based on network settings.
.../.env.example, .../.gitignore	Provided a template for environment configurations and updated the .gitignore file.

🐰✨
In the realm of code, under digital skies,
A change was made, wise and bold.
With roles refined, and access controlled,
The contracts dance, their security high.
🌟📜🔐
Here's to the changes, in bytes and bits,
Crafted by minds, where innovation sits.

Thank you for using CodeRabbit. We offer it for free to the OSS community and would appreciate your support in helping us grow. If you find it useful, would you consider giving us a shout-out on your favorite social media?

Share

• X
• Mastodon
• Reddit
• LinkedIn

---

Tips

Chat

There are 3 ways to chat with CodeRabbit:

• Review comments: Directly reply to a review comment made by CodeRabbit. Example:
  • I pushed a fix in commit <commit_id>.
  • Generate unit-tests for this file.
  • Open a follow-up GitHub issue for this discussion.
• Files and specific lines of code (under the "Files changed" tab): Tag @coderabbitai in a new review comment at the desired location with your query. Examples:
  • @coderabbitai generate unit tests for this file.
  • @coderabbitai modularize this function.
• PR comments: Tag @coderabbitai in a new PR comment to ask questions about the PR branch. For the best results, please provide a very specific query, as very limited context is provided in this mode. Examples:
  • @coderabbitai generate interesting stats about this repository and render them as a table.
  • @coderabbitai show all the console.log statements in this repository.
  • @coderabbitai read src/utils.ts and generate unit tests.
  • @coderabbitai read the files in the src/scheduler package and generate a class diagram using mermaid and a README in the markdown format.

Note: Be mindful of the bot's finite context window. It's strongly recommended to break down tasks such as reading entire modules into smaller chunks. For a focused discussion, use review comments to chat about specific files and their changes, instead of using the PR comments.

CodeRabbit Commands (invoked as PR comments)

• @coderabbitai pause to pause the reviews on a PR.
• @coderabbitai resume to resume the paused reviews.
• @coderabbitai review to trigger a review. This is useful when automatic reviews are disabled for the repository.
• @coderabbitai resolve resolve all the CodeRabbit review comments.
• @coderabbitai help to get help.

Additionally, you can add @coderabbitai ignore anywhere in the PR description to prevent this PR from being reviewed.

CodeRabbit Configration File (.coderabbit.yaml)

• You can programmatically configure CodeRabbit by adding a .coderabbit.yaml file to the root of your repository.
• The JSON schema for the configuration file is available here.
• If your editor has YAML language server enabled, you can add the path at the top of this file to enable auto-completion and validation: # yaml-language-server: $schema=https://coderabbit.ai/integrations/coderabbit-overrides.v2.json

CodeRabbit Discord Community

Join our Discord Community to get help, request features, and share feedback.

[codecov]

Codecov Report

Attention: Patch coverage is 4.10959% with 70 lines in your changes are missing coverage. Please review.

Project coverage is 47.89034%. Comparing base (7626735) to head (cb1fe6f).
Report is 41 commits behind head on master.

Files	Patch %	Lines
...ges/contracts-rfq/script/ConfigureFastBridge.s.sol	0.00000%	48 Missing ⚠️
...ontracts-rfq/script/DeployFastBridge.CREATE2.s.sol	0.00000%	21 Missing ⚠️
packages/contracts-rfq/script/FastBridge.s.sol	0.00000%	1 Missing ⚠️

Additional details and impacted files

@@                 Coverage Diff                 @@
##              master       #2219         +/-   ##
===================================================
+ Coverage   47.84420%   47.89034%   +0.04614%     
===================================================
  Files            360         366          +6     
  Lines          26881       27066        +185     
  Branches          83         132         +49     
===================================================
+ Hits           12861       12962        +101     
- Misses         12680       12763         +83     
- Partials        1340        1341          +1     

Flag	Coverage Δ
packages	90.62500% <ø> (+0.09766%)	⬆️
solidity	54.05405% <4.10959%> (?)

Flags with carried forward coverage won't be shown. Click here to find out more.

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

[coderabbitai]

Review Status

Actionable comments generated: 0

Configuration used: .coderabbit.yaml

Commits

Files that changed from the base of the PR and between 307cda0 and e51647a.

