@bananapus/721-hook-v6 0.0.40 → 0.0.42

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@bananapus/721-hook-v6",
-  "version": "0.0.40",
+  "version": "0.0.42",
   "license": "MIT",
   "repository": {
     "type": "git",

package/src/JB721TiersHook.sol

@@ -7,7 +7,6 @@ import {IJBPrices} from "@bananapus/core-v6/src/interfaces/IJBPrices.sol";
 import {IJBRulesetDataHook} from "@bananapus/core-v6/src/interfaces/IJBRulesetDataHook.sol";
 import {IJBRulesets} from "@bananapus/core-v6/src/interfaces/IJBRulesets.sol";
 import {IJBSplits} from "@bananapus/core-v6/src/interfaces/IJBSplits.sol";
-import {JBMetadataResolver} from "@bananapus/core-v6/src/libraries/JBMetadataResolver.sol";
 import {JBRulesetMetadataResolver} from "@bananapus/core-v6/src/libraries/JBRulesetMetadataResolver.sol";
 import {JBAfterPayRecordedContext} from "@bananapus/core-v6/src/structs/JBAfterPayRecordedContext.sol";
 import {JBBeforePayRecordedContext} from "@bananapus/core-v6/src/structs/JBBeforePayRecordedContext.sol";
@@ -24,7 +23,6 @@ import {IJB721CheckpointsDeployer} from "./interfaces/IJB721CheckpointsDeployer.
 import {IJB721TiersHook} from "./interfaces/IJB721TiersHook.sol";
 import {IJB721TiersHookStore} from "./interfaces/IJB721TiersHookStore.sol";
 import {IJB721TokenUriResolver} from "./interfaces/IJB721TokenUriResolver.sol";
-import {JB721Constants} from "./libraries/JB721Constants.sol";
 import {JB721TiersHookLib} from "./libraries/JB721TiersHookLib.sol";
 import {JB721TiersRulesetMetadataResolver} from "./libraries/JB721TiersRulesetMetadataResolver.sol";
 import {JB721InitTiersConfig} from "./structs/JB721InitTiersConfig.sol";
@@ -206,19 +204,21 @@ contract JB721TiersHook is JBOwnable, ERC2771Context, JB721Hook, IJB721TiersHook
         uint256 totalSplitAmount;
         bytes memory splitMetadata;
         address beneficiary;
-        (weight, totalSplitAmount, splitMetadata, beneficiary) = JB721TiersHookLib.computeSplitsAndWeight({
-            store: STORE,
-            metadataIdTarget: METADATA_ID_TARGET,
-            packedPricingContext: _packedPricingContext,
-            prices: PRICES,
-            context: context
-        });
+        uint256 splitCreditWeight;
+        (weight, totalSplitAmount, splitMetadata, beneficiary, splitCreditWeight) =
+            JB721TiersHookLib.computeSplitsAndWeight({
+                store: STORE,
+                metadataIdTarget: METADATA_ID_TARGET,
+                packedPricingContext: _packedPricingContext,
+                prices: PRICES,
+                context: context
+            });
 
         hookSpecifications[0] = JBPayHookSpecification({
             hook: this,
             noop: false,
             amount: totalSplitAmount,
-            metadata: abi.encode(beneficiary, context.payer, splitMetadata)
+            metadata: abi.encode(beneficiary, context.payer, splitMetadata, splitCreditWeight)
         });
     }
 

package/src/JB721TiersHookStore.sol

@@ -36,6 +36,7 @@ contract JB721TiersHookStore is IJB721TiersHookStore {
     error JB721TiersHookStore_InvalidQuantity(uint256 quantity, uint256 limit);
     error JB721TiersHookStore_ManualMintingNotAllowed(uint256 tierId);
     error JB721TiersHookStore_MaxTiersExceeded(uint256 numberOfTiers, uint256 limit);
+    error JB721TiersHookStore_MissingReserveBeneficiary(uint256 tierId);
     error JB721TiersHookStore_PriceExceedsAmount(uint256 price, uint256 leftoverAmount);
     error JB721TiersHookStore_ReserveFrequencyNotAllowed(uint256 tierId);
     error JB721TiersHookStore_SplitPercentExceedsBounds(uint256 percent, uint256 limit);
@@ -976,6 +977,15 @@ contract JB721TiersHookStore is IJB721TiersHookStore {
                 revert JB721TiersHookStore_DeadlockedReserve();
             }
 
