@bananapus/distributor-v6 0.0.7 → 0.0.9

package/README.md

@@ -80,8 +80,8 @@ npm install @bananapus/distributor-v6
 
 ```bash
 npm install
-forge build
-forge test
+forge build --deny notes
+forge test --deny notes
 ```
 
 Useful scripts:

package/package.json

@@ -1,11 +1,20 @@
 {
   "name": "@bananapus/distributor-v6",
-  "version": "0.0.7",
+  "version": "0.0.9",
   "license": "MIT",
   "repository": {
     "type": "git",
     "url": "git+https://github.com/Bananapus/nana-distributor-v6"
   },
+  "files": [
+    "CHANGELOG.md",
+    "foundry.lock",
+    "foundry.toml",
+    "references/",
+    "remappings.txt",
+    "script/",
+    "src/"
+  ],
   "engines": {
     "node": ">=20.0.0"
   },
@@ -17,13 +26,13 @@
     "deploy:testnets": "source ./.env && npx sphinx propose ./script/Deploy.s.sol --networks testnets"
   },
   "dependencies": {
-    "@bananapus/721-hook-v6": "^0.0.38",
-    "@bananapus/core-v6": "^0.0.36",
-    "@bananapus/permission-ids-v6": "^0.0.19",
-    "@openzeppelin/contracts": "^5.6.1",
-    "@prb/math": "^4.1.0"
+    "@bananapus/721-hook-v6": "0.0.43",
+    "@bananapus/core-v6": "0.0.39",
+    "@bananapus/permission-ids-v6": "0.0.22",
+    "@openzeppelin/contracts": "5.6.1",
+    "@prb/math": "4.1.1"
   },
   "devDependencies": {
-    "@sphinx-labs/plugins": "^0.33.2"
+    "@sphinx-labs/plugins": "0.33.3"
   }
 }

package/src/JB721Distributor.sol

@@ -256,8 +256,8 @@ contract JB721Distributor is JBDistributor, IJB721Distributor {
 
     /// @notice The stake weight of a given NFT token ID based on its tier's voting units, validated against historical
     /// state.
-    /// @dev Returns 0 if the token's current owner had no checkpointed voting power at the round's snapshot block,
-    /// preventing late mints from capturing pro-rata rewards within the current round.
+    /// @dev Returns 0 if the token was not owned at the round's snapshot block or if its snapshot owner had no
+    /// checkpointed voting power, preventing late mints from capturing pro-rata rewards within the current round.
     /// @param hook The hook the token belongs to.
     /// @param tokenId The ID of the token to get the stake weight of.
     /// @return tokenStakeAmount The voting units of the token's tier (or 0 if ineligible).
@@ -267,12 +267,15 @@ contract JB721Distributor is JBDistributor, IJB721Distributor {
         .STORE()
         .tierOfTokenId({hook: hook, tokenId: tokenId, includeResolvedUri: false}).votingUnits;
 
-        // Use the checkpoints module to verify the token's owner had voting power at the round's snapshot block.
-        // If they had no voting power at that time, this token was minted or acquired after the round started
-        // and is not eligible for this round's rewards.
-        address owner = IERC721(hook).ownerOf(tokenId);
+        // Stake eligibility is fixed at the round snapshot block, not the caller's current block.
+        uint256 snapshotBlock = roundSnapshotBlock[currentRound()];
+        address owner = _snapshotOwnerOf({hook: hook, tokenId: tokenId, snapshotBlock: snapshotBlock});
+        if (owner == address(0)) return 0;
+
+        // Use the checkpoints module to verify the token's snapshot owner had voting power at the round's snapshot
+        // block. If the token did not exist then, ownerOfAt returns zero above and the token is not eligible.
         uint256 pastVotes = IVotes(address(IJB721TiersHook(hook).CHECKPOINTS()))
-            .getPastVotes({account: owner, timepoint: roundSnapshotBlock[currentRound()]});
+            .getPastVotes({account: owner, timepoint: snapshotBlock});
 
