npm - @ballkidz/defifa - Versions diffs - 0.0.28 → 0.0.30 - Mend

@ballkidz/defifa 0.0.28 → 0.0.30

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (16) hide show

package/ARCHITECTURE.md +2 -2
package/CHANGELOG.md +2 -2
package/CRYPTO_ECON.md +4 -4
package/README.md +3 -3
package/RISKS.md +1 -1
package/SKILLS.md +1 -1
package/STYLE_GUIDE.md +2 -50
package/package.json +2 -2
package/src/DefifaDeployer.sol +78 -61
package/src/DefifaGovernor.sol +74 -63
package/src/DefifaHook.sol +127 -183
package/src/DefifaProjectOwner.sol +4 -2
package/src/DefifaTokenUriResolver.sol +28 -16
package/src/interfaces/IDefifaDeployer.sol +0 -16
package/src/interfaces/IDefifaHook.sol +0 -4
package/src/libraries/DefifaHookLib.sol +261 -151

package/ARCHITECTURE.md CHANGED Viewed

@@ -115,7 +115,7 @@ The hook's completion math is intentionally phase-sensitive:
 - fulfillment and ratification coupling:
   `test/regression/FulfillmentBlocksRatification.t.sol`
 - pending reserve effects on completion fairness:
-  `test/audit/PendingReserveSnapshotBypass.t.sol`
+  `test/regression/PendingReserveSnapshotBypass.t.sol`
 ## Source Map
@@ -128,4 +128,4 @@ The hook's completion math is intentionally phase-sensitive:
 - `test/DefifaHookRegressions.t.sol`
 - `test/DefifaFeeAccounting.t.sol`
 - `test/regression/FulfillmentBlocksRatification.t.sol`
-- `test/audit/PendingReserveSnapshotBypass.t.sol`
+- `test/regression/PendingReserveSnapshotBypass.t.sol`

package/CHANGELOG.md CHANGED Viewed

@@ -17,10 +17,10 @@ This file instead describes the current v6 repo at a high level and the broad mi
 ## Summary
 - The repo is now built directly on the v6 Juicebox stack, including the v6 core and 721-hook packages.
-- The v6 surface is split across dedicated deployer, hook, governor, project-owner, and token-uri contracts, with dedicated regression and audit test coverage around governance, fee accounting, attestations, and lifecycle edge cases.
+- The v6 surface is split across dedicated deployer, hook, governor, project-owner, and token-uri contracts, with dedicated regression and review test coverage around governance, fee accounting, attestations, and lifecycle edge cases.
 - Solidity and tooling were upgraded to the v6 baseline around `0.8.28`.
-## Local audit remediations
+## Local review remediations
 - Reserve-minted NFTs are now excluded from refund calculations during MINT, REFUND, and NO_CONTEST phases. A public `isReserveMint` mapping tracks which tokens were created via tier reserve frequency rather than paid for. `beforeCashOutRecordedWith` subtracts their tier price from `cumulativeMintPrice`, preventing reserve beneficiaries from withdrawing funds they never contributed.

