@bananapus/permission-ids-v6 0.0.13 → 0.0.15

package/ADMINISTRATION.md

@@ -10,7 +10,7 @@ There are no ownable contracts, no upgrade mechanisms, and no mutable state. The
 
 ## Permission IDs
 
-All 33 defined permission IDs and what they control:
+All 34 defined permission IDs and what they control:
 
 | ID | Constant | Used By | What It Controls |
 |----|----------|---------|-----------------|
@@ -29,26 +29,27 @@ All 33 defined permission IDs and what they control:
 | 13 | `TRANSFER_CREDITS` | nana-core (`JBController`) | `JBController.transferCreditsFrom` -- transfer internal credits. Checked against the **token holder**. |
 | 14 | `SET_CONTROLLER` | nana-core (`JBDirectory`) | `JBDirectory.setControllerOf` -- set a project's controller. |
 | 15 | `SET_TERMINALS` | nana-core (`JBDirectory`) | `JBDirectory.setTerminalsOf` -- set a project's terminals. **Warning:** can remove the primary terminal. |
-| 16 | `SET_PRIMARY_TERMINAL` | nana-core (`JBDirectory`) | `JBDirectory.setPrimaryTerminalOf` -- set the primary terminal for a token. |
-| 17 | `USE_ALLOWANCE` | nana-core (`JBMultiTerminal`) | `JBMultiTerminal.useAllowanceOf` -- spend surplus allowance to an arbitrary address. |
-| 18 | `SET_SPLIT_GROUPS` | nana-core (`JBController`) | `JBController.setSplitGroupsOf` -- configure payout and reserved token splits. |
-| 19 | `ADD_PRICE_FEED` | nana-core (`JBController`) | `JBController.addPriceFeedFor` (which internally calls `JBPrices.addPriceFeedFor`) -- add a price feed for a project. |
-| 20 | `ADD_ACCOUNTING_CONTEXTS` | nana-core (`JBMultiTerminal`) | `JBMultiTerminal.addAccountingContextsFor` -- add accepted tokens to a terminal. |
-| 21 | `SET_TOKEN_METADATA` | nana-core (`JBController`) | `JBController.setTokenMetadataOf` -- set a project token's name and symbol. |
-| 22 | `ADJUST_721_TIERS` | nana-721-hook (`JB721TiersHook`) | `JB721TiersHook.adjustTiers` -- add or remove NFT tiers. |
-| 23 | `SET_721_METADATA` | nana-721-hook (`JB721TiersHook`) | `JB721TiersHook.setMetadata` -- set NFT metadata URIs. |
-| 24 | `MINT_721` | nana-721-hook (`JB721TiersHook`) | `JB721TiersHook.mintFor` -- manually mint NFTs to a beneficiary. |
-| 25 | `SET_721_DISCOUNT_PERCENT` | nana-721-hook (`JB721TiersHook`) | `JB721TiersHook.setDiscountPercentOf` -- set discount percent on NFT tiers. |
-| 26 | `SET_BUYBACK_TWAP` | nana-buyback-hook (`JBBuybackHook`) | `JBBuybackHook.setTwapWindowOf` -- configure the TWAP oracle window. |
-| 27 | `SET_BUYBACK_POOL` | nana-buyback-hook (`JBBuybackHook`) | `JBBuybackHook.setPoolFor` -- set the Uniswap pool for buybacks. |
-| 28 | `SET_BUYBACK_HOOK` | nana-buyback-hook (`JBBuybackHookRegistry`) | `JBBuybackHookRegistry.setHookFor` and `lockHookFor` -- configure and permanently lock the buyback hook. |
-| 29 | `SET_ROUTER_TERMINAL` | nana-router-terminal (`JBRouterTerminalRegistry`) | `JBRouterTerminalRegistry.setTerminalFor` and `lockTerminalFor` -- configure and permanently lock the router terminal. |
-| 30 | `MAP_SUCKER_TOKEN` | nana-suckers (`JBSucker`) | `JBSucker.mapToken` -- map an ERC-20 to its remote chain counterpart. Immutable once the outbox tree has entries. |
-| 31 | `DEPLOY_SUCKERS` | nana-suckers (`JBSuckerRegistry`) | `JBSuckerRegistry.deploySuckersFor` -- deploy sucker contracts for cross-chain bridging. |
-| 32 | `SUCKER_SAFETY` | nana-suckers (`JBSucker`) | `JBSucker.enableEmergencyHatchFor` -- enable the emergency hatch to recover stuck tokens. |
-| 33 | `SET_SUCKER_DEPRECATION` | nana-suckers (`JBSucker`) | `JBSucker.setDeprecation` -- set deprecation status (ENABLED, DEPRECATION_PENDING, SENDING_DISABLED, DEPRECATED). |
-
-IDs 0 and 34-255 are unused. ID 0 is reserved and cannot be set. IDs 34-255 are available for future ecosystem extensions.
+| 16 | `ADD_TERMINALS` | nana-core (`JBDirectory`) | `JBDirectory.setPrimaryTerminalOf` -- add a new terminal when `setPrimaryTerminalOf` implicitly adds it. |
+| 17 | `SET_PRIMARY_TERMINAL` | nana-core (`JBDirectory`) | `JBDirectory.setPrimaryTerminalOf` -- set the primary terminal for a token. |
+| 18 | `USE_ALLOWANCE` | nana-core (`JBMultiTerminal`) | `JBMultiTerminal.useAllowanceOf` -- spend surplus allowance to an arbitrary address. |
+| 19 | `SET_SPLIT_GROUPS` | nana-core (`JBController`) | `JBController.setSplitGroupsOf` -- configure payout and reserved token splits. |
+| 20 | `ADD_PRICE_FEED` | nana-core (`JBController`) | `JBController.addPriceFeedFor` (which internally calls `JBPrices.addPriceFeedFor`) -- add a price feed for a project. |
+| 21 | `ADD_ACCOUNTING_CONTEXTS` | nana-core (`JBMultiTerminal`) | `JBMultiTerminal.addAccountingContextsFor` -- add accepted tokens to a terminal. |
+| 22 | `SET_TOKEN_METADATA` | nana-core (`JBController`) | `JBController.setTokenMetadataOf` -- set a project token's name and symbol. |
+| 23 | `ADJUST_721_TIERS` | nana-721-hook (`JB721TiersHook`) | `JB721TiersHook.adjustTiers` -- add or remove NFT tiers. |
+| 24 | `SET_721_METADATA` | nana-721-hook (`JB721TiersHook`) | `JB721TiersHook.setMetadata` -- set NFT metadata URIs. |
+| 25 | `MINT_721` | nana-721-hook (`JB721TiersHook`) | `JB721TiersHook.mintFor` -- manually mint NFTs to a beneficiary. |
+| 26 | `SET_721_DISCOUNT_PERCENT` | nana-721-hook (`JB721TiersHook`) | `JB721TiersHook.setDiscountPercentOf` -- set discount percent on NFT tiers. |
+| 27 | `SET_BUYBACK_TWAP` | nana-buyback-hook (`JBBuybackHook`) | `JBBuybackHook.setTwapWindowOf` -- configure the TWAP oracle window. |
+| 28 | `SET_BUYBACK_POOL` | nana-buyback-hook (`JBBuybackHook`) | `JBBuybackHook.setPoolFor` -- set the Uniswap pool for buybacks. |
+| 29 | `SET_BUYBACK_HOOK` | nana-buyback-hook (`JBBuybackHookRegistry`) | `JBBuybackHookRegistry.setHookFor` and `lockHookFor` -- configure and permanently lock the buyback hook. |
+| 30 | `SET_ROUTER_TERMINAL` | nana-router-terminal (`JBRouterTerminalRegistry`) | `JBRouterTerminalRegistry.setTerminalFor` and `lockTerminalFor` -- configure and permanently lock the router terminal. |
+| 31 | `MAP_SUCKER_TOKEN` | nana-suckers (`JBSucker`) | `JBSucker.mapToken` -- map an ERC-20 to its remote chain counterpart. Immutable once the outbox tree has entries. |
+| 32 | `DEPLOY_SUCKERS` | nana-suckers (`JBSuckerRegistry`) | `JBSuckerRegistry.deploySuckersFor` -- deploy sucker contracts for cross-chain bridging. |
+| 33 | `SUCKER_SAFETY` | nana-suckers (`JBSucker`) | `JBSucker.enableEmergencyHatchFor` -- enable the emergency hatch to recover stuck tokens. |
+| 34 | `SET_SUCKER_DEPRECATION` | nana-suckers (`JBSucker`) | `JBSucker.setDeprecation` -- set deprecation status (ENABLED, DEPRECATION_PENDING, SENDING_DISABLED, DEPRECATED). |
+
+IDs 0 and 35-255 are unused. ID 0 is reserved and cannot be set. IDs 35-255 are available for future ecosystem extensions.
 