+            // A tier with reserves must have a beneficiary — either tier-specific or a previously set default.
+            // Without one, minted reserves would be sent to address(0).
+            if (
+                tierToAdd.reserveFrequency > 0 && tierToAdd.reserveBeneficiary == address(0)
+                    && defaultReserveBeneficiaryOf[msg.sender] == address(0)
+            ) {
+                revert JB721TiersHookStore_MissingReserveBeneficiary(tierId);
+            }
+
             // Store the tier with that ID.
             _storedTierOf[msg.sender][tierId] = JBStored721Tier({
                 price: uint104(tierToAdd.price),
@@ -1219,7 +1229,7 @@ contract JB721TiersHookStore is IJB721TiersHookStore {
             if (storedTier.remainingSupply == 0) revert JB721TiersHookStore_InsufficientSupplyRemaining(tierId);
 
             // Mint the 721 — decrement remaining supply first so the reserve check below
-            // sees the post-mint state (this non-reserve mint may increase pending reserves).
+            // sees the correct post-mint non-reserve-mint count.
             unchecked {
                 // Keep a reference to its token ID.
                 tokenIds[i] = _generateTokenId({

package/src/interfaces/IJB721TiersHook.sol

@@ -7,7 +7,6 @@ import {IJBSplits} from "@bananapus/core-v6/src/interfaces/IJBSplits.sol";
 import {JBSplit} from "@bananapus/core-v6/src/structs/JBSplit.sol";
 
 import {IJB721Checkpoints} from "./IJB721Checkpoints.sol";
-import {IJB721CheckpointsDeployer} from "./IJB721CheckpointsDeployer.sol";
 import {IJB721Hook} from "./IJB721Hook.sol";
 import {IJB721TiersHookStore} from "./IJB721TiersHookStore.sol";
 import {IJB721TokenUriResolver} from "./IJB721TokenUriResolver.sol";

package/src/libraries/JB721TiersHookLib.sol

@@ -309,6 +309,8 @@ library JB721TiersHookLib {
     /// @return totalSplitAmount The total amount to forward for splits.
     /// @return splitMetadata Encoded per-tier breakdown (tierIds, amounts).
     /// @return beneficiary The resolved beneficiary address.
+    /// @return splitCreditWeight The weight attributable to tier splits when `issueTokensForSplits` is true.
+    /// Zero when splits are absent or `issueTokensForSplits` is false.
     function computeSplitsAndWeight(
         IJB721TiersHookStore store,
         address metadataIdTarget,
@@ -318,7 +320,13 @@ library JB721TiersHookLib {
     )
         external
         view
-        returns (uint256 weight, uint256 totalSplitAmount, bytes memory splitMetadata, address beneficiary)
+        returns (
+            uint256 weight,
+            uint256 totalSplitAmount,
+            bytes memory splitMetadata,
+            address beneficiary,
+            uint256 splitCreditWeight
+        )
     {
         // Calculate per-tier split amounts.
         (totalSplitAmount, splitMetadata) = _calculateSplitAmounts({
@@ -346,6 +354,13 @@ library JB721TiersHookLib {
             hook: address(this)
         });
 
