npm - @bananapus/721-hook-v6 - Versions diffs - 0.0.37 → 0.0.38 - Mend

@bananapus/721-hook-v6 0.0.37 → 0.0.38

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (5) hide show

package/ADMINISTRATION.md +12 -0
package/CHANGELOG.md +4 -0
package/package.json +1 -1
package/src/JB721TiersHookProjectDeployer.sol +3 -3
package/test/audit/CodexNemesisProjectDeployerAuth.t.sol +273 -0

package/ADMINISTRATION.md CHANGED Viewed

@@ -36,6 +36,18 @@
 - `setMetadata(...)`
 - deployer setup and hook ownership transfer paths
+## Deployer Permission Model
+`JB721TiersHookProjectDeployer` requires callers to hold the correct Juicebox permission for each operation:
+| Function | Required Permissions |
+| --- | --- |
+| `launchProjectFor(...)` | None (creates a new project) |
+| `launchRulesetsFor(...)` | `LAUNCH_RULESETS` + `SET_TERMINALS` |
+| `queueRulesetsOf(...)` | `QUEUE_RULESETS` |
+Permissions are checked against the project owner via `_requirePermissionFrom`. The deployer calls the controller on the caller's behalf, so the controller sees the deployer as `msg.sender`.
 ## Immutable And One-Way
 - many tier properties are immutable once created

package/CHANGELOG.md CHANGED Viewed

@@ -20,6 +20,10 @@ This file describes the verified change from `nana-721-hook-v5` to the current `
 - The repo now carries a dedicated helper library to keep the hook surface manageable and to support the larger v6 feature set.
 - The repo was upgraded from the v5 Solidity baseline to `0.8.28`.
+## Local audit remediations
+- `JB721TiersHookProjectDeployer.launchRulesetsFor` now checks `LAUNCH_RULESETS` instead of `QUEUE_RULESETS`. The previous check was semantically wrong — launching active rulesets should require the launch permission, not the queue permission.
 ## Verified deltas
 - `IJB721TiersHook.pricingContext()` changed from a three-value return to `(currency, decimals)`.

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "@bananapus/721-hook-v6",
-  "version": "0.0.37",
+  "version": "0.0.38",
   "license": "MIT",
   "repository": {
     "type": "git",

package/src/JB721TiersHookProjectDeployer.sol CHANGED Viewed

@@ -24,7 +24,7 @@ import {JBQueueRulesetsConfig} from "./structs/JBQueueRulesetsConfig.sol";
 /// @title JB721TiersHookProjectDeployer
 /// @notice Deploys a project and a 721 tiers hook for it. Can be used to queue rulesets for the project if given
-/// `JBPermissionIds.QUEUE_RULESETS`.
+/// `JBPermissionIds.QUEUE_RULESETS` or `JBPermissionIds.LAUNCH_RULESETS`.
 contract JB721TiersHookProjectDeployer is ERC2771Context, JBPermissioned, IJB721TiersHookProjectDeployer {
     //*********************************************************************//
     // --------------- public immutable stored properties ---------------- //
@@ -102,7 +102,7 @@ contract JB721TiersHookProjectDeployer is ERC2771Context, JBPermissioned, IJB721
     }
     /// @notice Launches rulesets for a project with an attached 721 tiers hook.
-    /// @dev Only a project's owner or an operator with the `QUEUE_RULESETS & SET_TERMINALS` permission can launch its
+    /// @dev Only a project's owner or an operator with the `LAUNCH_RULESETS & SET_TERMINALS` permission can launch its
     /// rulesets.
     /// @param projectId The ID of the project that rulesets are being launched for.
     /// @param deployTiersHookConfig Configuration which dictates the behavior of the 721 tiers hook which is being
@@ -128,7 +128,7 @@ contract JB721TiersHookProjectDeployer is ERC2771Context, JBPermissioned, IJB721
         // Enforce permissions.
         _requirePermissionFrom({
-            account: PROJECTS.ownerOf(projectId), projectId: projectId, permissionId: JBPermissionIds.QUEUE_RULESETS
+            account: PROJECTS.ownerOf(projectId), projectId: projectId, permissionId: JBPermissionIds.LAUNCH_RULESETS
         });
         _requirePermissionFrom({