 ## ROOT Permission
 
@@ -91,9 +92,9 @@ Some permissions warrant extra caution when granting:
 
 - **`ROOT` (1):** Full access to all gated functions for a project.
 - **`SET_TERMINALS` (15):** Can remove the primary terminal, breaking payments and cashouts.
-- **`USE_ALLOWANCE` (17):** Can send surplus funds to any address.
-- **`SET_BUYBACK_HOOK` (28):** Can permanently lock the buyback hook configuration.
-- **`SET_ROUTER_TERMINAL` (29):** Can permanently lock the router terminal configuration.
+- **`USE_ALLOWANCE` (18):** Can send surplus funds to any address.
+- **`SET_BUYBACK_HOOK` (29):** Can permanently lock the buyback hook configuration.
+- **`SET_ROUTER_TERMINAL` (30):** Can permanently lock the router terminal configuration.
 - **`MINT_TOKENS` (10):** Can inflate token supply (subject to ruleset allowing owner minting).
 
 ## Holder vs. Owner Permissions

package/ARCHITECTURE.md

@@ -42,24 +42,25 @@ src/
 | 13 | `TRANSFER_CREDITS` | nana-core | `JBController.transferCreditsFrom` |
 | 14 | `SET_CONTROLLER` | nana-core | `JBDirectory.setControllerOf` |
 | 15 | `SET_TERMINALS` | nana-core | `JBDirectory.setTerminalsOf` |
-| 16 | `SET_PRIMARY_TERMINAL` | nana-core | `JBDirectory.setPrimaryTerminalOf` |
-| 17 | `USE_ALLOWANCE` | nana-core | `JBMultiTerminal.useAllowanceOf` |
-| 18 | `SET_SPLIT_GROUPS` | nana-core | `JBController.setSplitGroupsOf` |
-| 19 | `ADD_PRICE_FEED` | nana-core | `JBController.addPriceFeedFor` |
-| 20 | `ADD_ACCOUNTING_CONTEXTS` | nana-core | `JBMultiTerminal.addAccountingContextsFor` |
-| 21 | `SET_TOKEN_METADATA` | nana-core | `JBController.setTokenMetadataOf` |
-| 22 | `ADJUST_721_TIERS` | nana-721-hook | `JB721TiersHook.adjustTiers` |
-| 23 | `SET_721_METADATA` | nana-721-hook | `JB721TiersHook.setMetadata` |
-| 24 | `MINT_721` | nana-721-hook | `JB721TiersHook.mintFor` |
-| 25 | `SET_721_DISCOUNT_PERCENT` | nana-721-hook | `JB721TiersHook.setDiscountPercentOf` |
-| 26 | `SET_BUYBACK_TWAP` | nana-buyback-hook | `JBBuybackHook.setTwapWindowOf` |
-| 27 | `SET_BUYBACK_POOL` | nana-buyback-hook | `JBBuybackHook.setPoolFor` |
-| 28 | `SET_BUYBACK_HOOK` | nana-buyback-hook | `JBBuybackHookRegistry.setHookFor` + `lockHookFor` |
-| 29 | `SET_ROUTER_TERMINAL` | nana-router-terminal | `JBRouterTerminalRegistry.setTerminalFor` + `lockTerminalFor` |
-| 30 | `MAP_SUCKER_TOKEN` | nana-suckers | `JBSucker.mapToken` |
-| 31 | `DEPLOY_SUCKERS` | nana-suckers | `JBSuckerRegistry.deploySuckersFor` |
-| 32 | `SUCKER_SAFETY` | nana-suckers | `JBSucker.enableEmergencyHatchFor` |
-| 33 | `SET_SUCKER_DEPRECATION` | nana-suckers | `JBSucker.setDeprecation` |
+| 16 | `ADD_TERMINALS` | nana-core | `JBDirectory.setPrimaryTerminalOf` (implicit add) |
+| 17 | `SET_PRIMARY_TERMINAL` | nana-core | `JBDirectory.setPrimaryTerminalOf` |
+| 18 | `USE_ALLOWANCE` | nana-core | `JBMultiTerminal.useAllowanceOf` |
+| 19 | `SET_SPLIT_GROUPS` | nana-core | `JBController.setSplitGroupsOf` |
+| 20 | `ADD_PRICE_FEED` | nana-core | `JBController.addPriceFeedFor` |
+| 21 | `ADD_ACCOUNTING_CONTEXTS` | nana-core | `JBMultiTerminal.addAccountingContextsFor` |
+| 22 | `SET_TOKEN_METADATA` | nana-core | `JBController.setTokenMetadataOf` |
+| 23 | `ADJUST_721_TIERS` | nana-721-hook | `JB721TiersHook.adjustTiers` |
+| 24 | `SET_721_METADATA` | nana-721-hook | `JB721TiersHook.setMetadata` |
+| 25 | `MINT_721` | nana-721-hook | `JB721TiersHook.mintFor` |
+| 26 | `SET_721_DISCOUNT_PERCENT` | nana-721-hook | `JB721TiersHook.setDiscountPercentOf` |
+| 27 | `SET_BUYBACK_TWAP` | nana-buyback-hook | `JBBuybackHook.setTwapWindowOf` |
+| 28 | `SET_BUYBACK_POOL` | nana-buyback-hook | `JBBuybackHook.setPoolFor` |
+| 29 | `SET_BUYBACK_HOOK` | nana-buyback-hook | `JBBuybackHookRegistry.setHookFor` + `lockHookFor` |
+| 30 | `SET_ROUTER_TERMINAL` | nana-router-terminal | `JBRouterTerminalRegistry.setTerminalFor` + `lockTerminalFor` |
+| 31 | `MAP_SUCKER_TOKEN` | nana-suckers | `JBSucker.mapToken` |
+| 32 | `DEPLOY_SUCKERS` | nana-suckers | `JBSuckerRegistry.deploySuckersFor` |
+| 33 | `SUCKER_SAFETY` | nana-suckers | `JBSucker.enableEmergencyHatchFor` |
+| 34 | `SET_SUCKER_DEPRECATION` | nana-suckers | `JBSucker.setDeprecation` |
 