+        // When issueTokensForSplits is true and there are splits, compute the weight portion
+        // attributable to tier splits. Downstream compositors (e.g. JBOmnichainDeployer) use this
+        // to preserve split credit when an extra hook (buyback) returns weight=0.
+        if (totalSplitAmount != 0 && context.amount.value != 0 && store.flagsOf(address(this)).issueTokensForSplits) {
+            splitCreditWeight = mulDiv(context.weight, totalSplitAmount, context.amount.value);
+        }
+
         // Resolve the effective beneficiary from payment metadata.
         beneficiary = context.beneficiary;
         {

package/test/TestVotingUnitsLifecycle.t.sol

@@ -275,15 +275,15 @@ contract TestVotingUnitsLifecycle is UnitTestSetup {
                 address(testHook),
                 2,
                 JBStored721Tier({
-                    price: uint104(20),
-                    remainingSupply: uint32(100),
-                    initialSupply: uint32(100),
-                    reserveFrequency: uint16(0),
-                    category: uint24(100),
-                    discountPercent: uint8(0),
-                    packedBools: testHook.test_store().ForTest_packBools(true, false, false, false, false, false),
-                    splitPercent: 0
-                })
+                price: uint104(20),
+                remainingSupply: uint32(100),
+                initialSupply: uint32(100),
+                reserveFrequency: uint16(0),
+                category: uint24(100),
+                discountPercent: uint8(0),
+                packedBools: testHook.test_store().ForTest_packBools(true, false, false, false, false, false),
+                splitPercent: 0
+            })
             );
         // Clear tier 2's custom voting units (so it falls back to price).
         testHook.test_store().ForTest_setTierVotingUnits(address(testHook), 2, 0);

package/test/audit/CodexNemesisReserveSellout.t.sol

@@ -0,0 +1,66 @@
+// SPDX-License-Identifier: MIT
+pragma solidity 0.8.28;
+
+import {Test} from "forge-std/Test.sol";
+import {JBSplit} from "@bananapus/core-v6/src/structs/JBSplit.sol";
+
+import {JB721TiersHookStore} from "../../src/JB721TiersHookStore.sol";
+import {JB721Tier} from "../../src/structs/JB721Tier.sol";
+import {JB721TierConfig} from "../../src/structs/JB721TierConfig.sol";
+import {JB721TierConfigFlags} from "../../src/structs/JB721TierConfigFlags.sol";
+
+contract CodexNemesisReserveSellout is Test {
+    JB721TiersHookStore internal store;
+
+    function setUp() public {
+        store = new JB721TiersHookStore();
+    }
+
+    /// @notice Verifies that a paid mint cannot consume the last slot when it is reserved.
+    /// @dev Previously this test demonstrated the bug (paid mint succeeded). Now it confirms the fix.
+    function test_paidMintCannotConsumeReservedFinalSlot() public {
+        JB721TierConfig[] memory tiers = new JB721TierConfig[](1);
+        tiers[0] = JB721TierConfig({
+            price: 1 ether,
+            initialSupply: 2,
+            votingUnits: 0,
+            reserveFrequency: 1,
+            reserveBeneficiary: address(0xBEEF),
+            encodedIPFSUri: bytes32(0),
+            category: 0,
+            discountPercent: 0,
+            flags: JB721TierConfigFlags({
+                allowOwnerMint: false,
+                useReserveBeneficiaryAsDefault: false,
+                transfersPausable: false,
+                useVotingUnits: false,
+                cantBeRemoved: false,
+                cantIncreaseDiscountPercent: false,
+                cantBuyWithCredits: false
+            }),
+            splitPercent: 0,
+            splits: new JBSplit[](0)
+        });
+
+        store.recordAddTiers(tiers);
+
+        uint16[] memory tierIds = new uint16[](1);
+        tierIds[0] = 1;
+
+        store.recordMint({amount: 1 ether, tierIds: tierIds, isOwnerMint: false});
+
+        JB721Tier memory tier = store.tierOf(address(this), 1, false);
+        assertEq(tier.remainingSupply, 1, "one paid mint leaves one slot");
+        assertEq(store.numberOfPendingReservesFor(address(this), 1), 1, "one reserve is pending");
+
+        // With the fix, the second paid mint reverts because the remaining slot is reserved.
+        vm.expectRevert(
+            abi.encodeWithSelector(JB721TiersHookStore.JB721TiersHookStore_InsufficientSupplyRemaining.selector, 1)
+        );
+        store.recordMint({amount: 1 ether, tierIds: tierIds, isOwnerMint: false});
+
+        // Reserve beneficiary can still claim their entitled mint.
+        store.recordMintReservesFor({tierId: 1, count: 1});
+        assertEq(store.numberOfReservesMintedFor(address(this), 1), 1, "reserve beneficiary got their token");
+    }
+}