Files selected for processing (6)

• packages/contracts-rfq/contracts/Admin.sol (3 hunks)
• packages/contracts-rfq/contracts/FastBridge.sol (6 hunks)
• packages/contracts-rfq/contracts/interfaces/IAdmin.sol (1 hunks)
• packages/contracts-rfq/foundry.toml (1 hunks)
• packages/contracts-rfq/script/FastBridge.s.sol (1 hunks)
• packages/contracts-rfq/test/FastBridge.t.sol (37 hunks)

Additional comments: 20

packages/contracts-rfq/foundry.toml (1)

• 4-6: The addition of block_timestamp and evm_version settings in the foundry.toml file is a positive change, enhancing the testing environment by specifying a fixed block timestamp and EVM version for contract testing. This ensures consistency and predictability in test outcomes, which is crucial for contract development and testing.

packages/contracts-rfq/contracts/interfaces/IAdmin.sol (1)

• 4-16: > 📝 NOTE

This review was outside the diff hunks and was mapped to the diff hunk with the greatest overlap. Original lines [1-14]

The modifications in IAdmin.sol, focusing on simplifying the interface by removing outdated events and functions related to relayers, guards, and governors, are well-aligned with the PR objectives. This change streamlines the interface, focusing on fee rate updates, fee sweeping, and chain gas amount updates, which are more critical to the contract's operation.

packages/contracts-rfq/script/FastBridge.s.sol (1)

• 20-20: The modification to use grantRole for adding relayers in the DeployFastBridge script aligns with the PR's objective of refining role-based access control. This approach enhances flexibility and control over role assignments, ensuring that role management is more adaptable and easier to maintain.

packages/contracts-rfq/contracts/Admin.sol (2)

• 13-13: The introduction of the REFUNDER_ROLE constant in the Admin contract is a key update that aligns with the PR's objective of enhancing role-based access control, specifically for processing refunds. This addition is crucial for delineating permissions in a more structured manner.
• 33-33: Replacing specific role modifiers with the generic onlyRole modifier in functions such as setProtocolFeeRate, sweepProtocolFees, and setChainGasAmount is a significant improvement. This change streamlines the enforcement of role-based access control, enhancing security and flexibility by allowing for more granular control over permissions.

Also applies to: 40-40, 49-49

packages/contracts-rfq/contracts/FastBridge.sol (2)

• 19-20: Replacing PROVE_PERIOD with REFUND_DELAY in the FastBridge contract is a significant update that aligns with the PR's objective of refining the refund mechanism. This change adjusts the eligibility criteria for refunds, aiming to improve the contract's functionality and security around the refund process.
• 127-127: Implementing role-based access control for critical functions such as relay, prove, claim, dispute, and refund in the FastBridge contract is a key enhancement. This approach ensures that only authorized roles can execute these functions, significantly improving the contract's security and operational integrity. The logic changes in the prove and refund functions for deadline checks are also well-implemented, further enhancing the contract's efficiency and security.

Also applies to: 172-172, 203-203, 228-228, 244-250

packages/contracts-rfq/test/FastBridge.t.sol (13)

• 14-14: Importing IAccessControl from OpenZeppelin is a good practice for role management. Ensure that the OpenZeppelin contracts version is compatible with the Solidity compiler version (^0.8.13) used in this project.
• 19-19: The TX_DEADLINE constant is introduced to manage the deadline for transactions. It's crucial to ensure that this value is appropriately chosen based on the expected transaction finality time and network conditions.
• 27-27: Adding a refunder address for testing the refund mechanism is a good practice. Ensure that this address is used consistently in tests related to refunds.
• 63-63: The use of TX_DEADLINE for calculating deadlines in various bridge transaction tests is consistent and aligns with the changes mentioned in the PR objectives. This ensures that the tests reflect the updated contract logic.

Also applies to: 102-102, 141-141, 180-180, 458-458, 497-497, 558-558, 620-620, 681-681, 730-730, 781-781, 813-813, 838-838, 863-863, 888-888, 913-913

• 206-208: The expectUnauthorized function is a useful addition for testing role-based access control. It simplifies the process of expecting revert messages for unauthorized access attempts.
• 212-215: Granting roles using the grantRole function in the setUpRoles method aligns with the PR objectives to streamline role management. Ensure that all necessary roles are granted for the tests to run correctly.
• 232-232: Replacing specific role management functions with grantRole and revokeRole in tests is consistent with the PR objectives. This change enhances flexibility and control over role assignments and revocations.

Also applies to: 240-242, 250-250, 259-261, 268-268, 276-278, 286-286, 295-297, 304-304, 311-313, 320-320, 328-330, 334-337, 341-345, 349-353, 357-362

• 1299-1299: Using the expectUnauthorized utility function to test role-based access control in the test_failedRelayNotRelayer function demonstrates good testing practices and consistency.
• 1388-1404: > 📝 NOTE

This review was outside the diff hunks and was mapped to the diff hunk with the greatest overlap. Original lines [1375-1401]

Renaming test_failedProveTimeExceeded to test_proveWithHugeDelay and adjusting its logic to test the prove function with a significant delay is a meaningful update. It's important to ensure that the test accurately reflects the contract's behavior under such conditions.

