npm - @bananapus/distributor-v6 - Versions diffs - 0.0.7 → 0.0.8 - Mend

@bananapus/distributor-v6 0.0.7 → 0.0.8

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (30) hide show

package/README.md +2 -2
package/package.json +16 -7
package/src/JB721Distributor.sol +46 -12
package/src/JBTokenDistributor.sol +4 -0
package/.github/pull_request_template.md +0 -33
package/.github/workflows/lint.yml +0 -19
package/.github/workflows/publish.yml +0 -19
package/.github/workflows/slither.yml +0 -23
package/.github/workflows/test.yml +0 -28
package/.gitmodules +0 -3
package/ADMINISTRATION.md +0 -65
package/ARCHITECTURE.md +0 -89
package/AUDIT_INSTRUCTIONS.md +0 -52
package/RISKS.md +0 -78
package/SKILLS.md +0 -36
package/USER_JOURNEYS.md +0 -122
package/slither-ci.config.json +0 -10
package/test/AuditFixes.t.sol +0 -429
package/test/JB721Distributor.t.sol +0 -2059
package/test/JBTokenDistributor.t.sol +0 -503
package/test/audit/CodexNemesisAccountingPoC.t.sol +0 -344
package/test/audit/CodexNemesisFreshSplitTokenMismatch.t.sol +0 -133
package/test/audit/CodexNemesisFreshVerification.t.sol +0 -218
package/test/audit/CodexNemesisPoC.t.sol +0 -191
package/test/audit/H26VotingPowerCap.t.sol +0 -343
package/test/audit/Pass12Fixes.t.sol +0 -344
package/test/audit/PostSnapshotMintTheft.t.sol +0 -413
package/test/audit/TokenMismatchFix.t.sol +0 -295
package/test/fork/TokenDistributorFork.t.sol +0 -603
package/test/invariant/JB721DistributorInvariant.t.sol +0 -414

package/test/audit/CodexNemesisAccountingPoC.t.sol DELETED Viewed

@@ -1,344 +0,0 @@
-// SPDX-License-Identifier: MIT
-pragma solidity 0.8.28;
-import {Test} from "forge-std/Test.sol";
-import {stdError} from "forge-std/StdError.sol";
-import {IERC20} from "@openzeppelin/contracts/token/ERC20/IERC20.sol";
-import {ERC20} from "@openzeppelin/contracts/token/ERC20/ERC20.sol";
-import {ERC20Votes} from "@openzeppelin/contracts/token/ERC20/extensions/ERC20Votes.sol";
-import {EIP712} from "@openzeppelin/contracts/utils/cryptography/EIP712.sol";
-import {IERC165} from "@openzeppelin/contracts/utils/introspection/IERC165.sol";
-import {IJBDirectory} from "@bananapus/core-v6/src/interfaces/IJBDirectory.sol";
-import {IJBSplitHook} from "@bananapus/core-v6/src/interfaces/IJBSplitHook.sol";
-import {IJBTerminal} from "@bananapus/core-v6/src/interfaces/IJBTerminal.sol";
-import {JBSplit} from "@bananapus/core-v6/src/structs/JBSplit.sol";
-import {JBSplitHookContext} from "@bananapus/core-v6/src/structs/JBSplitHookContext.sol";
-import {JB721Tier} from "@bananapus/721-hook-v6/src/structs/JB721Tier.sol";
-import {JB721TierFlags} from "@bananapus/721-hook-v6/src/structs/JB721TierFlags.sol";
-import {JBDistributor} from "../../src/JBDistributor.sol";
-import {JB721Distributor} from "../../src/JB721Distributor.sol";
-import {JBTokenDistributor} from "../../src/JBTokenDistributor.sol";
-contract CodexNemesisDirectory {
-    mapping(uint256 projectId => mapping(address terminal => bool)) public terminals;
-    mapping(uint256 projectId => address controller) public controllers;
-    function setTerminal(uint256 projectId, address terminal, bool isTerminal) external {
-        terminals[projectId][terminal] = isTerminal;
-    }
-    function setController(uint256 projectId, address controller) external {
-        controllers[projectId] = controller;
-    }
-    function isTerminalOf(uint256 projectId, IJBTerminal terminal) external view returns (bool) {
-        return terminals[projectId][address(terminal)];
-    }
-    function controllerOf(uint256 projectId) external view returns (IERC165) {
-        return IERC165(controllers[projectId]);
-    }
-}
-contract CodexNemesisRewardToken is ERC20 {
-    constructor() ERC20("Reward", "RWD") {}
-    function mint(address to, uint256 amount) external {
-        _mint(to, amount);
-    }
-}
-contract CodexNemesisVotesToken is ERC20, ERC20Votes {
-    constructor() ERC20("Votes", "VOTE") EIP712("Votes", "1") {}
-    function mint(address to, uint256 amount) external {
-        _mint(to, amount);
-    }
-    function _update(address from, address to, uint256 value) internal override(ERC20, ERC20Votes) {
-        super._update(from, to, value);
-    }
-}
-contract CodexNemesisStore {
-    uint256 public maxTier;