package/test/audit/{CodexNemesisFreshAudit.t.sol → FreshAudit.t.sol}

@@ -4,6 +4,7 @@ pragma solidity 0.8.28;
 import {UnitTestSetup} from "../utils/UnitTestSetup.sol";
 import {ForTest_JB721TiersHook} from "../utils/ForTest_JB721TiersHook.sol";
 import {IJB721TiersHookStore} from "../../src/interfaces/IJB721TiersHookStore.sol";
+import {JB721TiersHookStore} from "../../src/JB721TiersHookStore.sol";
 import {JB721TierConfig} from "../../src/structs/JB721TierConfig.sol";
 import {JB721TierConfigFlags} from "../../src/structs/JB721TierConfigFlags.sol";
 import {JBBeforePayRecordedContext} from "@bananapus/core-v6/src/structs/JBBeforePayRecordedContext.sol";
@@ -16,7 +17,7 @@ import {IJBSplits} from "@bananapus/core-v6/src/interfaces/IJBSplits.sol";
 import {IJBDirectory} from "@bananapus/core-v6/src/interfaces/IJBDirectory.sol";
 import {JBConstants} from "@bananapus/core-v6/src/libraries/JBConstants.sol";
 
-contract CodexNemesisFreshAudit is UnitTestSetup {
+contract FreshAudit is UnitTestSetup {
     function _buildPayMetadata(
         address hookAddress,
         bool allowOverspending,
@@ -158,16 +159,10 @@ contract CodexNemesisFreshAudit is UnitTestSetup {
         assertEq(hookStore.totalCashOutWeight(address(testHook)), 1 ether, "full-price NFT still enters cash-out math");
     }
 
+    /// @notice Creating a tier with reserveFrequency > 0 and no beneficiary (tier-specific or default)
+    /// is now rejected at creation time, preventing the retroactive dilution bug.
     function test_new_default_reserve_beneficiary_retroactively_dilutes_existing_tiers() public {
         ForTest_JB721TiersHook testHook = _initializeForTestHook(0);
-        IJB721TiersHookStore hookStore = testHook.STORE();
-        address retroReserveBeneficiary = makeAddr("retroReserveBeneficiary");
-
-        vm.mockCall(
-            mockJBDirectory,
-            abi.encodeWithSelector(IJBDirectory.isTerminalOf.selector, projectId, mockTerminalAddress),
-            abi.encode(true)
-        );
 
         JB721TierConfig[] memory initialTier = new JB721TierConfig[](1);
         initialTier[0] = JB721TierConfig({
@@ -192,81 +187,11 @@ contract CodexNemesisFreshAudit is UnitTestSetup {
             splits: new JBSplit[](0)
         });
 