package/CRYPTO_ECON.md CHANGED Viewed

@@ -777,11 +777,11 @@ Defifa includes a comprehensive safety system — the **NO_CONTEST** mechanism
 #### 9.1.1 Trigger 1: Minimum Participation Threshold
-**Mechanism.** At game creation, the organizer sets `minParticipation` — a minimum treasury balance required for the game to proceed to scoring. The `currentGamePhaseOf()` function checks the treasury balance against this threshold before returning SCORING. If the balance is below the threshold, it returns NO_CONTEST.
+**Mechanism.** At game creation, the organizer sets `minParticipation` — a minimum token supply required for the game to proceed to scoring. The `currentGamePhaseOf()` function checks the total token supply (via `CONTROLLER.TOKENS().totalSupplyOf(gameId)`) against this threshold before returning SCORING. If the supply is below the threshold, it returns NO_CONTEST.
 **What it solves.** Ghost games with negligible participation skip directly to refundability without requiring any governance action. A 32-team World Cup game with `minParticipation = 1 ETH` won't enter scoring if only 50 people mint (0.5 ETH pot).
-**Attack surface.** An adversary who wants to force no-contest can refund enough tokens during the refund phase to push the balance below the threshold. Mitigation: set the threshold conservatively low relative to expected participation (e.g., 10% of the maximum expected pot).
+**Attack surface.** An adversary who wants to force no-contest can cash out enough tokens during the refund phase to push the supply below the threshold. Note that direct balance top-ups (via `addToBalanceOf`) cannot inflate participation since the check uses token supply, not treasury balance. Mitigation: set the threshold conservatively low relative to expected participation.
 **Configuration.** Set to 0 to disable. The threshold is set at launch before any minting occurs, so calibration depends on organizer judgment.
@@ -820,7 +820,7 @@ The phase resolution follows strict priority:
 2. **Explicit trigger is sticky.** Once `noContestTriggeredFor[gameId]` is set, the game stays in NO_CONTEST permanently (cannot transition to SCORING even if conditions change).
-3. **Both thresholds are checked independently.** A game can enter NO_CONTEST from either `minParticipation` (balance too low) or `scorecardTimeout` (time elapsed) — whichever condition is met first.
+3. **Both thresholds are checked independently.** A game can enter NO_CONTEST from either `minParticipation` (token supply too low) or `scorecardTimeout` (time elapsed) — whichever condition is met first.
 #### 9.1.5 The Default Attestation Delegate
@@ -1187,4 +1187,4 @@ Defifa implements a rigorous approach to prediction gaming through the compositi
 The elegance of Defifa resides in its architectural composability: prediction games with arbitrary outcomes, arbitrary tier structures, and arbitrary payout distributions emerge from the same set of twelve parameters (Eq. 1), executed deterministically by immutable smart contracts with a single, time-bounded governance input. From a 4-team presidential election to a 32-team World Cup, the same protocol handles it all — and the safety mechanisms ensure that every game resolves, one way or another.
-The most significant finding is the Uniform Participation Theorem: **a game with uniform tier supply is provably impervious to profitable governance attacks regardless of attacker capital.** This transforms game design from an art into an engineering discipline — the designer's job is to choose events and tier structures that naturally produce uniform participation, and the cryptoeconomics handle the rest.
+The most significant result is the Uniform Participation Theorem: **a game with uniform tier supply is provably impervious to profitable governance attacks regardless of attacker capital.** This transforms game design from an art into an engineering discipline — the designer's job is to choose events and tier structures that naturally produce uniform participation, and the cryptoeconomics handle the rest.

package/README.md CHANGED Viewed

@@ -117,7 +117,7 @@ src/
   libraries/
   structs/
 test/
-  governance, fee-accounting, no-contest, adversarial, regression, fork, and audit coverage
+  governance, fee-accounting, no-contest, adversarial, regression, fork, and review coverage
 script/
   Deploy.s.sol
   helpers/
@@ -141,8 +141,8 @@ references/
 - [`test/DefifaFeeAccounting.t.sol`](./test/DefifaFeeAccounting.t.sol)
 - [`test/DefifaNoContest.t.sol`](./test/DefifaNoContest.t.sol)
 - [`test/DefifaAdversarialQuorum.t.sol`](./test/DefifaAdversarialQuorum.t.sol)
-- [`test/audit/PendingReserveDilution.t.sol`](./test/audit/PendingReserveDilution.t.sol)
-- [`test/audit/AttestationDoubleCount.t.sol`](./test/audit/AttestationDoubleCount.t.sol)
+- [`test/regression/PendingReserveDilution.t.sol`](./test/regression/PendingReserveDilution.t.sol)
+- [`test/regression/AttestationDoubleCount.t.sol`](./test/regression/AttestationDoubleCount.t.sol)
 - [`test/regression/GracePeriodBypass.t.sol`](./test/regression/GracePeriodBypass.t.sol)
 ## Deployment Notes