 ## Dependencies
 

package/AUDIT_INSTRUCTIONS.md

@@ -1,13 +1,13 @@
 # Audit Instructions -- nana-permission-ids-v6
 
-You are auditing a constants-only library that defines all permission IDs used across the Juicebox V6 ecosystem. The library has no state, no functions, no constructors, and no dependencies. The entire audit surface is the correctness and consistency of 33 `uint8` constants. Read [RISKS.md](./RISKS.md) first -- it documents all known risks and trust assumptions. Then come back here.
+You are auditing a constants-only library that defines all permission IDs used across the Juicebox V6 ecosystem. The library has no state, no functions, no constructors, and no dependencies. The entire audit surface is the correctness and consistency of 34 `uint8` constants. Read [RISKS.md](./RISKS.md) first -- it documents all known risks and trust assumptions. Then come back here.
 
 ## Quick Verification
 
-Run this one-liner from the repo root to verify all 33 permission IDs are unique, sequential (1-33), and have no gaps or duplicates:
+Run this one-liner from the repo root to verify all 34 permission IDs are unique, sequential (1-34), and have no gaps or duplicates:
 
 ```bash
-grep 'constant.*=' src/JBPermissionIds.sol | sed 's/.*= \([0-9]*\).*/\1/' | sort -n | diff - <(seq 1 33) && echo "PASS: All 33 IDs are unique and sequential (1-33)" || echo "FAIL: ID mismatch detected"
+grep 'constant.*=' src/JBPermissionIds.sol | sed 's/.*= \([0-9]*\).*/\1/' | sort -n | diff - <(seq 1 34) && echo "PASS: All 34 IDs are unique and sequential (1-34)" || echo "FAIL: ID mismatch detected"
 ```
 
 If `PASS` is printed, the constants are correctly assigned. If `FAIL` is printed, inspect the diff output to identify which IDs are missing, duplicated, or out of range.
@@ -18,12 +18,12 @@ From `foundry.toml`:
 
 | Setting | Value |
 |---------|-------|
-| Solidity version | `^0.8.28` |
+| Solidity version | `0.8.28` |
 | EVM target | `cancun` |
 | Optimizer | Enabled, 200 runs |
-| Pragma in source | `^0.8.0` (flexible, compiled with ^0.8.28) |
+| Pragma in source | `^0.8.0` (flexible, compiled with 0.8.28) |
 
-Note: The library pragma is `^0.8.0` rather than a fixed version, since consuming contracts may compile it with their own Solidity version. The `foundry.toml` pins `^0.8.28` for local builds.
+Note: The library pragma is `^0.8.0` rather than a fixed version, since consuming contracts may compile it with their own Solidity version. The `foundry.toml` pins `0.8.28` for local builds.
 
 ## Previous Audit Findings
 
@@ -42,14 +42,14 @@ Both findings were comment-only inaccuracies with no security impact. All 5 inva
 
 **In scope:**
 ```
-src/JBPermissionIds.sol    # Constants library (~67 lines, 33 permission IDs)
+src/JBPermissionIds.sol    # Constants library (~69 lines, 34 permission IDs)
 ```
 
 **Out of scope:** All consuming contracts (nana-core, nana-721-hook, nana-buyback-hook, nana-router-terminal, nana-suckers, revnet-core, croptop-core). The constants library has no dependencies.
 
 ## Architecture
 
-`JBPermissionIds` is a Solidity library containing 33 `uint8 internal constant` values numbered 1 through 33. These IDs are used with `JBPermissions.setPermissionsFor()` to grant scoped access to protocol functions. The permission system stores permissions as a 256-bit packed integer (`uint256`), with each bit corresponding to a permission ID.
+`JBPermissionIds` is a Solidity library containing 34 `uint8 internal constant` values numbered 1 through 34. These IDs are used with `JBPermissions.setPermissionsFor()` to grant scoped access to protocol functions. The permission system stores permissions as a 256-bit packed integer (`uint256`), with each bit corresponding to a permission ID.
 
 ### Permission System Overview
 
@@ -59,8 +59,8 @@ permissionsOf[operator][account][projectId] => uint256 (one bit per permission I
 
 - **Bit 0 (ID 0):** Reserved, cannot be set. `JBPermissions` reverts if bit 0 is included.
 - **Bit 1 (ID 1, ROOT):** Grants all permissions across all contracts. Cannot be granted for wildcard `projectId = 0`.
-- **Bits 2-33:** Individual permissions, each gating a specific function (or set of functions) in the ecosystem.
-- **Bits 34-255:** Unassigned, available for future extensions.
+- **Bits 2-34:** Individual permissions, each gating a specific function (or set of functions) in the ecosystem.
+- **Bits 35-255:** Unassigned, available for future extensions.
 