-        vm.prank(owner);
-        testHook.adjustTiers(initialTier, new uint256[](0));
-
-        uint16[] memory tierIds = new uint16[](2);
-        tierIds[0] = 1;
-        tierIds[1] = 1;
-
-        JBAfterPayRecordedContext memory initialMint = JBAfterPayRecordedContext({
-            payer: beneficiary,
-            projectId: projectId,
-            rulesetId: 0,
-            amount: _nativeAmount(2 ether),
-            forwardedAmount: _nativeAmount(0),
-            weight: 10e18,
-            newlyIssuedTokenCount: 0,
-            beneficiary: beneficiary,
-            hookMetadata: bytes(""),
-            payerMetadata: _buildPayMetadata(address(testHook), false, tierIds)
-        });
-
-        vm.prank(mockTerminalAddress);
-        testHook.afterPayRecordedWith(initialMint);
-
-        assertEq(
-            hookStore.numberOfPendingReservesFor(address(testHook), 1), 0, "no reserve obligation before default set"
+        // The new creation-time check prevents tiers with reserves but no beneficiary.
+        vm.expectRevert(
+            abi.encodeWithSelector(JB721TiersHookStore.JB721TiersHookStore_MissingReserveBeneficiary.selector, 1)
         );
-        assertEq(testHook.totalCashOutWeight(), 2 ether, "cash-out denominator initially matches sold NFTs");
-
-        JB721TierConfig[] memory activatingTier = new JB721TierConfig[](1);
-        activatingTier[0] = JB721TierConfig({
-            price: uint104(2 ether),
-            initialSupply: uint32(5),
-            votingUnits: 0,
-            reserveFrequency: uint16(1),
-            reserveBeneficiary: retroReserveBeneficiary,
-            encodedIPFSUri: bytes32(uint256(3)),
-            category: uint24(2),
-            discountPercent: 0,
-            flags: JB721TierConfigFlags({
-                allowOwnerMint: false,
-                useReserveBeneficiaryAsDefault: true,
-                transfersPausable: false,
-                useVotingUnits: false,
-                cantBeRemoved: false,
-                cantIncreaseDiscountPercent: false,
-                cantBuyWithCredits: false
-            }),
-            splitPercent: 0,
-            splits: new JBSplit[](0)
-        });
-
         vm.prank(owner);
-        testHook.adjustTiers(activatingTier, new uint256[](0));
-
-        assertEq(
-            hookStore.defaultReserveBeneficiaryOf(address(testHook)),
-            retroReserveBeneficiary,
-            "new tier overwrites the hook-wide default reserve beneficiary"
-        );
-        assertEq(
-            hookStore.numberOfPendingReservesFor(address(testHook), 1),
-            1,
-            "historic mints on the older tier now retroactively create reserve debt"
-        );
-        assertEq(
-            testHook.totalCashOutWeight(),
-            3 ether,
-            "cash-out denominator dilutes existing holders before any new payment occurs"
-        );
-
-        testHook.mintPendingReservesFor(1, 1);
-
-        assertEq(
-            testHook.balanceOf(retroReserveBeneficiary), 1, "the new default beneficiary can mint retroactive reserves"
-        );
-        assertEq(hookStore.numberOfPendingReservesFor(address(testHook), 1), 0, "reserve debt is realized after mint");
+        testHook.adjustTiers(initialTier, new uint256[](0));
     }
 }

package/test/audit/{CodexNemesisFutureTierPoC.t.sol → FutureTierPoC.t.sol}

@@ -6,7 +6,7 @@ import {JB721TiersHookStore} from "../../src/JB721TiersHookStore.sol";
 import {IJB721TokenUriResolver} from "../../src/interfaces/IJB721TokenUriResolver.sol";
 import {JB721TierConfig} from "../../src/structs/JB721TierConfig.sol";
 
-contract CodexNemesisFutureTierPoC is UnitTestSetup {
+contract FutureTierPoC is UnitTestSetup {
     function test_futureTierRemovalPersistsIntoNewTierAndBricksMint() external {
         hook = _initHookDefaultTiers(0);
 

package/test/audit/{20260425CodexNemesisFutureTierRemoval.t.sol → FutureTierRemoval.t.sol}

@@ -8,7 +8,7 @@ import {JB721TiersHookStore} from "../../src/JB721TiersHookStore.sol";
 import {JB721TierConfig} from "../../src/structs/JB721TierConfig.sol";
 import {JB721TierConfigFlags} from "../../src/structs/JB721TierConfigFlags.sol";
 