package/RISKS.md CHANGED Viewed

@@ -6,7 +6,7 @@ This file focuses on the game-theoretic, governance, and settlement risks in Def
 - Read `Priority risks` first.
 - Use the detailed sections below to reason about governor power, live supply assumptions, and downstream hook dependencies.
-- Treat `Accepted Behaviors` and `Invariants to Verify` as explicit boundaries for audit scope.
+- Treat `Accepted Behaviors` and `Invariants to Verify` as explicit boundaries for review scope.
 ## Priority risks

package/SKILLS.md CHANGED Viewed

@@ -43,4 +43,4 @@ Defifa is an onchain prediction game system built on Juicebox. This repo package
 - Defifa-specific cash-out weights and governance thresholds sit on top of `nana-721-hook-v6` and `nana-core-v6`.
 - When a task mentions NFT rendering or metadata, confirm whether it belongs in [`src/DefifaTokenUriResolver.sol`](./src/DefifaTokenUriResolver.sol).
 - If you edit phase transitions, check lifecycle, governance, and fee-accounting tests together.
-- If ratification, attestation, or quorum behavior changes, re-read the audit and regression tests before trusting a clean happy-path result.
+- If ratification, attestation, or quorum behavior changes, re-read the review and regression tests before trusting a clean happy-path result.