• 1773-1773: The expectUnauthorized function is effectively used again in test_failedDisputeNotGuard to test access control for the dispute function, showcasing consistent testing methodology.
• 1786-1786: The introduction of refund-related tests, including permissionless refunds after a certain delay, aligns with the PR objectives to implement a refined refund mechanism. Ensure that these tests cover all scenarios, including edge cases, to fully validate the refund logic.

Also applies to: 1819-1819, 1847-1847, 1881-1881, 1908-1908, 1934-1934, 1953-1953, 1960-1960, 1987-1987, 2009-2009

• 1943-1947: The test_failedRefundNotEnoughTime function correctly tests the refund mechanism's timing constraints. It's crucial to ensure that the timing logic in the contract aligns with these tests to prevent premature refunds.
• 1983-1984: The test_successfulRefundNotRefunder function demonstrates the flexibility of the refund mechanism, allowing permissionless refunds after a specific period. This test is essential for verifying that the contract behaves as expected in permissionless refund scenarios.

[coderabbitai]

Review Status

Actionable comments generated: 0

Configuration used: .coderabbit.yaml

Commits

Files that changed from the base of the PR and between e51647a and 31cd042.

Files selected for processing (1)

• packages/contracts-rfq/contracts/Admin.sol (3 hunks)

Files skipped from review as they are similar to previous changes (1)

• packages/contracts-rfq/contracts/Admin.sol

[cloudflare-workers-and-pages]

Deploying with    Cloudflare Pages

Latest commit:	cb1fe6f
Status:	✅  Deploy successful!
Preview URL:	https://f56ef281.sanguine-fe.pages.dev
Branch Preview URL:	https://feat-fast-bridge-refunds.sanguine-fe.pages.dev

View logs

[coderabbitai]

Review Status

Actionable comments generated: 0

Configuration used: .coderabbit.yaml

Commits

Files that changed from the base of the PR and between 31cd042 and cb1fe6f.

Files selected for processing (15)

• package.json (1 hunks)
• packages/contracts-rfq/.env.example (1 hunks)
• packages/contracts-rfq/.gitignore (1 hunks)
• packages/contracts-rfq/configs/global/FastBridge.json (1 hunks)
• packages/contracts-rfq/devops.json (1 hunks)
• packages/contracts-rfq/foundry.toml (1 hunks)
• packages/contracts-rfq/package.json (1 hunks)
• packages/contracts-rfq/remappings.txt (1 hunks)
• packages/contracts-rfq/script/ConfigureFastBridge.s.sol (1 hunks)
• packages/contracts-rfq/script/DeployFastBridge.CREATE2.s.sol (1 hunks)
• packages/contracts-rfq/script/fb-config.sh (1 hunks)
• packages/contracts-rfq/script/fb-deploy.sh (1 hunks)
• packages/contracts-rfq/test/FastBridge.t.sol (52 hunks)
• packages/contracts-rfq/test/FastBridgeMock.sol (1 hunks)
• packages/contracts-rfq/test/UniversalTokenLib.t.sol (8 hunks)

Files skipped from review due to trivial changes (3)

• packages/contracts-rfq/devops.json
• packages/contracts-rfq/package.json
• packages/contracts-rfq/test/FastBridgeMock.sol

Files skipped from review as they are similar to previous changes (1)

• packages/contracts-rfq/foundry.toml

Additional comments: 20

packages/contracts-rfq/configs/global/FastBridge.json (1)

• 1-10: The configuration file FastBridge.json correctly defines the new roles and settings as outlined in the PR objectives. It's important to ensure that these configurations are correctly utilized in the contract implementations and tests.

packages/contracts-rfq/remappings.txt (1)

• 2-4: The added package path mappings for @synapsecns/solidity-devops, forge-std, and ds-test are correctly formatted and align with the PR objectives to enhance the development and testing environment. Ensure that these dependencies are properly utilized in the contracts and scripts.

packages/contracts-rfq/script/fb-config.sh (1)

• 1-15: The fb-config.sh script is well-structured and follows good practices for bash scripting, including proper usage of variables and conditional checks. Ensure that the ConfigureFastBridge.s.sol script referenced is correctly implemented to handle these configurations.

packages/contracts-rfq/script/fb-deploy.sh (1)

• 1-15: The fb-deploy.sh script follows the same structure and best practices as the fb-config.sh script. It's important to verify that the DeployFastBridge.CREATE2.s.sol script referenced correctly implements the deployment logic for the FastBridge contract.