 ### All Permission IDs
 
@@ -81,24 +81,25 @@ permissionsOf[operator][account][projectId] => uint256 (one bit per permission I
 | 13 | `TRANSFER_CREDITS` | `JBController.transferCreditsFrom` | **Token holder** |
 | 14 | `SET_CONTROLLER` | `JBDirectory.setControllerOf` | Project owner |
 | 15 | `SET_TERMINALS` | `JBDirectory.setTerminalsOf` (WARNING: can remove primary terminal) | Project owner |
-| 16 | `SET_PRIMARY_TERMINAL` | `JBDirectory.setPrimaryTerminalOf` | Project owner |
-| 17 | `USE_ALLOWANCE` | `JBMultiTerminal.useAllowanceOf` | Project owner |
-| 18 | `SET_SPLIT_GROUPS` | `JBController.setSplitGroupsOf` | Project owner |
-| 19 | `ADD_PRICE_FEED` | `JBController.addPriceFeedFor` (not `JBPrices` directly) | Project owner |
-| 20 | `ADD_ACCOUNTING_CONTEXTS` | `JBMultiTerminal.addAccountingContextsFor` | Project owner |
-| 21 | `SET_TOKEN_METADATA` | `JBController.setTokenMetadataOf` | Project owner |
-| 22 | `ADJUST_721_TIERS` | `JB721TiersHook.adjustTiers` | Hook owner |
-| 23 | `SET_721_METADATA` | `JB721TiersHook.setMetadata` | Hook owner |
-| 24 | `MINT_721` | `JB721TiersHook.mintFor` | Hook owner |
-| 25 | `SET_721_DISCOUNT_PERCENT` | `JB721TiersHook.setDiscountPercentOf` | Hook owner |
-| 26 | `SET_BUYBACK_TWAP` | `JBBuybackHook.setTwapWindowOf` | Project owner |
-| 27 | `SET_BUYBACK_POOL` | `JBBuybackHook.setPoolFor` | Project owner |
-| 28 | `SET_BUYBACK_HOOK` | `JBBuybackHookRegistry.setHookFor` + `lockHookFor` | Project owner |
-| 29 | `SET_ROUTER_TERMINAL` | `JBRouterTerminalRegistry.setTerminalFor` + `lockTerminalFor` | Project owner |
-| 30 | `MAP_SUCKER_TOKEN` | `JBSucker.mapToken` | Project owner |
-| 31 | `DEPLOY_SUCKERS` | `JBSuckerRegistry.deploySuckersFor` | Project owner |
-| 32 | `SUCKER_SAFETY` | `JBSucker.enableEmergencyHatchFor` | Project owner |
-| 33 | `SET_SUCKER_DEPRECATION` | `JBSucker.setDeprecation` | Project owner |
+| 16 | `ADD_TERMINALS` | `JBDirectory.setPrimaryTerminalOf` (implicit add) | Project owner |
+| 17 | `SET_PRIMARY_TERMINAL` | `JBDirectory.setPrimaryTerminalOf` | Project owner |
+| 18 | `USE_ALLOWANCE` | `JBMultiTerminal.useAllowanceOf` | Project owner |
+| 19 | `SET_SPLIT_GROUPS` | `JBController.setSplitGroupsOf` | Project owner |
+| 20 | `ADD_PRICE_FEED` | `JBController.addPriceFeedFor` (not `JBPrices` directly) | Project owner |
+| 21 | `ADD_ACCOUNTING_CONTEXTS` | `JBMultiTerminal.addAccountingContextsFor` | Project owner |
+| 22 | `SET_TOKEN_METADATA` | `JBController.setTokenMetadataOf` | Project owner |
+| 23 | `ADJUST_721_TIERS` | `JB721TiersHook.adjustTiers` | Hook owner |
+| 24 | `SET_721_METADATA` | `JB721TiersHook.setMetadata` | Hook owner |
+| 25 | `MINT_721` | `JB721TiersHook.mintFor` | Hook owner |
+| 26 | `SET_721_DISCOUNT_PERCENT` | `JB721TiersHook.setDiscountPercentOf` | Hook owner |
+| 27 | `SET_BUYBACK_TWAP` | `JBBuybackHook.setTwapWindowOf` | Project owner |
+| 28 | `SET_BUYBACK_POOL` | `JBBuybackHook.setPoolFor` | Project owner |
+| 29 | `SET_BUYBACK_HOOK` | `JBBuybackHookRegistry.setHookFor` + `lockHookFor` | Project owner |
+| 30 | `SET_ROUTER_TERMINAL` | `JBRouterTerminalRegistry.setTerminalFor` + `lockTerminalFor` | Project owner |
+| 31 | `MAP_SUCKER_TOKEN` | `JBSucker.mapToken` | Project owner |
+| 32 | `DEPLOY_SUCKERS` | `JBSuckerRegistry.deploySuckersFor` | Project owner |
+| 33 | `SUCKER_SAFETY` | `JBSucker.enableEmergencyHatchFor` | Project owner |
+| 34 | `SET_SUCKER_DEPRECATION` | `JBSucker.setDeprecation` | Project owner |
 
 ## Priority Audit Areas
 
@@ -106,19 +107,19 @@ permissionsOf[operator][account][projectId] => uint256 (one bit per permission I
 
 Every permission ID must be unique. Two different constants with the same numeric value would cause one permission grant to silently authorize a different action. Verify:
 
-- All 33 constants have distinct values.
-- Values are sequential from 1 to 33 with no gaps and no duplicates.
+- All 34 constants have distinct values.
+- Values are sequential from 1 to 34 with no gaps and no duplicates.
 - No other file in the ecosystem defines additional permission ID constants that could collide with these.
 
 ### 2. ID-to-Function Mapping Correctness
 
 Each constant's doc comment claims it gates a specific function. Verify against the actual source code of each consuming contract:
 
-- **nana-core-v6**: IDs 2-21 should match the `_requirePermissionFrom` calls in `JBController`, `JBMultiTerminal`, and `JBDirectory`.
-- **nana-721-hook-v6**: IDs 22-25 should match permission checks in `JB721TiersHook`.
-- **nana-buyback-hook-v6**: IDs 26-28 should match permission checks in `JBBuybackHook` and `JBBuybackHookRegistry`.
-- **nana-router-terminal-v6**: ID 29 should match permission checks in `JBRouterTerminalRegistry`.
-- **nana-suckers-v6**: IDs 30-33 should match permission checks in `JBSucker` and `JBSuckerRegistry`.
+- **nana-core-v6**: IDs 2-22 should match the `_requirePermissionFrom` calls in `JBController`, `JBMultiTerminal`, and `JBDirectory`.
+- **nana-721-hook-v6**: IDs 23-26 should match permission checks in `JB721TiersHook`.
+- **nana-buyback-hook-v6**: IDs 27-29 should match permission checks in `JBBuybackHook` and `JBBuybackHookRegistry`.
+- **nana-router-terminal-v6**: ID 30 should match permission checks in `JBRouterTerminalRegistry`.
+- **nana-suckers-v6**: IDs 31-34 should match permission checks in `JBSucker` and `JBSuckerRegistry`.
 