         // If the owner had no voting power at round start, the token is ineligible.
         // slither-disable-next-line incorrect-equality
@@ -299,6 +302,35 @@ contract JB721Distributor is JBDistributor, IJB721Distributor {
     // ----------------------- private helpers --------------------------- //
     //*********************************************************************//
 
+    /// @notice Returns the token owner at the round snapshot block.
+    /// @dev Returns zero if the hook has no checkpoint module, the module does not support historical ownership, the
+    /// call fails, or the token was not owned at `snapshotBlock`. Treating all of these as ineligible prevents late
+    /// mints and current-owner transfers from claiming rewards for a snapshot they did not participate in.
+    /// @param hook The 721 hook whose checkpoint module is queried.
+    /// @param tokenId The token ID to query.
+    /// @param snapshotBlock The round snapshot block to prove ownership at.
+    /// @return owner The historical token owner, or zero if ownership cannot be proven.
+    function _snapshotOwnerOf(
+        address hook,
+        uint256 tokenId,
+        uint256 snapshotBlock
+    )
+        private
+        view
+        returns (address owner)
+    {
+        // The 721 hook owns the checkpoint module; the distributor only trusts that module's historical proof.
+        IJB721Checkpoints checkpoints = IJB721TiersHook(hook).CHECKPOINTS();
+
+        // Use staticcall so older hooks without `ownerOfAt` fail closed instead of reverting the whole distribution.
+        (bool success, bytes memory data) =
+            address(checkpoints).staticcall(abi.encodeCall(IJB721Checkpoints.ownerOfAt, (tokenId, snapshotBlock)));
+        if (!success || data.length < 32) return address(0);
+
+        // A zero owner means the token was not owned at the snapshot block and is not eligible this round.
+        owner = abi.decode(data, (address));
+    }
+
     /// @notice Vest a single NFT token, enforcing a per-owner voting power cap across the batch.
     /// @dev Returns 0 for burned tokens, already-vested tokens, tokens whose owner had no snapshot voting power,
     ///      and tokens whose owner has already exhausted their voting power cap within this batch.
@@ -350,18 +382,20 @@ contract JB721Distributor is JBDistributor, IJB721Distributor {
         .STORE()
         .tierOfTokenId({hook: ctx.hook, tokenId: tokenId, includeResolvedUri: false}).votingUnits;
 
-        // Look up the owner, verify snapshot eligibility, and find or create the owner's tracking slot.
+        // Look up the snapshot owner, verify snapshot eligibility, and find or create the owner's tracking slot.
         uint256 ownerIndex;
         uint256 pastVotes;
         {
-            // Get the current owner of the NFT.
-            address owner = IERC721(ctx.hook).ownerOf(tokenId);
+            // Reuse the same round snapshot block for every token in this vesting batch.
+            uint256 snapshotBlock = roundSnapshotBlock[currentRound()];
+            address owner = _snapshotOwnerOf({hook: ctx.hook, tokenId: tokenId, snapshotBlock: snapshotBlock});
+            if (owner == address(0)) return (0, newUniqueCount);
 
             // Query the owner's checkpointed voting power at the round's snapshot block.
             pastVotes = IVotes(address(IJB721TiersHook(ctx.hook).CHECKPOINTS()))
-                .getPastVotes({account: owner, timepoint: roundSnapshotBlock[currentRound()]});
+                .getPastVotes({account: owner, timepoint: snapshotBlock});
 
-            // If the owner had no voting power at round start, the token is ineligible for this round.
+            // If the snapshot owner had no voting power at round start, the token is ineligible for this round.
             // slither-disable-next-line incorrect-equality
             if (pastVotes == 0) return (0, newUniqueCount);
 

package/src/JBDistributor.sol

@@ -10,7 +10,13 @@ import {IJBDistributor} from "./interfaces/IJBDistributor.sol";
 import {JBTokenSnapshotData} from "./structs/JBTokenSnapshotData.sol";
 import {JBVestingData} from "./structs/JBVestingData.sol";
 