package/STYLE_GUIDE.md CHANGED Viewed

@@ -451,57 +451,9 @@ jobs:
         run: forge fmt --check
 ```
-**slither.yml** (repos with `src/` contracts only):
-```yaml
-name: slither
-on:
-    pull_request:
-      branches:
-        - main
-    push:
-      branches:
-        - main
-jobs:
-  analyze:
-    runs-on: ubuntu-latest
-    steps:
-      - uses: actions/checkout@v4
-        with:
-          submodules: recursive
-      - uses: actions/setup-node@v4
-        with:
-          node-version: 25.9.0
-      - name: Install npm dependencies
-        run: npm install --omit=dev
-      - name: Install Foundry
-        uses: foundry-rs/foundry-toolchain@v1
-      - name: Prebuild contracts
-        run: forge build --deny notes --build-info --skip "*/test/**" --skip "*/script/**"
-      - name: Run slither
-        uses: crytic/slither-action@v0.4.1
-        with:
-            slither-config: slither-ci.config.json
-            fail-on: medium
-            ignore-compile: true
-```
-**slither-ci.config.json:**
-```json
-{
-  "detectors_to_exclude": "timestamp,uninitialized-local,naming-convention,solc-version,shadowing-local",
-  "exclude_informational": true,
-  "exclude_low": false,
-  "exclude_medium": false,
-  "exclude_high": false,
-  "disable_color": false,
-  "filter_paths": "(mocks/|test/|node_modules/|lib/)",
-  "legacy_ast": false
-}
-```
+**Static review workflow** (repos with `src/` contracts only):
-**Variations:**
-- Deployer-only repos (no `src/`, only `script/`) skip slither entirely — the action's internal `forge build` skips `test/` and `script/` by default, leaving nothing to compile.
-- Use inline `// slither-disable-next-line <detector>` to suppress known false positives rather than adding to `detectors_to_exclude` in the config. The comment must be on the line immediately before the flagged expression.
+Keep repo-local static review automation current with the package's runtime surface. At minimum, CI should run formatting, linting, and build checks with `--deny notes`. Repos that only contain deployment scripts can rely on the shared formatting and lint jobs unless they add runtime contracts.
 ### package.json

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "@ballkidz/defifa",
-  "version": "0.0.28",
+  "version": "0.0.30",
   "license": "MIT",
   "engines": {
     "node": "25.9.0"
@@ -33,7 +33,7 @@
   "dependencies": {
     "@bananapus/721-hook-v6": "0.0.43",
     "@bananapus/address-registry-v6": "0.0.25",
-    "@bananapus/core-v6": "0.0.39",
+    "@bananapus/core-v6": "0.0.44",
     "@bananapus/permission-ids-v6": "0.0.22",
     "@openzeppelin/contracts": "5.6.1",
     "@prb/math": "4.1.1",

package/src/DefifaDeployer.sol CHANGED Viewed

@@ -54,18 +54,14 @@ contract DefifaDeployer is IDefifaDeployer, IDefifaGamePhaseReporter, IDefifaGam
     // --------------------------- custom errors ------------------------- //
     //*********************************************************************//
-    error DefifaDeployer_CantFulfillYet();
-    error DefifaDeployer_GameOver();
-    error DefifaDeployer_InvalidFeePercent();
-    error DefifaDeployer_InvalidGameConfiguration();
-    error DefifaDeployer_IncorrectDecimalAmount();
-    error DefifaDeployer_InvalidCurrency();
-    error DefifaDeployer_NotNoContest();
-    error DefifaDeployer_NoContestAlreadyTriggered();
-    error DefifaDeployer_TerminalNotFound();
-    error DefifaDeployer_PhaseAlreadyQueued();
-    error DefifaDeployer_SplitsDontAddUp();
-    error DefifaDeployer_UnexpectedTerminalCurrency();
+    error DefifaDeployer_CantFulfillYet(uint256 gameId);
+    error DefifaDeployer_InvalidGameConfiguration(
+        uint256 start, uint256 mintPeriodDuration, uint256 refundPeriodDuration, uint256 tierCount
+    );
+    error DefifaDeployer_InvalidCurrency(address token, uint256 currency);
+    error DefifaDeployer_NotNoContest(uint256 gameId, DefifaGamePhase phase);
+    error DefifaDeployer_NoContestAlreadyTriggered(uint256 gameId);
+    error DefifaDeployer_SplitsDontAddUp(uint256 totalPercent, uint256 maxPercent);
     //*********************************************************************//
     // ----------------------- internal properties ----------------------- //
@@ -182,7 +178,6 @@ contract DefifaDeployer is IDefifaDeployer, IDefifaGamePhaseReporter, IDefifaGam
         // Get the game's current funding cycle along with its metadata.
         JBRuleset memory currentRuleset = CONTROLLER.RULESETS().currentOf(gameId);