-    mapping(uint256 tierId => JB721Tier) public tiers;
-    mapping(uint256 tokenId => uint256 tierId) public tokenTiers;
-    function setMaxTierIdOf(uint256 maxTierId) external {
-        maxTier = maxTierId;
-    }
-    function setTier(uint256 tierId, JB721Tier memory tier) external {
-        tiers[tierId] = tier;
-    }
-    function setTokenTier(uint256 tokenId, uint256 tierId) external {
-        tokenTiers[tokenId] = tierId;
-    }
-    function tierOfTokenId(address, uint256 tokenId, bool) external view returns (JB721Tier memory) {
-        return tiers[tokenTiers[tokenId]];
-    }
-    /// @dev Returns 0 for all tokens (backward-compatible: allows vesting).
-    function mintBlockOf(address, uint256) external pure returns (uint256) {
-        return 0;
-    }
-}
-contract CodexNemesisCheckpoints {
-    uint256 public totalSupplyAtSnapshot;
-    mapping(address account => uint256 votes) public votesAtSnapshot;
-    function setTotalSupply(uint256 totalSupply) external {
-        totalSupplyAtSnapshot = totalSupply;
-    }
-    function setVotes(address account, uint256 votes) external {
-        votesAtSnapshot[account] = votes;
-    }
-    function getPastTotalSupply(uint256) external view returns (uint256) {
-        return totalSupplyAtSnapshot;
-    }
-    function getPastVotes(address account, uint256) external view returns (uint256) {
-        return votesAtSnapshot[account];
-    }
-}
-contract CodexNemesisHook {
-    CodexNemesisStore public immutable STORE;
-    CodexNemesisCheckpoints public immutable CHECKPOINTS;
-    mapping(uint256 tokenId => address owner) public owners;
-    constructor(CodexNemesisStore store, CodexNemesisCheckpoints checkpoints) {
-        STORE = store;
-        CHECKPOINTS = checkpoints;
-    }
-    function ownerOf(uint256 tokenId) external view returns (address) {
-        address owner = owners[tokenId];
-        require(owner != address(0), "NO_OWNER");
-        return owner;
-    }
-    function setOwner(uint256 tokenId, address owner) external {
-        owners[tokenId] = owner;
-    }
-}
-contract CodexNemesisAccountingPoCTest is Test {
-    uint256 internal constant PROJECT_ID = 1;
-    uint256 internal constant ROUND_DURATION = 100;
-    uint256 internal constant VESTING_ROUNDS = 4;
-    address internal attacker = makeAddr("attacker");
-    address internal honest = makeAddr("honest");
-    address internal maliciousController = makeAddr("maliciousController");
-    CodexNemesisDirectory internal directory;
-    CodexNemesisRewardToken internal rewardToken;
-    function setUp() public {
-        directory = new CodexNemesisDirectory();
-        rewardToken = new CodexNemesisRewardToken();
-        directory.setController(PROJECT_ID, maliciousController);
-    }
-    function test_controllerCanCreditUndeliveredTokensAndDrainRealInventory() public {
-        JBTokenDistributor distributor =
-            new JBTokenDistributor(IJBDirectory(address(directory)), ROUND_DURATION, VESTING_ROUNDS);
-        CodexNemesisVotesToken votesToken = new CodexNemesisVotesToken();
-        votesToken.mint(attacker, 10 ether);
-        votesToken.mint(honest, 990 ether);
-        vm.prank(attacker);
-        votesToken.delegate(attacker);
-        vm.prank(honest);
-        votesToken.delegate(honest);
-        vm.roll(block.number + 1);
-        rewardToken.mint(address(this), 1000 ether);
-        rewardToken.approve(address(distributor), 1000 ether);
-        distributor.fund(address(votesToken), IERC20(address(rewardToken)), 1000 ether);
-        JBSplit memory split = JBSplit({
-            percent: 1_000_000_000,
-            projectId: 0,
-            beneficiary: payable(address(votesToken)),
-            preferAddToBalance: false,
-            lockedUntil: 0,
-            hook: IJBSplitHook(address(distributor))
-        });
-        JBSplitHookContext memory fakeContext = JBSplitHookContext({
-            token: address(rewardToken),
-            amount: 99_000 ether,
-            decimals: 18,
-            projectId: PROJECT_ID,
-            groupId: 0,
-            split: split
-        });
-        // C-6 FIX: The malicious controller did not actually transfer tokens, so the
-        // balance-delta check reverts with UnfundedSplitCredit.