 ### 3. Holder-Scoped vs Owner-Scoped Permissions
 
@@ -135,8 +136,8 @@ Verify that no consuming contract incorrectly checks these against the project o
 
 Two IDs intentionally gate both a "set" and a "lock" operation:
 
-- **SET_BUYBACK_HOOK (28)**: Gates both `setHookFor` (configurable) and `lockHookFor` (permanent). An operator with this permission can permanently lock the hook configuration.
-- **SET_ROUTER_TERMINAL (29)**: Gates both `setTerminalFor` (configurable) and `lockTerminalFor` (permanent). An operator with this permission can permanently lock the terminal configuration.
+- **SET_BUYBACK_HOOK (29)**: Gates both `setHookFor` (configurable) and `lockHookFor` (permanent). An operator with this permission can permanently lock the hook configuration.
+- **SET_ROUTER_TERMINAL (30)**: Gates both `setTerminalFor` (configurable) and `lockTerminalFor` (permanent). An operator with this permission can permanently lock the terminal configuration.
 
 Verify that project owners are aware of the locking implication when granting these permissions. The source code includes `@dev` documentation, but this is a significant trust escalation.
 
@@ -159,11 +160,11 @@ The source comment warns: "Be careful - `SET_TERMINALS` can be used to remove th
 
 ## Invariants to Verify
 
-1. **Uniqueness**: All 33 constants have unique values in the range [1, 33].
+1. **Uniqueness**: All 34 constants have unique values in the range [1, 34].
 2. **Completeness**: Every `_requirePermissionFrom` call in the ecosystem uses one of these constants (no magic numbers).
 3. **Type consistency**: All constants are `uint8`, matching the parameter type of `JBPermissions.hasPermission`.
 4. **No ID 0**: No constant has value 0 (reserved and forbidden by `JBPermissions`).
-5. **Sequential assignment**: IDs are assigned 1 through 33 with no gaps.
+5. **Sequential assignment**: IDs are assigned 1 through 34 with no gaps.
 
 ## Testing Setup
 

package/CHANGE_LOG.md

@@ -6,7 +6,7 @@ This document describes all changes between `nana-permission-ids` (v5) and `nana
 
 - **All numeric IDs shifted** — the insertion of `LAUNCH_RULESETS` at ID 3 cascades through every subsequent permission. Any code using hardcoded numeric values will break.
 - **Two permissions split**: `QUEUE_RULESETS` → `QUEUE_RULESETS` + `LAUNCH_RULESETS`; `SUCKER_SAFETY` → `SUCKER_SAFETY` + `SET_SUCKER_DEPRECATION`.
-- **5 new permissions** added: `LAUNCH_RULESETS` (3), `SET_TOKEN_METADATA` (21), `SET_BUYBACK_HOOK` (28), `SET_ROUTER_TERMINAL` (29), `SET_SUCKER_DEPRECATION` (33).
+- **6 new permissions** added: `LAUNCH_RULESETS` (3), `ADD_TERMINALS` (16), `SET_TOKEN_METADATA` (22), `SET_BUYBACK_HOOK` (29), `SET_ROUTER_TERMINAL` (30), `SET_SUCKER_DEPRECATION` (34).
 - **2 swap terminal permissions removed**: `ADD_SWAP_TERMINAL_POOL` and `ADD_SWAP_TERMINAL_TWAP_PARAMS` (swap terminal replaced by router terminal).
 
 > **⚠️ WARNING: All numeric permission IDs have shifted.** If your contracts, scripts, or frontends hardcode permission ID numbers (e.g., `permissions.setPermissionsFor(..., 3, ...)` for `CASH_OUT_TOKENS`), they MUST be updated. `CASH_OUT_TOKENS` moved from 3 → 4, `SEND_PAYOUTS` from 4 → 5, and so on. Always reference the named constants from `JBPermissionIds` rather than raw numbers.
@@ -35,20 +35,20 @@ The insertion of `LAUNCH_RULESETS` at ID 3 pushed every subsequent permission ID
 | `TRANSFER_CREDITS` | 12 | 13 |
 | `SET_CONTROLLER` | 13 | 14 |
 | `SET_TERMINALS` | 14 | 15 |
-| `SET_PRIMARY_TERMINAL` | 15 | 16 |
-| `USE_ALLOWANCE` | 16 | 17 |
-| `SET_SPLIT_GROUPS` | 17 | 18 |
-| `ADD_PRICE_FEED` | 18 | 19 |
-| `ADD_ACCOUNTING_CONTEXTS` | 19 | 20 |
-| `ADJUST_721_TIERS` | 20 | 22 |
-| `SET_721_METADATA` | 21 | 23 |
-| `MINT_721` | 22 | 24 |
-| `SET_721_DISCOUNT_PERCENT` | 23 | 25 |
-| `SET_BUYBACK_TWAP` | 24 | 26 |
-| `SET_BUYBACK_POOL` | 25 | 27 |
-| `MAP_SUCKER_TOKEN` | 28 | 30 |
-| `DEPLOY_SUCKERS` | 29 | 31 |
-| `SUCKER_SAFETY` | 30 | 32 |
+| `SET_PRIMARY_TERMINAL` | 15 | 17 |
+| `USE_ALLOWANCE` | 16 | 18 |
+| `SET_SPLIT_GROUPS` | 17 | 19 |
+| `ADD_PRICE_FEED` | 18 | 20 |
+| `ADD_ACCOUNTING_CONTEXTS` | 19 | 21 |
+| `ADJUST_721_TIERS` | 20 | 23 |
+| `SET_721_METADATA` | 21 | 24 |
+| `MINT_721` | 22 | 25 |
+| `SET_721_DISCOUNT_PERCENT` | 23 | 26 |
+| `SET_BUYBACK_TWAP` | 24 | 27 |
+| `SET_BUYBACK_POOL` | 25 | 28 |
+| `MAP_SUCKER_TOKEN` | 28 | 31 |
+| `DEPLOY_SUCKERS` | 29 | 32 |
+| `SUCKER_SAFETY` | 30 | 33 |
 
 ### `QUEUE_RULESETS` split into two permissions
 
@@ -63,8 +63,8 @@ In v5, `QUEUE_RULESETS` (2) granted permission to call both `JBController.queueR
 
 In v5, `SUCKER_SAFETY` (30) granted permission to call both `BPSucker.enableEmergencyHatchFor` and `BPSucker.setDeprecation`. In v6, these are separate:
 
-- `SUCKER_SAFETY` (32) -- only `JBSucker.enableEmergencyHatchFor`
-- `SET_SUCKER_DEPRECATION` (33) -- only `JBSucker.setDeprecation`
+- `SUCKER_SAFETY` (33) -- only `JBSucker.enableEmergencyHatchFor`
+- `SET_SUCKER_DEPRECATION` (34) -- only `JBSucker.setDeprecation`
 
 ### Swap terminal permissions removed
 
@@ -75,7 +75,7 @@ The following permissions from `nana-swap-terminal` no longer exist in v6:
 | `ADD_SWAP_TERMINAL_POOL` | 26 | Was for `JBSwapTerminal.addDefaultPool` |
 | `ADD_SWAP_TERMINAL_TWAP_PARAMS` | 27 | Was for `JBSwapTerminal.addTwapParamsFor` |
 
-> **Cross-repo impact**: `nana-router-terminal-v6` (the replacement for swap terminal) uses the new `SET_ROUTER_TERMINAL` (29) permission instead.
+> **Cross-repo impact**: `nana-router-terminal-v6` (the replacement for swap terminal) uses the new `SET_ROUTER_TERMINAL` (30) permission instead.
 