packages/contracts-rfq/script/DeployFastBridge.CREATE2.s.sol (2)

• 17-24: Ensure that the deployAndSave function correctly deploys the FastBridge contract using CREATE2 and saves the deployment address. This is crucial for deterministic deployment and should be thoroughly tested.
• 26-31: The afterExecution function provides a good example of post-deployment checks. It's important to ensure that these checks (e.g., checkAdminCount and checkAdmin) are comprehensive and align with the contract's expected state after deployment.

packages/contracts-rfq/.env.example (1)

• 1-47: The .env.example file is comprehensive and provides clear instructions for configuring wallets and chains. It's crucial to remind users to never commit their .env file with sensitive information (e.g., private keys) to version control.

package.json (1)

• 15-15: Adding @synapsecns/solidity-devops to the nohoist section in package.json is appropriate for ensuring that this dependency is correctly managed in the workspace. This aligns with the PR's objective to enhance the development and testing environment.

packages/contracts-rfq/script/ConfigureFastBridge.s.sol (1)

• 16-23: The run function in ConfigureFastBridge.s.sol correctly implements the logic to configure the FastBridge contract based on the loaded configuration. Ensure that the role syncing functions (syncRole) correctly manage role assignments and revocations as intended.

packages/contracts-rfq/test/UniversalTokenLib.t.sol (1)

• 23-23: Using underscores in numeric literals (e.g., 12_345) for the amount variable improves readability and is a good practice. Ensure that all tests correctly validate the functionality they are intended to test.

packages/contracts-rfq/test/FastBridge.t.sol (10)

• 14-14: Importing IAccessControl from OpenZeppelin is a good practice for role management. Ensure that the version of OpenZeppelin contracts is compatible with the Solidity compiler version (^0.8.13) used in this project.
• 19-19: The TX_DEADLINE constant is introduced to define the deadline for bridge transactions. It's set to 60 minutes, which seems reasonable for most use cases. However, consider if this value should be configurable to adapt to different operational requirements or network conditions.
• 27-27: Adding a refunder address is aligned with the PR's objective to enhance role-based access control, specifically for processing refunds. Ensure that the refunder role is properly managed and secured, as it has critical permissions.
• 222-224: The expectUnauthorized function is a useful addition for testing unauthorized access scenarios. It leverages the vm.expectRevert function from Foundry to simulate and assert the expected revert behavior when unauthorized roles attempt to perform restricted actions.
• 228-235: Granting roles using fastBridge.grantRole for RELAYER_ROLE, GUARD_ROLE, GOVERNOR_ROLE, and REFUNDER_ROLE and verifying them with assertTrue is correctly implemented. This setup ensures that the roles are correctly assigned before running the tests. Good use of Foundry's vm.startPrank and vm.stopPrank to simulate transactions from specific addresses.
• 474-474: The use of TX_DEADLINE to calculate the deadline parameter for the bridge transaction is consistent with the introduction of the TX_DEADLINE constant. This ensures that the bridge transaction must be processed within the specified deadline, enhancing the security and predictability of bridge operations.
• 1404-1420: > 📝 NOTE

This review was outside the diff hunks and was mapped to the diff hunk with the greatest overlap. Original lines [1391-1417]

The test_proveWithHugeDelay function simulates a scenario where the relay proof is provided after a significant delay (30 days). This test is important for ensuring that the system behaves correctly even when proofs are delayed. However, it's crucial to ensure that the delay duration aligns with the intended dispute resolution and refund policies of the FastBridge contract.

• 1802-1804: The test_successfulRefund function correctly simulates the refund process by skipping time beyond the TX_DEADLINE and then calling the refund function. This test is crucial for ensuring that refunds are processed correctly when the conditions are met. It's important to ensure that the refund logic securely validates the conditions under which a refund is permissible.
• 1950-1967: The test_failedRefundNotEnoughTime function correctly tests the scenario where a refund attempt is made before the TX_DEADLINE has passed. This test ensures that the contract correctly enforces the deadline before allowing refunds. It's a good practice to cover such negative test cases to ensure robustness.
• 2009-2016: > 📝 NOTE

This review was outside the diff hunks and was mapped to the diff hunk with the greatest overlap. Original lines [2003-2013]

The test_failedRefundNotRefunderNotEnoughTime function tests the scenario where a non-refunder attempts a permissionless refund before the allowed period. This test is important for ensuring that the contract enforces both role-based and time-based restrictions on refunds. Consider clarifying in the test name or comments that this tests the permissionless refund mechanism's timing restrictions.