         // Get the game's queued funding cycle along with its metadata.
-        // slither-disable-next-line unused-return
         (JBRuleset memory queuedRuleset,) = CONTROLLER.RULESETS().latestQueuedOf(gameId);
         // If the configurations are the same and the game hasn't ended, queueing is still needed.
@@ -254,13 +249,12 @@ contract DefifaDeployer is IDefifaDeployer, IDefifaGamePhaseReporter, IDefifaGam
         // Get the game's ops data for the safety mechanism checks. Cache to avoid repeated SLOAD.
         DefifaOpsData memory ops = _opsOf[gameId];
-        // Check minimum participation threshold: if the treasury balance is below the threshold, the game is
-        // NO_CONTEST.
+        // Check minimum participation threshold using token supply (not terminal balance).
+        // Token supply reflects actual minted participation — direct `addToBalanceOf` top-ups
+        // don't mint tokens and therefore can't bypass this check.
         if (ops.minParticipation > 0) {
-            IJBTerminal terminal = CONTROLLER.DIRECTORY().primaryTerminalOf({projectId: gameId, token: ops.token});
-            uint256 balance = IJBMultiTerminal(address(terminal)).STORE()
-                .balanceOf({terminal: address(terminal), projectId: gameId, token: ops.token});
-            if (balance < ops.minParticipation) return DefifaGamePhase.NO_CONTEST;
+            uint256 totalTokenSupply = CONTROLLER.TOKENS().totalSupplyOf(gameId);
+            if (totalTokenSupply < ops.minParticipation) return DefifaGamePhase.NO_CONTEST;
         }
         // Check scorecard ratification timeout: if enough time has passed without a ratified scorecard, the game is
@@ -295,7 +289,6 @@ contract DefifaDeployer is IDefifaDeployer, IDefifaGamePhaseReporter, IDefifaGam
         uint256 _baseProtocolProjectId,
         IJB721TiersHookStore _hookStore
     ) {
-        // slither-disable-next-line missing-zero-check
         HOOK_CODE_ORIGIN = _hookCodeOrigin;
         TOKEN_URI_RESOLVER = _tokenUriResolver;
         GOVERNOR = _governor;
@@ -314,19 +307,17 @@ contract DefifaDeployer is IDefifaDeployer, IDefifaGamePhaseReporter, IDefifaGam
     /// @notice Fulfill split amounts between all splits for a game.
     /// @param gameId The ID of the game to fulfill splits for.
-    // slither-disable-next-line reentrancy-benign,reentrancy-no-eth
     function fulfillCommitmentsOf(uint256 gameId) external virtual override {
         // Make sure commitments haven't already been fulfilled.
         if (commitmentsFulfilledFor[gameId]) return;
         commitmentsFulfilledFor[gameId] = true;
         // Get the game's current funding cycle along with its metadata.
-        // slither-disable-next-line unused-return
         (, JBRulesetMetadata memory metadata) = CONTROLLER.currentRulesetOf(gameId);
         // Make sure the game's commitments can be fulfilled.
         if (!IDefifaHook(metadata.dataHook).cashOutWeightIsSet()) {
-            revert DefifaDeployer_CantFulfillYet();
+            revert DefifaDeployer_CantFulfillYet({gameId: gameId});
         }
         // Get the game token and the terminal.
@@ -338,10 +329,8 @@ contract DefifaDeployer is IDefifaDeployer, IDefifaGamePhaseReporter, IDefifaGam
         uint256 pot = terminal.STORE().balanceOf({terminal: address(terminal), projectId: gameId, token: token});
         // If the pot is empty, queue the final ruleset without attempting payouts.
-        // slither-disable-next-line incorrect-equality
         if (pot == 0) {
             _queueFinalRuleset({gameId: gameId, metadata: metadata});
-            // slither-disable-next-line reentrancy-events
             emit FulfilledCommitments({gameId: gameId, pot: 0, caller: msg.sender});
             return;
         }
@@ -357,7 +346,6 @@ contract DefifaDeployer is IDefifaDeployer, IDefifaGamePhaseReporter, IDefifaGam
         // Use the ruleset's baseCurrency — this matches the currency under which payout limits were stored
         // at launch time, regardless of whether the token is native ETH or an ERC-20.
         // Wrapped in try-catch so the final ruleset is always queued even if payout fails.
-        // slither-disable-next-line unused-return,reentrancy-no-eth
         try terminal.sendPayoutsOf({
             projectId: gameId, token: token, amount: feeAmount, currency: metadata.baseCurrency, minTokensPaidOut: 0
         }) {}
@@ -365,21 +353,18 @@ contract DefifaDeployer is IDefifaDeployer, IDefifaGamePhaseReporter, IDefifaGam