-        vm.prank(maliciousController);
-        vm.expectRevert(JBDistributor.JBDistributor_UnfundedSplitCredit.selector);
-        distributor.processSplitWith(fakeContext);
-        // The real balance should remain intact — the attack was blocked.
-        assertEq(rewardToken.balanceOf(address(distributor)), 1000 ether, "balance unchanged after blocked attack");
-        assertEq(
-            distributor.balanceOf(address(votesToken), IERC20(address(rewardToken))),
-            1000 ether,
-            "tracked balance was not inflated"
-        );
-    }
-    function test_721LateMintCanUseOwnersPastVotesAndDrainRound() public {
-        JB721Distributor distributor =
-            new JB721Distributor(IJBDirectory(address(directory)), ROUND_DURATION, VESTING_ROUNDS);
-        CodexNemesisStore store = new CodexNemesisStore();
-        CodexNemesisCheckpoints checkpoints = new CodexNemesisCheckpoints();
-        CodexNemesisHook hook = new CodexNemesisHook(store, checkpoints);
-        JB721TierFlags memory flags;
-        store.setMaxTierIdOf(1);
-        store.setTier({
-            tierId: 1,
-            tier: JB721Tier({
-                id: 1,
-                price: 1 ether,
-                remainingSupply: 97,
-                initialSupply: 100,
-                votingUnits: 100,
-                reserveFrequency: 0,
-                reserveBeneficiary: address(0),
-                encodedIPFSUri: bytes32(0),
-                category: 0,
-                discountPercent: 0,
-                flags: flags,
-                splitPercent: 0,
-                resolvedUri: ""
-            })
-        });
-        store.setTokenTier(1, 1);
-        store.setTokenTier(2, 1);
-        store.setTokenTier(3, 1);
-        hook.setOwner(1, attacker);
-        hook.setOwner(2, attacker);
-        hook.setOwner(3, attacker);
-        checkpoints.setTotalSupply(100);
-        checkpoints.setVotes(attacker, 100);
-        rewardToken.mint(address(this), 1000 ether);
-        rewardToken.approve(address(distributor), 1000 ether);
-        distributor.fund(address(hook), IERC20(address(rewardToken)), 1000 ether);
-        IERC20[] memory tokens = new IERC20[](1);
-        tokens[0] = IERC20(address(rewardToken));
-        uint256[] memory firstLateMint = new uint256[](1);
-        firstLateMint[0] = 2;
-        distributor.beginVesting(address(hook), firstLateMint, tokens);
-        assertEq(distributor.claimedFor(address(hook), 2, tokens[0]), 1000 ether);
-        assertEq(
-            distributor.totalVestingAmountOf(address(hook), tokens[0]),
-            distributor.balanceOf(address(hook), tokens[0]),
-            "one post-snapshot token consumed the whole snapshot"
-        );
-        vm.warp(distributor.roundStartTimestamp(VESTING_ROUNDS) + 1);
-        vm.roll(block.number + 1);
-        vm.prank(attacker);
-        distributor.collectVestedRewards(address(hook), firstLateMint, tokens, attacker);
-        assertEq(rewardToken.balanceOf(attacker), 1000 ether, "one late-minted token drained the funded balance");
-        assertEq(rewardToken.balanceOf(address(distributor)), 0, "honest snapshot stake is left unfunded");
-    }
-    function test_721SnapshotVotesCanBeReusedAcrossSeparateLateMintClaims() public {
-        JB721Distributor distributor =
-            new JB721Distributor(IJBDirectory(address(directory)), ROUND_DURATION, VESTING_ROUNDS);
-        CodexNemesisStore store = new CodexNemesisStore();
-        CodexNemesisCheckpoints checkpoints = new CodexNemesisCheckpoints();
-        CodexNemesisHook hook = new CodexNemesisHook(store, checkpoints);
-        JB721TierFlags memory flags;
-        store.setMaxTierIdOf(1);
-        store.setTier({
-            tierId: 1,
-            tier: JB721Tier({
-                id: 1,
-                price: 1 ether,
-                remainingSupply: 97,
-                initialSupply: 100,
-                votingUnits: 100,