package/test/audit/CodexNemesisProjectDeployerAuth.t.sol ADDED Viewed

@@ -0,0 +1,273 @@
+// SPDX-License-Identifier: MIT
+pragma solidity 0.8.28;
+import "../utils/UnitTestSetup.sol";
+import {JB721TiersHookProjectDeployer} from "../../src/JB721TiersHookProjectDeployer.sol";
+import {JBDeploy721TiersHookConfig} from "../../src/structs/JBDeploy721TiersHookConfig.sol";
+import {JBLaunchRulesetsConfig} from "../../src/structs/JBLaunchRulesetsConfig.sol";
+import {JBQueueRulesetsConfig} from "../../src/structs/JBQueueRulesetsConfig.sol";
+import {JBPayDataHookRulesetConfig} from "../../src/structs/JBPayDataHookRulesetConfig.sol";
+import {JBPayDataHookRulesetMetadata} from "../../src/structs/JBPayDataHookRulesetMetadata.sol";
+import {JB721TierConfigFlags} from "../../src/structs/JB721TierConfigFlags.sol";
+import {JB721InitTiersConfig} from "../../src/structs/JB721InitTiersConfig.sol";
+import {JB721TiersHookFlags} from "../../src/structs/JB721TiersHookFlags.sol";
+import {IJB721TiersHook} from "../../src/interfaces/IJB721TiersHook.sol";
+import {IJBDirectory} from "@bananapus/core-v6/src/interfaces/IJBDirectory.sol";
+import {IJBPermissions} from "@bananapus/core-v6/src/interfaces/IJBPermissions.sol";
+import {IJBController} from "@bananapus/core-v6/src/interfaces/IJBController.sol";
+import {IJBRulesetApprovalHook} from "@bananapus/core-v6/src/interfaces/IJBRulesetApprovalHook.sol";
+import {IJBTerminal} from "@bananapus/core-v6/src/interfaces/IJBTerminal.sol";
+import {JBPermissionIds} from "@bananapus/permission-ids-v6/src/JBPermissionIds.sol";
+import {JBConstants} from "@bananapus/core-v6/src/libraries/JBConstants.sol";
+import {JBAccountingContext} from "@bananapus/core-v6/src/structs/JBAccountingContext.sol";
+import {JBTerminalConfig} from "@bananapus/core-v6/src/structs/JBTerminalConfig.sol";
+import {JBSplit} from "@bananapus/core-v6/src/structs/JBSplit.sol";
+contract MockProjectsForNemesis {
+    uint256 internal _count;
+    address internal _owner;
+    function setup(uint256 count_, address owner_) external {
+        _count = count_;
+        _owner = owner_;
+    }
+    function count() external view returns (uint256) {
+        return _count;
+    }
+    function ownerOf(uint256) external view returns (address) {
+        return _owner;
+    }
+    fallback() external {}
+}
+contract StrictControllerForNemesis {
+    address internal immutable EXPECTED_CALLER;
+    error UnexpectedCaller(address caller);
+    constructor(address expectedCaller) {
+        EXPECTED_CALLER = expectedCaller;
+    }
+    fallback() external payable {
+        if (msg.sender != EXPECTED_CALLER) revert UnexpectedCaller(msg.sender);
+        bytes memory result = abi.encode(uint256(42));
+        assembly {
+            return(add(result, 32), mload(result))
+        }
+    }
+}
+contract Test_CodexNemesisProjectDeployerAuth is UnitTestSetup {
+    JB721TiersHookProjectDeployer internal projectDeployer;
+    address internal operator = address(0xBEEF);
+    uint256 internal testProjectId = 5;
+    function setUp() public override {
+        super.setUp();
+        MockProjectsForNemesis projects = new MockProjectsForNemesis();
+        vm.etch(mockJBProjects, address(projects).code);
+        MockProjectsForNemesis(mockJBProjects).setup(testProjectId, owner);
+        vm.mockCall(mockJBDirectory, abi.encodeWithSelector(IJBDirectory.PROJECTS.selector), abi.encode(mockJBProjects));
+        projectDeployer = new JB721TiersHookProjectDeployer(
+            IJBDirectory(mockJBDirectory), IJBPermissions(mockJBPermissions), jbHookDeployer, address(0)
+        );
+    }
+    function test_launchRulesetsFor_revertsBecauseControllerSeesProjectDeployerAsCaller() external {