             // Payout failed — fee stays in pot. Reset to 0 so currentGamePotOf
             // doesn't double-count the fee.
             fulfilledCommitmentsOf[gameId] = 0;
-            // slither-disable-next-line reentrancy-events
             emit CommitmentPayoutFailed({gameId: gameId, amount: feeAmount, reason: reason});
         }
         // Queue the final ruleset and emit.
         _queueFinalRuleset({gameId: gameId, metadata: metadata});
-        // slither-disable-next-line reentrancy-events
         emit FulfilledCommitments({gameId: gameId, pot: pot, caller: msg.sender});
     }
     /// @notice Launches a new game owned by this contract with a DefifaHook attached.
     /// @param launchProjectData Data necessary to fulfill the transaction to launch a game.
     /// @return gameId The ID of the newly configured game.
-    // slither-disable-next-line reentrancy-benign,reentrancy-no-eth
     function launchGameWith(DefifaLaunchProjectData memory launchProjectData)
         external
         override
@@ -392,7 +377,14 @@ contract DefifaDeployer is IDefifaDeployer, IDefifaGamePhaseReporter, IDefifaGam
         if (launchProjectData.start == 0) {
             uint256 start =
                 currentTimestamp + launchProjectData.mintPeriodDuration + launchProjectData.refundPeriodDuration;
-            if (start > type(uint48).max) revert DefifaDeployer_InvalidGameConfiguration();
+            if (start > type(uint48).max) {
+                revert DefifaDeployer_InvalidGameConfiguration({
+                    start: start,
+                    mintPeriodDuration: launchProjectData.mintPeriodDuration,
+                    refundPeriodDuration: launchProjectData.refundPeriodDuration,
+                    tierCount: launchProjectData.tiers.length
+                });
+            }
             // Casting to uint48 is safe because `start` was bounded above.
             // forge-lint: disable-next-line(unsafe-typecast)
@@ -400,7 +392,6 @@ contract DefifaDeployer is IDefifaDeployer, IDefifaGamePhaseReporter, IDefifaGam
         }
         // If callers provide a future start with no mint duration, derive a mint window that begins now and ends
         // before the refund window. This preserves the requested start while keeping minting immediately available.
-        // slither-disable-next-line incorrect-equality
         else if (
             launchProjectData.mintPeriodDuration == 0
                 && launchProjectData.start > currentTimestamp + launchProjectData.refundPeriodDuration
@@ -411,29 +402,56 @@ contract DefifaDeployer is IDefifaDeployer, IDefifaGamePhaseReporter, IDefifaGam
         // Make sure the provided gameplay timestamps are sequential and that there is a mint duration.
         if (
-            // slither-disable-next-line incorrect-equality
             launchProjectData.mintPeriodDuration == 0
                 || launchProjectData.start
                     < currentTimestamp + launchProjectData.refundPeriodDuration + launchProjectData.mintPeriodDuration
-        ) revert DefifaDeployer_InvalidGameConfiguration();
+        ) {
+            revert DefifaDeployer_InvalidGameConfiguration({
+                start: launchProjectData.start,
+                mintPeriodDuration: launchProjectData.mintPeriodDuration,
+                refundPeriodDuration: launchProjectData.refundPeriodDuration,
+                tierCount: launchProjectData.tiers.length
+            });
+        }
         // The hook and governor hardcode uint256[128] tier-weight tables, so reject games with more than 128 tiers.
-        if (launchProjectData.tiers.length > 128) revert DefifaDeployer_InvalidGameConfiguration();
+        if (launchProjectData.tiers.length > 128) {
+            revert DefifaDeployer_InvalidGameConfiguration({
+                start: launchProjectData.start,
+                mintPeriodDuration: launchProjectData.mintPeriodDuration,
+                refundPeriodDuration: launchProjectData.refundPeriodDuration,
+                tierCount: launchProjectData.tiers.length
+            });
+        }
         // Reject ERC-20 games with a zero currency. A zero baseCurrency would cause payout limit lookups
         // in fulfillCommitmentsOf to silently fail, skipping all commitment payouts.
-        // slither-disable-next-line incorrect-equality
         if (launchProjectData.token.token != JBConstants.NATIVE_TOKEN && launchProjectData.token.currency == 0) {
-            revert DefifaDeployer_InvalidCurrency();