-                reserveFrequency: 0,
-                reserveBeneficiary: address(0),
-                encodedIPFSUri: bytes32(0),
-                category: 0,
-                discountPercent: 0,
-                flags: flags,
-                splitPercent: 0,
-                resolvedUri: ""
-            })
-        });
-        store.setTokenTier(1, 1);
-        store.setTokenTier(2, 1);
-        store.setTokenTier(3, 1);
-        hook.setOwner(1, attacker);
-        hook.setOwner(2, attacker);
-        hook.setOwner(3, attacker);
-        checkpoints.setTotalSupply(100);
-        checkpoints.setVotes(attacker, 100);
-        rewardToken.mint(address(this), 1000 ether);
-        rewardToken.approve(address(distributor), 1000 ether);
-        distributor.fund(address(hook), IERC20(address(rewardToken)), 1000 ether);
-        IERC20[] memory tokens = new IERC20[](1);
-        tokens[0] = IERC20(address(rewardToken));
-        uint256[] memory firstLateMint = new uint256[](1);
-        firstLateMint[0] = 2;
-        distributor.beginVesting(address(hook), firstLateMint, tokens);
-        uint256[] memory secondLateMint = new uint256[](1);
-        secondLateMint[0] = 3;
-        distributor.beginVesting(address(hook), secondLateMint, tokens);
-        // H-24 FIX: With persistent consumed-votes tracking, the second beginVesting sees
-        // that all 100 votes are already consumed, so token 3 gets 0 reward.
-        assertEq(distributor.claimedFor(address(hook), 2, tokens[0]), 1000 ether);
-        assertEq(distributor.claimedFor(address(hook), 3, tokens[0]), 0, "votes already consumed, no double-claim");
-        assertEq(
-            distributor.totalVestingAmountOf(address(hook), tokens[0]),
-            1000 ether,
-            "total vesting capped at funded balance"
-        );
-        assertLe(
-            distributor.totalVestingAmountOf(address(hook), tokens[0]),
-            distributor.balanceOf(address(hook), tokens[0]),
-            "vesting obligations do not exceed funded balance"
-        );
-        // Collection should succeed without underflow.
-        vm.warp(distributor.roundStartTimestamp(VESTING_ROUNDS) + 1);
-        vm.roll(block.number + 1);
-        vm.prank(attacker);
-        distributor.collectVestedRewards(address(hook), firstLateMint, tokens, attacker);
-        assertEq(rewardToken.balanceOf(attacker), 1000 ether, "attacker gets only their fair share");
-    }
-}

package/test/audit/CodexNemesisFreshSplitTokenMismatch.t.sol DELETED Viewed

@@ -1,133 +0,0 @@
-// SPDX-License-Identifier: MIT
-pragma solidity 0.8.28;
-import {Test} from "forge-std/Test.sol";
-import {IJBDirectory} from "@bananapus/core-v6/src/interfaces/IJBDirectory.sol";
-import {IJBProjects} from "@bananapus/core-v6/src/interfaces/IJBProjects.sol";
-import {IJBTerminal} from "@bananapus/core-v6/src/interfaces/IJBTerminal.sol";
-import {IJBSplitHook} from "@bananapus/core-v6/src/interfaces/IJBSplitHook.sol";
-import {JBSplit} from "@bananapus/core-v6/src/structs/JBSplit.sol";
-import {JBSplitHookContext} from "@bananapus/core-v6/src/structs/JBSplitHookContext.sol";
-import {IERC165} from "@openzeppelin/contracts/utils/introspection/IERC165.sol";
-import {ERC20} from "@openzeppelin/contracts/token/ERC20/ERC20.sol";
-import {ERC20Votes} from "@openzeppelin/contracts/token/ERC20/extensions/ERC20Votes.sol";
-import {IERC20} from "@openzeppelin/contracts/token/ERC20/IERC20.sol";
-import {EIP712} from "@openzeppelin/contracts/utils/cryptography/EIP712.sol";
-import {JBTokenDistributor} from "../../src/JBTokenDistributor.sol";
-contract NemesisRewardToken is ERC20 {
-    constructor() ERC20("Reward", "RWD") {}
-    function mint(address to, uint256 amount) external {
-        _mint(to, amount);
-    }
-}
-contract NemesisStakeToken is ERC20, ERC20Votes {
-    constructor() ERC20("Stake", "STK") EIP712("Stake", "1") {}
-    function mint(address to, uint256 amount) external {