-contract Test_20260425CodexNemesisFutureTierRemoval is Test {
+contract Test_FutureTierRemoval is Test {
     JB721TiersHookStore internal store;
 
     function setUp() external {

package/test/audit/{CodexPayCreditsBypassTierSplits.t.sol → PayCreditsBypassTierSplits.t.sol}

@@ -13,7 +13,7 @@ import {JBSplit} from "@bananapus/core-v6/src/structs/JBSplit.sol";
 import {IJBSplitHook} from "@bananapus/core-v6/src/interfaces/IJBSplitHook.sol";
 import {JB721TierConfigFlags} from "../../src/structs/JB721TierConfigFlags.sol";
 
-contract CodexPayCreditsBypassTierSplits is UnitTestSetup {
+contract PayCreditsBypassTierSplits is UnitTestSetup {
     address internal splitBeneficiary = makeAddr("splitBeneficiary");
 
     function setUp() public override {

package/test/audit/{CodexNemesisProjectDeployerAuth.t.sol → ProjectDeployerAuth.t.sol}

@@ -12,7 +12,6 @@ import {JBPayDataHookRulesetMetadata} from "../../src/structs/JBPayDataHookRules
 import {JB721TierConfigFlags} from "../../src/structs/JB721TierConfigFlags.sol";
 import {JB721InitTiersConfig} from "../../src/structs/JB721InitTiersConfig.sol";
 import {JB721TiersHookFlags} from "../../src/structs/JB721TiersHookFlags.sol";
-import {IJB721TiersHook} from "../../src/interfaces/IJB721TiersHook.sol";
 import {IJBDirectory} from "@bananapus/core-v6/src/interfaces/IJBDirectory.sol";
 import {IJBPermissions} from "@bananapus/core-v6/src/interfaces/IJBPermissions.sol";
 import {IJBController} from "@bananapus/core-v6/src/interfaces/IJBController.sol";
@@ -24,7 +23,7 @@ import {JBAccountingContext} from "@bananapus/core-v6/src/structs/JBAccountingCo
 import {JBTerminalConfig} from "@bananapus/core-v6/src/structs/JBTerminalConfig.sol";
 import {JBSplit} from "@bananapus/core-v6/src/structs/JBSplit.sol";
 
-contract MockProjectsForNemesis {
+contract MockProjects {
     uint256 internal _count;
     address internal _owner;
 
@@ -44,7 +43,7 @@ contract MockProjectsForNemesis {
     fallback() external {}
 }
 
-contract StrictControllerForNemesis {
+contract StrictController {
     address internal immutable EXPECTED_CALLER;
 
     error UnexpectedCaller(address caller);
@@ -62,7 +61,7 @@ contract StrictControllerForNemesis {
     }
 }
 
-contract Test_CodexNemesisProjectDeployerAuth is UnitTestSetup {
+contract Test_ProjectDeployerAuth is UnitTestSetup {
     JB721TiersHookProjectDeployer internal projectDeployer;
     address internal operator = address(0xBEEF);
     uint256 internal testProjectId = 5;
@@ -70,9 +69,9 @@ contract Test_CodexNemesisProjectDeployerAuth is UnitTestSetup {
     function setUp() public override {
         super.setUp();
 
-        MockProjectsForNemesis projects = new MockProjectsForNemesis();
+        MockProjects projects = new MockProjects();
         vm.etch(mockJBProjects, address(projects).code);
-        MockProjectsForNemesis(mockJBProjects).setup(testProjectId, owner);
+        MockProjects(mockJBProjects).setup(testProjectId, owner);
 
         vm.mockCall(mockJBDirectory, abi.encodeWithSelector(IJBDirectory.PROJECTS.selector), abi.encode(mockJBProjects));
 
@@ -85,12 +84,10 @@ contract Test_CodexNemesisProjectDeployerAuth is UnitTestSetup {
         (JBDeploy721TiersHookConfig memory hookConfig, JBLaunchRulesetsConfig memory launchConfig) =
             _launchConfig(testProjectId);
 