 ### Contract prefix rename (suckers)
 
@@ -96,19 +96,23 @@ In v5, the comment stated this gates both `JBBuybackHook.setTwapWindowOf` and `J
 
 New permission split from `QUEUE_RULESETS`. Gates `JBController.launchRulesetsFor` independently.
 
-### `SET_TOKEN_METADATA` (21)
+### `ADD_TERMINALS` (16)
 
-New core permission. Gates `JBController.setMetadataOf` for setting project token metadata.
+New core permission. Gates `JBDirectory.setPrimaryTerminalOf` when it implicitly adds a new terminal that is not already in the project's terminal list. This is a narrower alternative to `SET_TERMINALS` (15), which replaces the entire terminal list.
 
-### `SET_BUYBACK_HOOK` (28)
+### `SET_TOKEN_METADATA` (22)
+
+New core permission. Gates `JBController.setTokenMetadataOf` for setting project token metadata.
+
+### `SET_BUYBACK_HOOK` (29)
 
 New buyback hook permission. Gates both `JBBuybackHookRegistry.setHookFor` and `JBBuybackHookRegistry.lockHookFor`. Note: granting this permission allows the operator to permanently lock the hook configuration.
 
-### `SET_ROUTER_TERMINAL` (29)
+### `SET_ROUTER_TERMINAL` (30)
 
 New router terminal permission. Gates both `JBRouterTerminalRegistry.setTerminalFor` and `JBRouterTerminalRegistry.lockTerminalFor`. Note: granting this permission allows the operator to permanently lock the terminal configuration.
 
-### `SET_SUCKER_DEPRECATION` (33)
+### `SET_SUCKER_DEPRECATION` (34)
 
 New permission split from `SUCKER_SAFETY`. Gates `JBSucker.setDeprecation` independently.
 
@@ -133,23 +137,24 @@ New permission split from `SUCKER_SAFETY`. Gates `JBSucker.setDeprecation` indep
 | `TRANSFER_CREDITS` | 12 | `TRANSFER_CREDITS` | 13 | ID changed |
 | `SET_CONTROLLER` | 13 | `SET_CONTROLLER` | 14 | ID changed |
 | `SET_TERMINALS` | 14 | `SET_TERMINALS` | 15 | ID changed |
-| `SET_PRIMARY_TERMINAL` | 15 | `SET_PRIMARY_TERMINAL` | 16 | ID changed |
-| `USE_ALLOWANCE` | 16 | `USE_ALLOWANCE` | 17 | ID changed |
-| `SET_SPLIT_GROUPS` | 17 | `SET_SPLIT_GROUPS` | 18 | ID changed |
-| `ADD_PRICE_FEED` | 18 | `ADD_PRICE_FEED` | 19 | ID changed |
-| `ADD_ACCOUNTING_CONTEXTS` | 19 | `ADD_ACCOUNTING_CONTEXTS` | 20 | ID changed |
-| -- | -- | `SET_TOKEN_METADATA` | 21 | **New** |
-| `ADJUST_721_TIERS` | 20 | `ADJUST_721_TIERS` | 22 | ID changed |
-| `SET_721_METADATA` | 21 | `SET_721_METADATA` | 23 | ID changed |
-| `MINT_721` | 22 | `MINT_721` | 24 | ID changed |
-| `SET_721_DISCOUNT_PERCENT` | 23 | `SET_721_DISCOUNT_PERCENT` | 25 | ID changed |
-| `SET_BUYBACK_TWAP` | 24 | `SET_BUYBACK_TWAP` | 26 | ID changed, comment narrowed |
-| `SET_BUYBACK_POOL` | 25 | `SET_BUYBACK_POOL` | 27 | ID changed |
+| -- | -- | `ADD_TERMINALS` | 16 | **New** |
+| `SET_PRIMARY_TERMINAL` | 15 | `SET_PRIMARY_TERMINAL` | 17 | ID changed |
+| `USE_ALLOWANCE` | 16 | `USE_ALLOWANCE` | 18 | ID changed |
+| `SET_SPLIT_GROUPS` | 17 | `SET_SPLIT_GROUPS` | 19 | ID changed |
+| `ADD_PRICE_FEED` | 18 | `ADD_PRICE_FEED` | 20 | ID changed |
+| `ADD_ACCOUNTING_CONTEXTS` | 19 | `ADD_ACCOUNTING_CONTEXTS` | 21 | ID changed |
+| -- | -- | `SET_TOKEN_METADATA` | 22 | **New** |
+| `ADJUST_721_TIERS` | 20 | `ADJUST_721_TIERS` | 23 | ID changed |
+| `SET_721_METADATA` | 21 | `SET_721_METADATA` | 24 | ID changed |
+| `MINT_721` | 22 | `MINT_721` | 25 | ID changed |
+| `SET_721_DISCOUNT_PERCENT` | 23 | `SET_721_DISCOUNT_PERCENT` | 26 | ID changed |
+| `SET_BUYBACK_TWAP` | 24 | `SET_BUYBACK_TWAP` | 27 | ID changed, comment narrowed |
+| `SET_BUYBACK_POOL` | 25 | `SET_BUYBACK_POOL` | 28 | ID changed |
 | `ADD_SWAP_TERMINAL_POOL` | 26 | -- | -- | **Removed** |
 | `ADD_SWAP_TERMINAL_TWAP_PARAMS` | 27 | -- | -- | **Removed** |
-| -- | -- | `SET_BUYBACK_HOOK` | 28 | **New** |
-| -- | -- | `SET_ROUTER_TERMINAL` | 29 | **New** |
-| `MAP_SUCKER_TOKEN` | 28 | `MAP_SUCKER_TOKEN` | 30 | ID changed, `BPSucker` → `JBSucker` |
-| `DEPLOY_SUCKERS` | 29 | `DEPLOY_SUCKERS` | 31 | ID changed, `BPSuckerRegistry` → `JBSuckerRegistry` |
-| `SUCKER_SAFETY` | 30 | `SUCKER_SAFETY` | 32 | ID changed, narrowed (no longer includes deprecation) |
-| -- | -- | `SET_SUCKER_DEPRECATION` | 33 | **New** (split from `SUCKER_SAFETY`) |
+| -- | -- | `SET_BUYBACK_HOOK` | 29 | **New** |
+| -- | -- | `SET_ROUTER_TERMINAL` | 30 | **New** |
+| `MAP_SUCKER_TOKEN` | 28 | `MAP_SUCKER_TOKEN` | 31 | ID changed, `BPSucker` → `JBSucker` |
+| `DEPLOY_SUCKERS` | 29 | `DEPLOY_SUCKERS` | 32 | ID changed, `BPSuckerRegistry` → `JBSuckerRegistry` |
+| `SUCKER_SAFETY` | 30 | `SUCKER_SAFETY` | 33 | ID changed, narrowed (no longer includes deprecation) |
+| -- | -- | `SET_SUCKER_DEPRECATION` | 34 | **New** (split from `SUCKER_SAFETY`) |