-        _mint(to, amount);
-    }
-    function _update(address from, address to, uint256 value) internal override(ERC20, ERC20Votes) {
-        super._update(from, to, value);
-    }
-}
-contract NemesisDirectory is IJBDirectory {
-    mapping(uint256 projectId => IJBTerminal terminal) public terminalOf;
-    mapping(uint256 projectId => IERC165 controller) public override controllerOf;
-    function setTerminal(uint256 projectId, IJBTerminal terminal) external {
-        terminalOf[projectId] = terminal;
-    }
-    function PROJECTS() external pure returns (IJBProjects) {
-        return IJBProjects(address(0));
-    }
-    function isAllowedToSetFirstController(address) external pure returns (bool) {
-        return false;
-    }
-    function isTerminalOf(uint256 projectId, IJBTerminal terminal) external view returns (bool) {
-        return terminalOf[projectId] == terminal;
-    }
-    function primaryTerminalOf(uint256, address) external pure returns (IJBTerminal) {
-        return IJBTerminal(address(0));
-    }
-    function terminalsOf(uint256 projectId) external view returns (IJBTerminal[] memory terminals) {
-        terminals = new IJBTerminal[](1);
-        terminals[0] = terminalOf[projectId];
-    }
-    function setControllerOf(uint256, IERC165) external {}
-    function setIsAllowedToSetFirstController(address, bool) external {}
-    function setPrimaryTerminalOf(uint256, address, IJBTerminal) external {}
-    function setTerminalsOf(uint256, IJBTerminal[] calldata) external {}
-}
-    contract CodexNemesisFreshSplitTokenMismatchTest is Test {
-        JBTokenDistributor distributor;
-        NemesisDirectory directory;
-        NemesisRewardToken reward;
-        NemesisStakeToken stake;
-        address attacker = address(0xA11CE);
-        address attackerTerminal = address(0xBEEF);
-        address victimHook = address(0xCAFE);
-        function setUp() public {
-            directory = new NemesisDirectory();
-            distributor = new JBTokenDistributor(IJBDirectory(address(directory)), 1 days, 1);
-            reward = new NemesisRewardToken();
-            stake = new NemesisStakeToken();
-            directory.setTerminal(1, IJBTerminal(attackerTerminal));
-            reward.mint(address(this), 100 ether);
-            reward.approve(address(distributor), 100 ether);
-            distributor.fund(victimHook, reward, 100 ether);
-            stake.mint(attacker, 1 ether);
-            vm.prank(attacker);
-            stake.delegate(attacker);
-            vm.roll(block.number + 1);
-        }
-        /// @notice Previously this test proved the attack worked. Now it proves the fix: sending ETH
-        /// with context.token set to an ERC-20 address reverts with TokenMismatch.
-        function test_authorizedTerminalCanBackFakeErc20CreditWithEthAndDrainVictimInventory() public {
-            vm.deal(attackerTerminal, 50 ether);
-            JBSplit memory split = JBSplit({
-                percent: 0,
-                projectId: 0,
-                beneficiary: payable(address(stake)),
-                preferAddToBalance: false,
-                lockedUntil: 0,
-                hook: IJBSplitHook(address(distributor))
-            });
-            JBSplitHookContext memory context = JBSplitHookContext({
-                token: address(reward),
-                amount: 50 ether,
-                decimals: 18,
-                projectId: 1,
-                groupId: uint256(uint160(address(reward))),
-                split: split
-            });
-            // FIX VERIFIED: The attack now reverts because context.token != NATIVE_TOKEN when msg.value != 0.
-            vm.prank(attackerTerminal);
-            vm.expectRevert(JBTokenDistributor.JBTokenDistributor_TokenMismatch.selector);
-            distributor.processSplitWith{value: 50 ether}(context);
-            // Victim's balance remains intact.