-/// @notice A contract managing distributions of tokens to be claimed and vested by stakers of any other token.
+/// @notice Abstract base for reward distributors. Manages round-based distribution of ERC-20 tokens (or native ETH)
+/// to stakers with linear vesting. Each round, a snapshot is taken of the distributable balance, and stakers can
+/// claim their pro-rata share based on their stake weight at the snapshot block. Claimed tokens vest linearly over
+/// `vestingRounds` rounds and can be collected as they unlock.
+/// @dev Subclasses define how stake is measured (`_tokenStake`, `_totalStake`), who can claim (`_canClaim`), and
+/// what "burned" means (`_tokenBurned`). Two concrete implementations exist: `JBTokenDistributor` (IVotes tokens)
+/// and `JB721Distributor` (Juicebox 721 NFTs).
 abstract contract JBDistributor is IJBDistributor {
     using SafeERC20 for IERC20;
 
@@ -122,10 +128,12 @@ abstract contract JBDistributor is IJBDistributor {
     // ---------------------- external transactions ---------------------- //
     //*********************************************************************//
 
-    /// @notice Claims tokens and begins vesting.
-    /// @param hook The hook whose stakers are vesting.
-    /// @param tokenIds The IDs to claim rewards for.
-    /// @param tokens The tokens to claim.
+    /// @notice Snapshot the current round's distributable balance and begin vesting for the specified token IDs.
+    /// Each token ID's share is proportional to its stake weight relative to the total stake at the snapshot block.
+    /// Vesting completes after `vestingRounds` rounds. Reverts if there's nothing to distribute.
+    /// @param hook The hook (IVotes token or 721 hook) whose stakers are vesting.
+    /// @param tokenIds The staker token IDs to claim rewards for.
+    /// @param tokens The reward tokens to begin vesting.
     function beginVesting(address hook, uint256[] calldata tokenIds, IERC20[] calldata tokens) external override {
         // Revert if no token IDs are provided.
         if (tokenIds.length == 0) revert JBDistributor_EmptyTokenIds();
@@ -167,11 +175,13 @@ abstract contract JBDistributor is IJBDistributor {
         }
     }
 
-    /// @notice Fund the distributor for a specific hook by pulling tokens from the caller.
-    /// @dev For native ETH, send `msg.value` and pass `IERC20(JBConstants.NATIVE_TOKEN)` as the token.
-    /// @param hook The hook to fund.
+    /// @notice Directly fund the distributor for a specific hook by pulling tokens from the caller. An alternative
+    /// to split-based funding — useful for one-off deposits or external reward sources.
+    /// @dev For native ETH, send `msg.value` and pass `IERC20(JBConstants.NATIVE_TOKEN)` as the token. Uses balance
+    /// delta to handle fee-on-transfer tokens correctly.
+    /// @param hook The hook to fund (determines which staker pool receives the tokens).
     /// @param token The token to fund with.
-    /// @param amount The amount to fund.
+    /// @param amount The amount to fund (ignored for native ETH — `msg.value` is used instead).
     function fund(address hook, IERC20 token, uint256 amount) external payable override {
         if (address(token) == JBConstants.NATIVE_TOKEN) {
             amount = msg.value;
@@ -186,16 +196,19 @@ abstract contract JBDistributor is IJBDistributor {
         _accountedBalanceOf[token] += amount;
     }
 
-    /// @notice Record the snapshot block for the current round. Callable by anyone (keepers, frontends).
+    /// @notice Record the snapshot block for the current round (and eagerly for the next round). Callable by anyone —
+    /// keepers or frontends can call this early in a round to lock the snapshot block before any claims occur.
     function poke() external override {
         _ensureSnapshotBlock(currentRound());
     }
 
-    /// @notice Release vested rewards in the case that a token was burned.
+    /// @notice Release unvested rewards tied to burned tokens. When an NFT is burned, its pending vesting entries
+    /// become stranded — this function unlocks them and returns them to the hook's distributable pool (they are NOT
+    /// sent to the beneficiary). Anyone can call this for burned tokens.
     /// @param hook The hook whose tokens were burned.
-    /// @param tokenIds The IDs of the burned tokens.
-    /// @param tokens The address of the tokens being released.
-    /// @param beneficiary The recipient of the released tokens.
+    /// @param tokenIds The IDs of the burned tokens (reverts if any are not actually burned).
+    /// @param tokens The reward tokens to release.
+    /// @param beneficiary Unused for forfeiture — tokens return to the pool. Kept for interface compatibility.
     function releaseForfeitedRewards(
         address hook,
         uint256[] calldata tokenIds,
@@ -228,11 +241,12 @@ abstract contract JBDistributor is IJBDistributor {
         return _balanceOf[hook][token];
     }
 