package/README.md

@@ -1,6 +1,6 @@
 # Juicebox Permission IDs
 
-The single source of truth for access control across the Juicebox V6 ecosystem. This library defines 33 `uint8` constants -- one for each permission ID used with [`JBPermissions`](https://github.com/Bananapus/nana-core-v6/blob/main/src/JBPermissions.sol) -- ensuring every contract references the same IDs.
+The single source of truth for access control across the Juicebox V6 ecosystem. This library defines 34 `uint8` constants -- one for each permission ID used with [`JBPermissions`](https://github.com/Bananapus/nana-core-v6/blob/main/src/JBPermissions.sol) -- ensuring every contract references the same IDs.
 
 ## How permissions work
 
@@ -16,13 +16,13 @@ permissionsOf[operator][account][projectId] => uint256 (packed bits)
 
 | Contract | Description |
 |----------|-------------|
-| `JBPermissionIds` | Solidity library with 33 `uint8 internal constant` permission IDs (values 1--33). No state, no functions, no dependencies. Pragma `^0.8.0` for maximum compatibility. |
+| `JBPermissionIds` | Solidity library with 34 `uint8 internal constant` permission IDs (values 1--34). No state, no functions, no dependencies. Pragma `^0.8.0` for maximum compatibility. |
 
 ## Repository Layout
 
 ```
 src/
-└── JBPermissionIds.sol  ── 33 uint8 constants (the only source file)
+└── JBPermissionIds.sol  ── 34 uint8 constants (the only source file)
 ```
 
 No tests, interfaces, or deployment scripts -- this repo is a pure constant library.
@@ -35,7 +35,7 @@ No tests, interfaces, or deployment scripts -- this repo is a pure constant libr
 |----|------|-------------|
 | 1 | `ROOT` | Grants **all** permissions across every contract. An operator with ROOT can call any permissioned function on behalf of the account. Must be granted with extreme care. See [Gotchas](#gotchas) for restrictions. |
 
-### Core (IDs 2--21) -- [nana-core-v6](https://github.com/Bananapus/nana-core-v6)
+### Core (IDs 2--22) -- [nana-core-v6](https://github.com/Bananapus/nana-core-v6)
 
 | ID | Name | Checked in | Description |
 |----|------|------------|-------------|
@@ -53,44 +53,45 @@ No tests, interfaces, or deployment scripts -- this repo is a pure constant libr
 | 13 | `TRANSFER_CREDITS` | `JBController.transferCreditsFrom` | Transfer a holder's internal credit balance to another address. Checked against the **token holder**. |
 | 14 | `SET_CONTROLLER` | `JBDirectory.setControllerOf` | Set a project's controller in the directory. |
 | 15 | `SET_TERMINALS` | `JBDirectory.setTerminalsOf` | Set a project's terminals. **Warning:** can remove the primary terminal. Also required by `LAUNCH_RULESETS` (ID 3). |
-| 16 | `SET_PRIMARY_TERMINAL` | `JBDirectory.setPrimaryTerminalOf` | Set a project's primary terminal for a given token. |
-| 17 | `USE_ALLOWANCE` | `JBMultiTerminal.useAllowanceOf` | Use a project's surplus allowance to send funds to an arbitrary address. |
-| 18 | `SET_SPLIT_GROUPS` | `JBController.setSplitGroupsOf` | Set a project's split groups (how payouts and reserved tokens are distributed). |
-| 19 | `ADD_PRICE_FEED` | `JBController.addPriceFeedFor` | Add a price feed for a project. The controller checks this permission before calling `JBPrices.addPriceFeedFor`. |
-| 20 | `ADD_ACCOUNTING_CONTEXTS` | `JBMultiTerminal.addAccountingContextsFor` | Add accounting contexts (accepted tokens) to a terminal for a project. |
-| 21 | `SET_TOKEN_METADATA` | `JBController.setTokenMetadataOf` | Set a project token's name and symbol. Checked against the project owner. |
+| 16 | `ADD_TERMINALS` | `JBDirectory.setPrimaryTerminalOf` | Add a new terminal to a project when `setPrimaryTerminalOf` implicitly adds it. |
+| 17 | `SET_PRIMARY_TERMINAL` | `JBDirectory.setPrimaryTerminalOf` | Set a project's primary terminal for a given token. |
+| 18 | `USE_ALLOWANCE` | `JBMultiTerminal.useAllowanceOf` | Use a project's surplus allowance to send funds to an arbitrary address. |
+| 19 | `SET_SPLIT_GROUPS` | `JBController.setSplitGroupsOf` | Set a project's split groups (how payouts and reserved tokens are distributed). |
+| 20 | `ADD_PRICE_FEED` | `JBController.addPriceFeedFor` | Add a price feed for a project. The controller checks this permission before calling `JBPrices.addPriceFeedFor`. |
+| 21 | `ADD_ACCOUNTING_CONTEXTS` | `JBMultiTerminal.addAccountingContextsFor` | Add accounting contexts (accepted tokens) to a terminal for a project. |
+| 22 | `SET_TOKEN_METADATA` | `JBController.setTokenMetadataOf` | Set a project token's name and symbol. Checked against the project owner. |
 
-### 721 Hook (IDs 22--25) -- [nana-721-hook-v6](https://github.com/Bananapus/nana-721-hook-v6)
+### 721 Hook (IDs 23--26) -- [nana-721-hook-v6](https://github.com/Bananapus/nana-721-hook-v6)
 
 | ID | Name | Checked in | Description |
 |----|------|------------|-------------|
-| 22 | `ADJUST_721_TIERS` | `JB721TiersHook.adjustTiers` | Add or remove NFT tiers. Also used by `CTPublisher` and `CTProjectOwner` in croptop-core-v6. |
-| 23 | `SET_721_METADATA` | `JB721TiersHook.setMetadata` | Set the metadata (base URI, contract URI, token URI resolver) for a 721 hook. |
-| 24 | `MINT_721` | `JB721TiersHook.mintFor` | Manually mint NFTs from specific tiers to a beneficiary. |
-| 25 | `SET_721_DISCOUNT_PERCENT` | `JB721TiersHook.setDiscountPercentOf` | Set the discount percent for one or more NFT tiers. |
+| 23 | `ADJUST_721_TIERS` | `JB721TiersHook.adjustTiers` | Add or remove NFT tiers. Also used by `CTPublisher` and `CTProjectOwner` in croptop-core-v6. |
+| 24 | `SET_721_METADATA` | `JB721TiersHook.setMetadata` | Set the metadata (base URI, contract URI, token URI resolver) for a 721 hook. |
+| 25 | `MINT_721` | `JB721TiersHook.mintFor` | Manually mint NFTs from specific tiers to a beneficiary. |
+| 26 | `SET_721_DISCOUNT_PERCENT` | `JB721TiersHook.setDiscountPercentOf` | Set the discount percent for one or more NFT tiers. |
 