-            assertEq(distributor.balanceOf(victimHook, reward), 100 ether);
-        }
-    }

package/test/audit/CodexNemesisFreshVerification.t.sol DELETED Viewed

@@ -1,218 +0,0 @@
-// SPDX-License-Identifier: MIT
-pragma solidity 0.8.28;
-import {Test} from "forge-std/Test.sol";
-import {ERC20} from "@openzeppelin/contracts/token/ERC20/ERC20.sol";
-import {IERC20} from "@openzeppelin/contracts/token/ERC20/IERC20.sol";
-import {IERC165} from "@openzeppelin/contracts/utils/introspection/IERC165.sol";
-import {IJBDirectory} from "@bananapus/core-v6/src/interfaces/IJBDirectory.sol";
-import {IJBSplitHook} from "@bananapus/core-v6/src/interfaces/IJBSplitHook.sol";
-import {IJBTerminal} from "@bananapus/core-v6/src/interfaces/IJBTerminal.sol";
-import {JBSplit} from "@bananapus/core-v6/src/structs/JBSplit.sol";
-import {JBSplitHookContext} from "@bananapus/core-v6/src/structs/JBSplitHookContext.sol";
-import {JB721Tier} from "@bananapus/721-hook-v6/src/structs/JB721Tier.sol";
-import {JB721Distributor} from "../../src/JB721Distributor.sol";
-import {JBTokenDistributor} from "../../src/JBTokenDistributor.sol";
-contract CodexNemesisToken is ERC20 {
-    constructor() ERC20("Reward", "RWD") {}
-    function decimals() public pure override returns (uint8) {
-        return 6;
-    }
-    function mint(address to, uint256 amount) external {
-        _mint(to, amount);
-    }
-}
-contract CodexNemesisDirectory {
-    address public terminal;
-    IERC165 public controller;
-    function setTerminal(address terminal_) external {
-        terminal = terminal_;
-    }
-    function setController(IERC165 controller_) external {
-        controller = controller_;
-    }
-    function isTerminalOf(uint256, IJBTerminal terminal_) external view returns (bool) {
-        return address(terminal_) == terminal;
-    }
-    function controllerOf(uint256) external view returns (IERC165) {
-        return controller;
-    }
-}
-contract CodexNemesisVotes {
-    mapping(address account => uint256 votes) public votesOf;
-    uint256 public totalSupply;
-    function setVotes(address account, uint256 votes) external {
-        votesOf[account] = votes;
-    }
-    function setTotalSupply(uint256 totalSupply_) external {
-        totalSupply = totalSupply_;
-    }
-    function getPastVotes(address account, uint256) external view returns (uint256) {
-        return votesOf[account];
-    }
-    function getPastTotalSupply(uint256) external view returns (uint256) {
-        return totalSupply;
-    }
-}
-contract CodexNemesis721Store {
-    uint104 public votingUnits = 100;
-    function tierOfTokenId(address, uint256, bool) external view returns (JB721Tier memory tier) {
-        tier.votingUnits = votingUnits;
-        tier.initialSupply = 100;
-    }
-    /// @dev Returns 0 for all tokens (backward-compatible: allows vesting).
-    function mintBlockOf(address, uint256) external pure returns (uint256) {
-        return 0;
-    }
-}
-contract CodexNemesis721Checkpoints {
-    mapping(address account => uint256 votes) public votesOf;
-    uint256 public totalSupply;
-    function setVotes(address account, uint256 votes) external {
-        votesOf[account] = votes;
-    }
-    function setTotalSupply(uint256 totalSupply_) external {
-        totalSupply = totalSupply_;
-    }
-    function getPastVotes(address account, uint256) external view returns (uint256) {
-        return votesOf[account];
-    }
-    function getPastTotalSupply(uint256) external view returns (uint256) {
-        return totalSupply;
-    }
-}
-contract CodexNemesis721Hook {
-    CodexNemesis721Store public immutable STORE;
-    CodexNemesis721Checkpoints public immutable CHECKPOINTS;
-    mapping(uint256 tokenId => address owner) public ownerOf;
-    constructor(CodexNemesis721Store store, CodexNemesis721Checkpoints checkpoints) {
-        STORE = store;
-        CHECKPOINTS = checkpoints;
-    }
-    function mint(address owner, uint256 tokenId) external {
-        ownerOf[tokenId] = owner;
-    }
-    function burn(uint256 tokenId) external {
-        delete ownerOf[tokenId];
-    }
-}
-contract CodexNemesisFreshVerificationTest is Test {
-    uint256 internal constant PROJECT_ID = 1;
-    uint256 internal constant ROUND_DURATION = 1 days;
-    uint256 internal constant VESTING_ROUNDS = 1;
-    /// @notice Previously this test proved the attack worked. Now it proves the fix: sending ETH
-    /// with context.token set to an ERC-20 address reverts with TokenMismatch.