-    /// @notice Calculate how much of the token has been claimed for the given tokenId.
+    /// @notice Calculate the total amount of a reward token that has been claimed (began vesting) for a given
+    /// staker token ID but has not yet been collected. Includes both locked (still vesting) and unlocked amounts.
     /// @param hook The hook the tokenId belongs to.
-    /// @param tokenId The ID of the token to calculate the token amount for.
-    /// @param token The address of the token being claimed.
-    /// @return tokenAmount The amount of tokens that can be claimed once they have vested.
+    /// @param tokenId The ID of the staker token to calculate for.
+    /// @param token The reward token to check.
+    /// @return tokenAmount The total uncollected amount (vesting + vested-but-uncollected).
     function claimedFor(
         address hook,
         uint256 tokenId,
@@ -261,11 +275,12 @@ abstract contract JBDistributor is IJBDistributor {
         }
     }
 
-    /// @notice Calculate how much of the token is currently ready to be collected for the given tokenId.
+    /// @notice Calculate how much of a reward token is currently unlocked and ready to be collected for a given
+    /// staker token ID. Only includes the vested portion — excludes amounts still locked in vesting.
     /// @param hook The hook the tokenId belongs to.
-    /// @param tokenId The ID of the token to calculate the token amount for.
-    /// @param token The address of the token being claimed.
-    /// @return tokenAmount The amount of tokens that can be claimed right now.
+    /// @param tokenId The ID of the staker token to calculate for.
+    /// @param token The reward token to check.
+    /// @return tokenAmount The amount of tokens that can be collected right now via `collectVestedRewards`.
     function collectableFor(
         address hook,
         uint256 tokenId,
@@ -340,10 +355,12 @@ abstract contract JBDistributor is IJBDistributor {
     // ----------------------- public transactions ----------------------- //
     //*********************************************************************//
 
-    /// @notice Collect vested tokens. Auto-vests for the current round if not already vested.
+    /// @notice Collect tokens that have vested (partially or fully) and transfer them to the beneficiary. Also
+    /// auto-vests for the current round if rewards haven't been claimed yet — so callers don't need to separately
+    /// call `beginVesting`. Only the token owner (verified via `_canClaim`) can collect.
     /// @param hook The hook whose stakers are collecting.
-    /// @param tokenIds The IDs of the tokens to collect for.
-    /// @param tokens The address of the tokens being claimed.
+    /// @param tokenIds The IDs of the tokens to collect for (caller must own all of them).
+    /// @param tokens The reward tokens to collect vested amounts of.
     /// @param beneficiary The recipient of the collected tokens.
     function collectVestedRewards(
         address hook,
@@ -633,28 +650,33 @@ abstract contract JBDistributor is IJBDistributor {
     // ----------------------- internal views ---------------------------- //
     //*********************************************************************//
 
-    /// @notice A flag indicating if an account can currently claim their tokens.
+    /// @notice Check whether an account is authorized to collect vested rewards for the given token ID. For 721
+    /// distributors this is ownership; for token distributors this is address-encoding match.
     /// @param hook The hook the token belongs to.
     /// @param tokenId The ID of the token to check.
-    /// @param account The account to check if it can claim.
-    /// @return canClaim A flag indicating if claiming is allowed.
+    /// @param account The account to check authorization for.
+    /// @return canClaim True if the account can collect rewards for this token ID.
     function _canClaim(address hook, uint256 tokenId, address account) internal view virtual returns (bool canClaim);
 