-        StrictControllerForNemesis controller = new StrictControllerForNemesis(owner);
+        StrictController controller = new StrictController(owner);
 
         vm.prank(owner);
-        vm.expectRevert(
-            abi.encodeWithSelector(StrictControllerForNemesis.UnexpectedCaller.selector, address(projectDeployer))
-        );
+        vm.expectRevert(abi.encodeWithSelector(StrictController.UnexpectedCaller.selector, address(projectDeployer)));
         projectDeployer.launchRulesetsFor(
             testProjectId, hookConfig, launchConfig, IJBController(address(controller)), bytes32(0)
         );
@@ -100,12 +97,10 @@ contract Test_CodexNemesisProjectDeployerAuth is UnitTestSetup {
         (JBDeploy721TiersHookConfig memory hookConfig, JBQueueRulesetsConfig memory queueConfig) =
             _queueConfig(testProjectId);
 
-        StrictControllerForNemesis controller = new StrictControllerForNemesis(owner);
+        StrictController controller = new StrictController(owner);
 
         vm.prank(owner);
-        vm.expectRevert(
-            abi.encodeWithSelector(StrictControllerForNemesis.UnexpectedCaller.selector, address(projectDeployer))
-        );
+        vm.expectRevert(abi.encodeWithSelector(StrictController.UnexpectedCaller.selector, address(projectDeployer)));
         projectDeployer.queueRulesetsOf(
             testProjectId, hookConfig, queueConfig, IJBController(address(controller)), bytes32(0)
         );
@@ -116,7 +111,7 @@ contract Test_CodexNemesisProjectDeployerAuth is UnitTestSetup {
             _launchConfig(testProjectId);
 
         address account = owner;
-        StrictControllerForNemesis controller = new StrictControllerForNemesis(owner);
+        StrictController controller = new StrictController(owner);
 
         // Grant LAUNCH_RULESETS and SET_TERMINALS, deny QUEUE_RULESETS.
         vm.mockCall(
@@ -162,9 +157,7 @@ contract Test_CodexNemesisProjectDeployerAuth is UnitTestSetup {
         // The permission check passes with LAUNCH_RULESETS. The call proceeds to the controller, which reverts
         // because it sees the deployer contract as the caller rather than the original operator.
         vm.prank(operator);
-        vm.expectRevert(
-            abi.encodeWithSelector(StrictControllerForNemesis.UnexpectedCaller.selector, address(projectDeployer))
-        );
+        vm.expectRevert(abi.encodeWithSelector(StrictController.UnexpectedCaller.selector, address(projectDeployer)));
         projectDeployer.launchRulesetsFor(
             testProjectId, hookConfig, launchConfig, IJBController(address(controller)), bytes32(0)
         );

package/test/audit/{CodexNemesisRepoFindings.t.sol → RepoFindings.t.sol}

@@ -3,11 +3,11 @@ pragma solidity 0.8.28;
 
 import "../utils/UnitTestSetup.sol";
 
-import {IJB721TiersHookStore} from "../../src/interfaces/IJB721TiersHookStore.sol";
 import {JB721TierConfigFlags} from "../../src/structs/JB721TierConfigFlags.sol";
+import {JB721TiersHookStore} from "../../src/JB721TiersHookStore.sol";
 import {JBSplit} from "@bananapus/core-v6/src/structs/JBSplit.sol";
 
-contract CodexNemesisRepoFindings is UnitTestSetup {
+contract RepoFindings is UnitTestSetup {
     address payable internal splitBeneficiary = payable(makeAddr("splitBeneficiary"));
 
     function _payMetadata(
@@ -157,6 +157,8 @@ contract CodexNemesisRepoFindings is UnitTestSetup {
         );
     }
 