-    function test_nativeValueCanCreateUnbackedErc20CreditAndDrainOtherHookInventory() public {
-        address attacker = makeAddr("attacker");
-        address victimHook = makeAddr("victimHook");
-        uint256 rewardAmount = 100_000_000; // 100 units of a 6-decimal token.
-        CodexNemesisDirectory directory = new CodexNemesisDirectory();
-        directory.setTerminal(address(this));
-        JBTokenDistributor distributor =
-            new JBTokenDistributor(IJBDirectory(address(directory)), ROUND_DURATION, VESTING_ROUNDS);
-        CodexNemesisToken reward = new CodexNemesisToken();
-        CodexNemesisVotes stake = new CodexNemesisVotes();
-        stake.setVotes(attacker, 1 ether);
-        stake.setTotalSupply(1 ether);
-        reward.mint(address(this), rewardAmount);
-        reward.approve(address(distributor), rewardAmount);
-        distributor.fund(victimHook, IERC20(address(reward)), rewardAmount);
-        JBSplit memory split = JBSplit({
-            percent: 0,
-            projectId: 0,
-            beneficiary: payable(address(stake)),
-            preferAddToBalance: false,
-            lockedUntil: 0,
-            hook: IJBSplitHook(address(0))
-        });
-        JBSplitHookContext memory context = JBSplitHookContext({
-            token: address(reward),
-            amount: rewardAmount,
-            decimals: 6,
-            projectId: PROJECT_ID,
-            groupId: uint256(uint160(address(reward))),
-            split: split
-        });
-        // FIX VERIFIED: The attack now reverts because context.token != NATIVE_TOKEN when msg.value != 0.
-        vm.deal(address(this), rewardAmount);
-        vm.expectRevert(JBTokenDistributor.JBTokenDistributor_TokenMismatch.selector);
-        distributor.processSplitWith{value: rewardAmount}(context);
-        // Victim's balance remains intact — attack blocked.
-        assertEq(distributor.balanceOf(victimHook, IERC20(address(reward))), rewardAmount);
-        assertEq(reward.balanceOf(address(distributor)), rewardAmount);
-    }
-    function test_721LateMintedTokenCanClaimRoundSnapshotRewardsFromOwnersPastVotes() public {
-        address alice = makeAddr("alice");
-        CodexNemesisDirectory directory = new CodexNemesisDirectory();
-        JB721Distributor distributor =
-            new JB721Distributor(IJBDirectory(address(directory)), ROUND_DURATION, VESTING_ROUNDS);
-        CodexNemesisToken reward = new CodexNemesisToken();
-        CodexNemesis721Store store = new CodexNemesis721Store();
-        CodexNemesis721Checkpoints checkpoints = new CodexNemesis721Checkpoints();
-        CodexNemesis721Hook hook = new CodexNemesis721Hook(store, checkpoints);
-        reward.mint(address(this), 100 ether);
-        reward.approve(address(distributor), 100 ether);
-        distributor.fund(address(hook), IERC20(address(reward)), 100 ether);
-        hook.mint(alice, 1);
-        checkpoints.setVotes(alice, 100);
-        checkpoints.setTotalSupply(100);
-        distributor.poke();
-        hook.burn(1);
-        hook.mint(alice, 2);
-        uint256[] memory tokenIds = new uint256[](1);
-        tokenIds[0] = 2;
-        IERC20[] memory tokens = new IERC20[](1);
-        tokens[0] = IERC20(address(reward));
-        distributor.beginVesting(address(hook), tokenIds, tokens);
-        assertEq(distributor.claimedFor(address(hook), 2, IERC20(address(reward))), 100 ether);
-        vm.warp(block.timestamp + ROUND_DURATION);
-        vm.prank(alice);
-        distributor.collectVestedRewards(address(hook), tokenIds, tokens, alice);
-        assertEq(reward.balanceOf(alice), 100 ether);
-    }
-}