-    /// @notice Checks if the given token was burned or not.
+    /// @notice Check whether a staker token has been burned. Burned tokens are excluded from stake calculations
+    /// and their unvested rewards can be released via `releaseForfeitedRewards`.
     /// @param hook The hook the token belongs to.
-    /// @param tokenId The tokenId to check.
-    /// @return tokenWasBurned A boolean that is true if the token was burned.
+    /// @param tokenId The token ID to check.
+    /// @return tokenWasBurned True if the token has been burned.
     function _tokenBurned(address hook, uint256 tokenId) internal view virtual returns (bool tokenWasBurned);
 
-    /// @notice The amount of tokens staked for the given token ID.
+    /// @notice The stake weight of a specific token ID, used to calculate its pro-rata share of distributions.
+    /// For 721 distributors this is the tier's voting units; for token distributors this is delegated voting power.
     /// @param hook The hook the token belongs to.
-    /// @param tokenId The ID of the token to get the staked value of.
-    /// @return tokenStakeAmount The amount of staked tokens that is being represented by the token.
+    /// @param tokenId The ID of the token to get the stake weight of.
+    /// @return tokenStakeAmount The stake weight represented by this token ID.
     function _tokenStake(address hook, uint256 tokenId) internal view virtual returns (uint256 tokenStakeAmount);
 
-    /// @notice The total amount staked at the given block.
+    /// @notice The total stake across all token IDs at a given block. Used as the denominator when calculating each
+    /// token ID's pro-rata share. For 721 distributors this is `getPastTotalSupply` from the checkpoints module;
+    /// for token distributors this is `getPastTotalSupply` from the IVotes token.
     /// @param hook The hook to get the total stake for.
-    /// @param blockNumber The block number to get the total staked amount at.
-    /// @return totalStakedAmount The total amount staked at a block number.
+    /// @param blockNumber The block number to query (must be strictly in the past).
+    /// @return totalStakedAmount The total stake at the given block.
     function _totalStake(address hook, uint256 blockNumber) internal view virtual returns (uint256 totalStakedAmount);
 }

package/src/JBTokenDistributor.sol

@@ -139,6 +139,8 @@ contract JBTokenDistributor is JBDistributor, IJBTokenDistributor {
     function _canClaim(address hook, uint256 tokenId, address account) internal pure override returns (bool canClaim) {
         hook; // Silence unused variable warning.
         if (tokenId >> 160 != 0) revert JBTokenDistributor_InvalidTokenId();
+        // The high bits were checked above, so this cast recovers the encoded address.
+        // forge-lint: disable-next-line(unsafe-typecast)
         canClaim = address(uint160(tokenId)) == account;
     }
 
@@ -162,6 +164,8 @@ contract JBTokenDistributor is JBDistributor, IJBTokenDistributor {
     /// @return tokenStakeAmount The delegated voting power at the round's snapshot block.
     function _tokenStake(address hook, uint256 tokenId) internal view override returns (uint256 tokenStakeAmount) {
         if (tokenId >> 160 != 0) revert JBTokenDistributor_InvalidTokenId();
+        // The high bits were checked above, so this cast recovers the encoded address.
+        // forge-lint: disable-next-line(unsafe-typecast)
         tokenStakeAmount = IVotes(hook).getPastVotes(address(uint160(tokenId)), roundSnapshotBlock[currentRound()]);
     }
 

package/src/interfaces/IJBDistributor.sol

@@ -5,7 +5,9 @@ import {IERC20} from "@openzeppelin/contracts/token/ERC20/IERC20.sol";
 
 import {JBTokenSnapshotData} from "../structs/JBTokenSnapshotData.sol";
 
-/// @notice A contract managing distributions of tokens to be claimed and vested by stakers of any other token.
+/// @notice Interface for round-based reward distributors with linear vesting. Stakers claim their share of a
+/// distributable balance each round, and claimed amounts vest linearly over a configurable number of rounds.
+/// Two implementations exist: `JBTokenDistributor` (IVotes token stakers) and `JB721Distributor` (NFT holders).
 interface IJBDistributor {
     //*********************************************************************//
     // -------------------------------- events --------------------------- //

package/src/structs/JBTokenSnapshotData.sol

@@ -1,8 +1,10 @@
 // SPDX-License-Identifier: MIT
 pragma solidity ^0.8.0;
 