+    /// @notice Creating a tier with reserveFrequency > 0 and no beneficiary (tier-specific or default)
+    /// is now rejected at creation time, preventing the retroactive dilution bug.
     function test_new_default_reserve_beneficiary_retroactively_dilutes_existing_tiers() public {
         ForTest_JB721TiersHook testHook = _initializeForTestHook(0);
 
@@ -183,88 +185,11 @@ contract CodexNemesisRepoFindings is UnitTestSetup {
             splits: new JBSplit[](0)
         });
 
-        vm.prank(owner);
-        testHook.adjustTiers(initialTier, new uint256[](0));
-
-        mockAndExpect(
-            mockJBDirectory,
-            abi.encodeWithSelector(IJBDirectory.isTerminalOf.selector, projectId, mockTerminalAddress),
-            abi.encode(true)
-        );
-
-        uint16[] memory tierIdsToMint = new uint16[](3);
-        tierIdsToMint[0] = 1;
-        tierIdsToMint[1] = 1;
-        tierIdsToMint[2] = 1;
-        bytes memory payerMetadata = _payMetadata(address(testHook), false, tierIdsToMint);
-
-        vm.prank(mockTerminalAddress);
-        testHook.afterPayRecordedWith(
-            JBAfterPayRecordedContext({
-                payer: beneficiary,
-                projectId: projectId,
-                rulesetId: 0,
-                amount: _nativeTokenAmount(3 ether),
-                forwardedAmount: _nativeTokenAmount(0),
-                weight: 10e18,
-                newlyIssuedTokenCount: 0,
-                beneficiary: beneficiary,
-                hookMetadata: bytes(""),
-                payerMetadata: payerMetadata
-            })
-        );
-
-        assertEq(testHook.totalCashOutWeight(), 3 ether, "denominator initially reflects only sold NFTs");
-        assertEq(
-            testHook.STORE().numberOfPendingReservesFor(address(testHook), 1),
-            0,
-            "without a reserve beneficiary the sold tier has no pending reserves"
+        // The new creation-time check prevents tiers with reserves but no beneficiary.
+        vm.expectRevert(
+            abi.encodeWithSelector(JB721TiersHookStore.JB721TiersHookStore_MissingReserveBeneficiary.selector, 1)
         );
-
-        JB721TierConfig[] memory defaultingTier = new JB721TierConfig[](1);
-        defaultingTier[0] = JB721TierConfig({
-            price: 2 ether,
-            initialSupply: 10,
-            votingUnits: 0,
-            reserveFrequency: 1,
-            reserveBeneficiary: owner,
-            encodedIPFSUri: bytes32(uint256(0x2222)),
-            category: 2,
-            discountPercent: 0,
-            flags: JB721TierConfigFlags({
-                allowOwnerMint: false,
-                useReserveBeneficiaryAsDefault: true,
-                transfersPausable: false,
-                useVotingUnits: false,
-                cantBeRemoved: false,
-                cantIncreaseDiscountPercent: false,
-                cantBuyWithCredits: false
-            }),
-            splitPercent: 0,
-            splits: new JBSplit[](0)
-        });
-
         vm.prank(owner);
-        testHook.adjustTiers(defaultingTier, new uint256[](0));
-
-        assertEq(
-            testHook.STORE().reserveBeneficiaryOf(address(testHook), 1),
-            owner,
-            "the new default reserve beneficiary retroactively applies to the older sold tier"
-        );
-        assertEq(
-            testHook.STORE().numberOfPendingReservesFor(address(testHook), 1),
-            2,
-            "the older tier now reports newly created pending reserves from past sales"
-        );
-        assertEq(
-            testHook.totalCashOutWeight(),
-            5 ether,
-            "cash-out denominator is diluted by retroactively created reserves on the existing tier"
-        );
-
-        testHook.mintPendingReservesFor(1, 2);
-
-        assertEq(testHook.balanceOf(owner), 2, "the owner can mint those retroactive reserve NFTs to themselves");
+        testHook.adjustTiers(initialTier, new uint256[](0));
     }
 }