+        (JBDeploy721TiersHookConfig memory hookConfig, JBLaunchRulesetsConfig memory launchConfig) =
+            _launchConfig(testProjectId);
+        StrictControllerForNemesis controller = new StrictControllerForNemesis(owner);
+        vm.prank(owner);
+        vm.expectRevert(
+            abi.encodeWithSelector(StrictControllerForNemesis.UnexpectedCaller.selector, address(projectDeployer))
+        );
+        projectDeployer.launchRulesetsFor(
+            testProjectId, hookConfig, launchConfig, IJBController(address(controller)), bytes32(0)
+        );
+    }
+    function test_queueRulesetsOf_revertsBecauseControllerSeesProjectDeployerAsCaller() external {
+        (JBDeploy721TiersHookConfig memory hookConfig, JBQueueRulesetsConfig memory queueConfig) =
+            _queueConfig(testProjectId);
+        StrictControllerForNemesis controller = new StrictControllerForNemesis(owner);
+        vm.prank(owner);
+        vm.expectRevert(
+            abi.encodeWithSelector(StrictControllerForNemesis.UnexpectedCaller.selector, address(projectDeployer))
+        );
+        projectDeployer.queueRulesetsOf(
+            testProjectId, hookConfig, queueConfig, IJBController(address(controller)), bytes32(0)
+        );
+    }
+    function test_launchRulesetsFor_checksLaunchPermission() external {
+        (JBDeploy721TiersHookConfig memory hookConfig, JBLaunchRulesetsConfig memory launchConfig) =
+            _launchConfig(testProjectId);
+        address account = owner;
+        StrictControllerForNemesis controller = new StrictControllerForNemesis(owner);
+        // Grant LAUNCH_RULESETS and SET_TERMINALS, deny QUEUE_RULESETS.
+        vm.mockCall(
+            mockJBPermissions,
+            abi.encodeWithSelector(
+                IJBPermissions.hasPermission.selector,
+                operator,
+                account,
+                testProjectId,
+                JBPermissionIds.QUEUE_RULESETS,
+                true,
+                true
+            ),
+            abi.encode(false)
+        );
+        vm.mockCall(
+            mockJBPermissions,
+            abi.encodeWithSelector(
+                IJBPermissions.hasPermission.selector,
+                operator,
+                account,
+                testProjectId,
+                JBPermissionIds.LAUNCH_RULESETS,
+                true,
+                true
+            ),
+            abi.encode(true)
+        );
+        vm.mockCall(
+            mockJBPermissions,
+            abi.encodeWithSelector(
+                IJBPermissions.hasPermission.selector,
+                operator,
+                account,
+                testProjectId,
+                JBPermissionIds.SET_TERMINALS,
+                true,
+                true
+            ),
+            abi.encode(true)
+        );
+        // The permission check passes with LAUNCH_RULESETS. The call proceeds to the controller, which reverts
+        // because it sees the deployer contract as the caller rather than the original operator.
+        vm.prank(operator);
+        vm.expectRevert(
+            abi.encodeWithSelector(StrictControllerForNemesis.UnexpectedCaller.selector, address(projectDeployer))
+        );
+        projectDeployer.launchRulesetsFor(
+            testProjectId, hookConfig, launchConfig, IJBController(address(controller)), bytes32(0)
+        );
+    }
+    function _launchConfig(uint256 projectId_)
+        internal
+        view
+        returns (JBDeploy721TiersHookConfig memory hookConfig, JBLaunchRulesetsConfig memory launchConfig)
+    {
+        JB721TierConfig[] memory tierConfigs = new JB721TierConfig[](1);
+        tierConfigs[0] = JB721TierConfig({
+            price: uint104(10),
+            initialSupply: uint32(100),
+            votingUnits: uint16(0),