-/// @custom:member balance The token balance at the time of the snapshot.
-/// @custom:member vestingAmount The amount of tokens vesting at the time of the snapshot.
+/// @notice A point-in-time snapshot of a reward token's state for a specific hook and round. The distributable
+/// amount for the round is `balance - vestingAmount`.
+/// @custom:member balance The total token balance held for the hook's stakers at snapshot time.
+/// @custom:member vestingAmount The amount currently locked in vesting at snapshot time (not yet distributable).
 struct JBTokenSnapshotData {
     uint256 balance;
     uint256 vestingAmount;

package/src/structs/JBVestingData.sol

@@ -1,9 +1,12 @@
 // SPDX-License-Identifier: MIT
 pragma solidity ^0.8.0;
 
-/// @custom:member releaseRound The round at which the vesting tokens are fully released.
-/// @custom:member amount The original amount of tokens that were claimed.
-/// @custom:member shareClaimed The share of the amount that has already been claimed (out of `MAX_SHARE`).
+/// @notice Tracks a single vesting entry for a staker token ID. Tokens vest linearly from the claim round to
+/// `releaseRound`, and `shareClaimed` tracks how much has been collected so far (out of `MAX_SHARE = 100,000`).
+/// @custom:member releaseRound The round at which the tokens are fully vested and 100% claimable.
+/// @custom:member amount The original amount of reward tokens that were claimed (before any collection).
+/// @custom:member shareClaimed The cumulative share collected so far (out of `MAX_SHARE`). Increases each
+/// time `collectVestedRewards` is called.
 struct JBVestingData {
     uint256 releaseRound;
     uint256 amount;

package/.github/pull_request_template.md

@@ -1,33 +0,0 @@
-# Description
-
-What does this PR do, how, and why?
-
-## Risk Surface
-
-What new trust boundary, failure mode, operational dependency, or integration caveat does this PR introduce or remove?
-
-## RISKS.md Impact
-
-- [ ] No runtime, admin, deployment, or integration risk surface changed
-- [ ] Updated this repo's `RISKS.md`
-- [ ] Updated `/v6/evm/RISKS.md` because ecosystem behavior changed
-- [ ] If no `RISKS.md` update was needed, I explained why in this PR
-
-Reference: [`/v6/evm/RISKS_MAINTENANCE.md`](../../RISKS_MAINTENANCE.md)
-
-## Checklist
-
-- [ ] Tests cover the behavior change
-- [ ] Code is natspec'd where needed
-- [ ] Code is linted and formatted
-- [ ] I ran the relevant tests locally
-- [ ] I checked for stale docs and updated them where needed
-- [ ] `STYLE_GUIDE.md` is adhered to — no lint errors, warnings, or notes
-- [ ] No build errors, warnings, or notes
-
-## Interactions
-
-These changes impact the following contracts or docs:
-
-- Directly:
-- Indirectly:

package/.github/workflows/lint.yml

@@ -1,19 +0,0 @@
-name: lint
-on:
-  pull_request:
-    branches:
-      - main
-  push:
-    branches:
-      - main
-jobs:
-  forge-test:
-    runs-on: ubuntu-latest
-    steps:
-      - uses: actions/checkout@v4
-        with:
-          submodules: recursive
-      - name: Install Foundry
-        uses: foundry-rs/foundry-toolchain@v1
-      - name: Check linting
-        run: forge fmt --check

package/.github/workflows/publish.yml

@@ -1,19 +0,0 @@
-name: publish
-on:
-  push:
-    branches:
-      - main
-jobs:
-  publish:
-    runs-on: ubuntu-latest
-    steps:
-      - uses: actions/checkout@v4
-      - uses: actions/setup-node@v4
-        with:
-          node-version: 22.4.x
-          registry-url: https://registry.npmjs.org
-      # This will fail if the version in package.json has not increased.
-      - name: Publish to npm
-        run: npm publish --access public
-        env:
-          NODE_AUTH_TOKEN: ${{ secrets.NPM_TOKEN }}