+            revert DefifaDeployer_InvalidCurrency({
+                token: launchProjectData.token.token, currency: launchProjectData.token.currency
+            });
         }
-        // If a scorecard timeout is set, it must exceed the grace period + timelock duration.
+        // If a scorecard timeout is set, it must exceed the full ratification window:
+        // attestation delay (time from scoring start to attestation start) + grace period + timelock.
         // Otherwise the game would enter NO_CONTEST before a scorecard could ever reach SUCCEEDED.
-        if (
-            launchProjectData.scorecardTimeout > 0
-                && launchProjectData.scorecardTimeout
-                    <= launchProjectData.attestationGracePeriod + launchProjectData.timelockDuration
-        ) revert DefifaDeployer_InvalidGameConfiguration();
+        if (launchProjectData.scorecardTimeout > 0) {
+            // Attestation delay: how long after scoring starts before attestations can begin.
+            uint256 attestationDelay = launchProjectData.attestationStartTime > launchProjectData.start
+                ? launchProjectData.attestationStartTime - launchProjectData.start
+                : 0;
+            if (
+                launchProjectData.scorecardTimeout
+                    <= attestationDelay + launchProjectData.attestationGracePeriod + launchProjectData.timelockDuration
+            ) {
+                revert DefifaDeployer_InvalidGameConfiguration({
+                    start: launchProjectData.start,
+                    mintPeriodDuration: launchProjectData.mintPeriodDuration,
+                    refundPeriodDuration: launchProjectData.refundPeriodDuration,
+                    tierCount: launchProjectData.tiers.length
+                });
+            }
+        }
         // Reserve the game ID up front so permissionless project creations cannot invalidate hook deployment.
         gameId = CONTROLLER.PROJECTS().createFor(address(this));
@@ -537,7 +555,6 @@ contract DefifaDeployer is IDefifaDeployer, IDefifaGamePhaseReporter, IDefifaGam
         }
         // Increment the nonce for this deployment.
-        // slither-disable-next-line reentrancy-benign
         uint256 currentNonce = ++_nonce;
         // Clone deterministically using sender and nonce to prevent front-running.
@@ -596,8 +613,9 @@ contract DefifaDeployer is IDefifaDeployer, IDefifaGamePhaseReporter, IDefifaGam
             bytecode: _cloneCreationCodeFor(address(HOOK_CODE_ORIGIN))
         });
-        // slither-disable-next-line reentrancy-events
-        emit LaunchGame(gameId, hook, GOVERNOR, uriResolver, msg.sender);
+        emit LaunchGame({
+            gameId: gameId, hook: hook, governor: GOVERNOR, tokenUriResolver: uriResolver, caller: msg.sender
+        });
     }
     /// @notice Allows this contract to receive 721s.
@@ -612,12 +630,13 @@ contract DefifaDeployer is IDefifaDeployer, IDefifaGamePhaseReporter, IDefifaGam
     /// @param gameId The ID of the game to trigger no-contest for.
     function triggerNoContestFor(uint256 gameId) external override {
         // Make sure the game is currently in NO_CONTEST phase.
-        if (currentGamePhaseOf(gameId) != DefifaGamePhase.NO_CONTEST) {
-            revert DefifaDeployer_NotNoContest();
+        DefifaGamePhase phase = currentGamePhaseOf(gameId);
+        if (phase != DefifaGamePhase.NO_CONTEST) {
+            revert DefifaDeployer_NotNoContest({gameId: gameId, phase: phase});
         }
         // Make sure no-contest hasn't already been triggered.
-        if (noContestTriggeredFor[gameId]) revert DefifaDeployer_NoContestAlreadyTriggered();
+        if (noContestTriggeredFor[gameId]) revert DefifaDeployer_NoContestAlreadyTriggered({gameId: gameId});
         // Mark as triggered.
         // Note: the queued ruleset does not take effect until the current ruleset's cycle ends (or immediately
@@ -627,7 +646,6 @@ contract DefifaDeployer is IDefifaDeployer, IDefifaGamePhaseReporter, IDefifaGam
         noContestTriggeredFor[gameId] = true;
         // Get the game's current ruleset metadata for the data hook address.
-        // slither-disable-next-line unused-return
         (, JBRulesetMetadata memory metadata) = CONTROLLER.currentRulesetOf(gameId);
         // Queue a new ruleset without payout limits so surplus = balance, enabling refunds.
@@ -653,7 +671,7 @@ contract DefifaDeployer is IDefifaDeployer, IDefifaGamePhaseReporter, IDefifaGam