+            reserveFrequency: uint16(0),
+            reserveBeneficiary: reserveBeneficiary,
+            encodedIPFSUri: tokenUris[0],
+            category: uint24(1),
+            discountPercent: uint8(0),
+            flags: JB721TierConfigFlags({
+                allowOwnerMint: false,
+                useReserveBeneficiaryAsDefault: false,
+                transfersPausable: false,
+                useVotingUnits: false,
+                cantBeRemoved: false,
+                cantIncreaseDiscountPercent: false,
+                cantBuyWithCredits: false
+            }),
+            splitPercent: 0,
+            splits: new JBSplit[](0)
+        });
+        hookConfig = JBDeploy721TiersHookConfig({
+            name: name,
+            symbol: symbol,
+            baseUri: baseUri,
+            tokenUriResolver: IJB721TokenUriResolver(address(0)),
+            contractUri: contractUri,
+            tiersConfig: JB721InitTiersConfig({
+                tiers: tierConfigs, currency: uint32(uint160(JBConstants.NATIVE_TOKEN)), decimals: 18
+            }),
+            flags: JB721TiersHookFlags({
+                preventOverspending: false,
+                issueTokensForSplits: false,
+                noNewTiersWithReserves: true,
+                noNewTiersWithVotes: false,
+                noNewTiersWithOwnerMinting: true
+            })
+        });
+        JBPayDataHookRulesetConfig[] memory rulesetConfigs = new JBPayDataHookRulesetConfig[](1);
+        rulesetConfigs[0].mustStartAtOrAfter = 0;
+        rulesetConfigs[0].duration = 14;
+        rulesetConfigs[0].weight = 1e18;
+        rulesetConfigs[0].weightCutPercent = 0;
+        rulesetConfigs[0].approvalHook = IJBRulesetApprovalHook(address(0));
+        rulesetConfigs[0].metadata = JBPayDataHookRulesetMetadata({
+            reservedPercent: 5000,
+            cashOutTaxRate: 5000,
+            baseCurrency: uint32(uint160(JBConstants.NATIVE_TOKEN)),
+            pausePay: false,
+            pauseCreditTransfers: false,
+            allowOwnerMinting: false,
+            allowSetCustomToken: false,
+            allowTerminalMigration: false,
+            allowSetTerminals: false,
+            allowSetController: false,
+            ownerMustSendPayouts: false,
+            allowAddAccountingContext: false,
+            allowAddPriceFeed: false,
+            holdFees: false,
+            useTotalSurplusForCashOuts: false,
+            useDataHookForCashOut: false,
+            metadata: 0x00
+        });
+        JBAccountingContext[] memory accountingContexts = new JBAccountingContext[](1);
+        accountingContexts[0] = JBAccountingContext({
+            currency: uint32(uint160(JBConstants.NATIVE_TOKEN)), decimals: 18, token: JBConstants.NATIVE_TOKEN
+        });
+        JBTerminalConfig[] memory terminalConfigs = new JBTerminalConfig[](1);
+        terminalConfigs[0] = JBTerminalConfig({
+            terminal: IJBTerminal(mockTerminalAddress), accountingContextsToAccept: accountingContexts
+        });
+        launchConfig = JBLaunchRulesetsConfig({
+            projectId: uint56(projectId_),
+            rulesetConfigurations: rulesetConfigs,
+            terminalConfigurations: terminalConfigs,
+            memo: "launch"
+        });
+    }
+    function _queueConfig(uint256 projectId_)
+        internal
+        view
+        returns (JBDeploy721TiersHookConfig memory hookConfig, JBQueueRulesetsConfig memory queueConfig)
+    {
+        JBLaunchRulesetsConfig memory launchConfig;
+        (hookConfig, launchConfig) = _launchConfig(projectId_);
+        queueConfig = JBQueueRulesetsConfig({
+            projectId: uint56(projectId_), rulesetConfigurations: launchConfig.rulesetConfigurations, memo: "queue"
+        });
+    }
+}