package/.github/workflows/slither.yml

@@ -1,23 +0,0 @@
-name: slither
-on:
-  pull_request:
-    branches: [main]
-  push:
-    branches: [main]
-jobs:
-  slither:
-    runs-on: ubuntu-latest
-    steps:
-      - uses: actions/checkout@v4
-        with:
-          submodules: recursive
-      - uses: actions/setup-node@v4
-        with:
-          node-version: 22.4.x
-      - name: Install npm dependencies
-        run: npm install --omit=dev
-      - name: Run Slither
-        uses: crytic/slither-action@v0.3.1
-        with:
-          slither-config: slither-ci.config.json
-          fail-on: medium

package/.github/workflows/test.yml

@@ -1,28 +0,0 @@
-name: test
-on:
-  pull_request:
-    branches:
-      - main
-  push:
-    branches:
-      - main
-jobs:
-  forge-test:
-    runs-on: ubuntu-latest
-    steps:
-      - uses: actions/checkout@v4
-        with:
-          submodules: recursive
-      - uses: actions/setup-node@v4
-        with:
-          node-version: 22.4.x
-      - name: Install npm dependencies
-        run: npm install --omit=dev
-      - name: Install Foundry
-        uses: foundry-rs/foundry-toolchain@v1
-      - name: Run tests
-        run: forge test --fail-fast --summary --detailed --skip "*/script/**"
-        env:
-          RPC_ETHEREUM_MAINNET: ${{ secrets.RPC_ETHEREUM_MAINNET }}
-      - name: Check contract sizes
-        run: forge build --sizes --skip "*/test/**" --skip "*/script/**" --skip SphinxUtils

package/.gitmodules

@@ -1,3 +0,0 @@
-[submodule "lib/forge-std"]
-	path = lib/forge-std
-	url = https://github.com/foundry-rs/forge-std

package/ADMINISTRATION.md

@@ -1,65 +0,0 @@
-# Administration
-
-## At A Glance
-
-| Item | Details |
-| --- | --- |
-| Scope | Round-based vesting and distribution configuration |
-| Control posture | Mostly parameter- and caller-driven, with asset-specific authority checks |
-| Highest-risk actions | Bad deployment parameters, wrong funding assumptions, and stale snapshot timing |
-| Recovery posture | Some value can remain for future rounds, but bad parameters can brick an instance |
-
-## Purpose
-
-`nana-distributor-v6` has less admin complexity than many sibling repos, but deployment parameters and funding assumptions still create real control risk.
-
-## Control Model
-
-- vesting is mostly driven by deployment parameters and permissionless round starts
-- claim authority differs by distributor type
-- 721 forfeiture handling adds a separate recovery path not present in the token distributor
-
-## Roles
-
-| Role | How Assigned | Scope | Notes |
-| --- | --- | --- | --- |
-| Round starter | Any caller | Per distributor | Vesting is permissionless |
-| Token claimant | Encoded claimant address | Per token slot | Token distributor authority model |
-| NFT claimant | Current NFT owner | Per token ID | 721 distributor authority model |
-
-## Privileged Surfaces
-
-- deployment parameters
-- funding flows
-- claim entrypoints with distributor-specific authority checks
-- 721 forfeiture release path
-
-## Immutable And One-Way
-
-- bad constructor parameters can permanently make an instance unusable
-- snapshots define a round once taken
-- vested or collected value does not rewind
-
-## Operational Notes
-
-- review round timing and vesting-round count before deployment
-- verify the distributor holds the correct asset before starting rounds
-- do not assume token and 721 variants behave identically
-
-## Recovery
-
-- unclaimed value can remain for future rounds
-- 721 forfeiture release can recycle some value
-- bad deployment parameters usually require a new distributor instance
-
-## Admin Boundaries
-
-- this repo does not create upstream entitlement logic
-- permissionless vesting means operators do not fully control snapshot timing
-- the distributor cannot make a missing or wrong stake source correct
-
-## Source Map
-
-- `src/JBDistributor.sol`
-- `src/JBTokenDistributor.sol`
-- `src/JB721Distributor.sol`