                 allowAddPriceFeed: false,
                 ownerMustSendPayouts: true,
                 holdFees: false,
-                useTotalSurplusForCashOuts: false,
+                scopeCashOutsToLocalBalances: true,
                 useDataHookForPay: true,
                 useDataHookForCashOut: true,
                 dataHook: metadata.dataHook,
@@ -668,13 +686,11 @@ contract DefifaDeployer is IDefifaDeployer, IDefifaGamePhaseReporter, IDefifaGam
         });
         // Queue the no-contest refund ruleset.
-        // slither-disable-next-line unused-return
         CONTROLLER.queueRulesetsOf({
             projectId: gameId, rulesetConfigurations: rulesetConfigs, memo: "Defifa game: no contest."
         });
-        // slither-disable-next-line reentrancy-events
-        emit QueuedNoContest(gameId, msg.sender);
+        emit QueuedNoContest({gameId: gameId, caller: msg.sender});
     }
     //*********************************************************************//
@@ -706,10 +722,13 @@ contract DefifaDeployer is IDefifaDeployer, IDefifaGamePhaseReporter, IDefifaGam
         }
         // Validate that total fee splits don't exceed 100%.
-        if (totalAbsolutePercent > JBConstants.SPLITS_TOTAL_PERCENT) revert DefifaDeployer_SplitsDontAddUp();
+        if (totalAbsolutePercent > JBConstants.SPLITS_TOTAL_PERCENT) {
+            revert DefifaDeployer_SplitsDontAddUp({
+                totalPercent: totalAbsolutePercent, maxPercent: JBConstants.SPLITS_TOTAL_PERCENT
+            });
+        }
         // Store the total absolute percent for use in fulfillCommitmentsOf.
-        // slither-disable-next-line reentrancy-benign
         _commitmentPercentOf[gameId] = totalAbsolutePercent;
         // Build the splits array: user splits + Defifa + NANA (NANA last to absorb rounding).
@@ -815,7 +834,7 @@ contract DefifaDeployer is IDefifaDeployer, IDefifaGamePhaseReporter, IDefifaGam
                 allowAddPriceFeed: false,
                 ownerMustSendPayouts: false,
                 holdFees: false,
-                useTotalSurplusForCashOuts: false,
+                scopeCashOutsToLocalBalances: true,
                 useDataHookForPay: true,
                 useDataHookForCashOut: true,
                 dataHook: dataHook,
@@ -858,7 +877,7 @@ contract DefifaDeployer is IDefifaDeployer, IDefifaGamePhaseReporter, IDefifaGam
                     allowAddPriceFeed: false,
                     ownerMustSendPayouts: false,
                     holdFees: false,
-                    useTotalSurplusForCashOuts: false,
+                    scopeCashOutsToLocalBalances: true,
                     useDataHookForPay: true,
                     useDataHookForCashOut: true,
                     dataHook: dataHook,
@@ -918,7 +937,7 @@ contract DefifaDeployer is IDefifaDeployer, IDefifaGamePhaseReporter, IDefifaGam
                 // Set this to true so only the deployer can fulfill the commitments.
                 ownerMustSendPayouts: true,
                 holdFees: false,
-                useTotalSurplusForCashOuts: false,
+                scopeCashOutsToLocalBalances: true,
                 useDataHookForPay: true,
                 useDataHookForCashOut: true,
                 dataHook: dataHook,
@@ -938,7 +957,6 @@ contract DefifaDeployer is IDefifaDeployer, IDefifaGamePhaseReporter, IDefifaGam
         });
         // Launch the rulesets for the reserved project and set the project URI in the same controller call.
-        // slither-disable-next-line unused-return
         CONTROLLER.launchRulesetsFor({
             projectId: gameId,
             projectUri: launchProjectData.projectUri,
@@ -974,7 +992,7 @@ contract DefifaDeployer is IDefifaDeployer, IDefifaGamePhaseReporter, IDefifaGam
                 allowAddPriceFeed: false,
                 ownerMustSendPayouts: false,
                 holdFees: false,
-                useTotalSurplusForCashOuts: false,
+                scopeCashOutsToLocalBalances: true,
                 useDataHookForPay: true,
                 useDataHookForCashOut: true,
                 dataHook: metadata.dataHook,
@@ -989,7 +1007,6 @@ contract DefifaDeployer is IDefifaDeployer, IDefifaGamePhaseReporter, IDefifaGam
             fundAccessLimitGroups: new JBFundAccessLimitGroup[](0)
         });
-        // slither-disable-next-line unused-return
         CONTROLLER.queueRulesetsOf({
             projectId: gameId, rulesetConfigurations: rulesetConfigs, memo: "Defifa game has finished."
         });