-### Buyback Hook (IDs 26--28) -- [nana-buyback-hook-v6](https://github.com/Bananapus/nana-buyback-hook-v6)
+### Buyback Hook (IDs 27--29) -- [nana-buyback-hook-v6](https://github.com/Bananapus/nana-buyback-hook-v6)
 
 | ID | Name | Checked in | Description |
 |----|------|------------|-------------|
-| 26 | `SET_BUYBACK_TWAP` | `JBBuybackHook.setTwapWindowOf` | Set the TWAP (time-weighted average price) oracle window for a project's buyback hook. |
-| 27 | `SET_BUYBACK_POOL` | `JBBuybackHook.setPoolFor`, `JBBuybackHook.initializePoolFor`, `JBBuybackHookRegistry.setPoolFor`, `JBBuybackHookRegistry.initializePoolFor` | Set the Uniswap pool for a project's buyback hook. |
-| 28 | `SET_BUYBACK_HOOK` | `JBBuybackHookRegistry.setHookFor`, `JBBuybackHookRegistry.lockHookFor` | Set or lock the buyback hook in the registry. Also used by `REVDeployer` as an operator permission grant. |
+| 27 | `SET_BUYBACK_TWAP` | `JBBuybackHook.setTwapWindowOf` | Set the TWAP (time-weighted average price) oracle window for a project's buyback hook. |
+| 28 | `SET_BUYBACK_POOL` | `JBBuybackHook.setPoolFor`, `JBBuybackHook.initializePoolFor`, `JBBuybackHookRegistry.setPoolFor`, `JBBuybackHookRegistry.initializePoolFor` | Set the Uniswap pool for a project's buyback hook. |
+| 29 | `SET_BUYBACK_HOOK` | `JBBuybackHookRegistry.setHookFor`, `JBBuybackHookRegistry.lockHookFor` | Set or lock the buyback hook in the registry. Also used by `REVDeployer` as an operator permission grant. |
 
-### Router Terminal (ID 29) -- [nana-router-terminal-v6](https://github.com/Bananapus/nana-router-terminal-v6)
+### Router Terminal (ID 30) -- [nana-router-terminal-v6](https://github.com/Bananapus/nana-router-terminal-v6)
 
 | ID | Name | Checked in | Description |
 |----|------|------------|-------------|
-| 29 | `SET_ROUTER_TERMINAL` | `JBRouterTerminalRegistry.setTerminalFor`, `JBRouterTerminalRegistry.lockTerminalFor` | Set or lock the router terminal for a project. |
+| 30 | `SET_ROUTER_TERMINAL` | `JBRouterTerminalRegistry.setTerminalFor`, `JBRouterTerminalRegistry.lockTerminalFor` | Set or lock the router terminal for a project. |
 
-### Suckers / Omnichain (IDs 30--33) -- [nana-suckers-v6](https://github.com/Bananapus/nana-suckers-v6)
+### Suckers / Omnichain (IDs 31--34) -- [nana-suckers-v6](https://github.com/Bananapus/nana-suckers-v6)
 
 | ID | Name | Checked in | Description |
 |----|------|------------|-------------|
-| 30 | `MAP_SUCKER_TOKEN` | `JBSucker.mapToken` | Map an ERC-20 token to its remote chain counterpart in a sucker. Mapping is immutable once the outbox tree has entries. |
-| 31 | `DEPLOY_SUCKERS` | `JBSuckerRegistry.deploySuckersFor` | Deploy new sucker contracts for a project. Also checked by `JBOmnichainDeployer` and `CTDeployer`. |
-| 32 | `SUCKER_SAFETY` | `JBSucker.enableEmergencyHatchFor` | Enable the emergency hatch for a sucker, allowing the project owner to recover stuck tokens. |
-| 33 | `SET_SUCKER_DEPRECATION` | `JBSucker.setDeprecation` | Set the deprecation status of a sucker (ENABLED, DEPRECATION_PENDING, SENDING_DISABLED, DEPRECATED). |
+| 31 | `MAP_SUCKER_TOKEN` | `JBSucker.mapToken` | Map an ERC-20 token to its remote chain counterpart in a sucker. Mapping is immutable once the outbox tree has entries. |
+| 32 | `DEPLOY_SUCKERS` | `JBSuckerRegistry.deploySuckersFor` | Deploy new sucker contracts for a project. Also checked by `JBOmnichainDeployer` and `CTDeployer`. |
+| 33 | `SUCKER_SAFETY` | `JBSucker.enableEmergencyHatchFor` | Enable the emergency hatch for a sucker, allowing the project owner to recover stuck tokens. |
+| 34 | `SET_SUCKER_DEPRECATION` | `JBSucker.setDeprecation` | Set the deprecation status of a sucker (ENABLED, DEPRECATION_PENDING, SENDING_DISABLED, DEPRECATED). |
 
 ## Gotchas
 
@@ -102,7 +103,8 @@ No tests, interfaces, or deployment scripts -- this repo is a pure constant libr
 - **SET_TERMINALS can remove the primary terminal.** The source code warns about this. Replacing the terminal list can drop the primary terminal, breaking payments and cashouts.
 - **LAUNCH_RULESETS requires SET_TERMINALS.** `launchRulesetsFor` enforces both `LAUNCH_RULESETS` and `SET_TERMINALS` because it configures terminals as part of the launch.
 - **Holder vs. owner permissions.** Most permissions are checked against the project owner, but `CASH_OUT_TOKENS`, `BURN_TOKENS`, `CLAIM_TOKENS`, and `TRANSFER_CREDITS` are checked against the **token holder**. This means a holder can grant an operator permission to cash out or burn their own tokens.
-- **The uint8 type limits IDs to 0--255.** Currently 33 are defined (1--33), leaving room for future extensions.
+- **ADD_TERMINALS (16) vs SET_TERMINALS (15).** `SET_TERMINALS` replaces the entire terminal list and can remove the primary terminal. `ADD_TERMINALS` is a narrower permission checked when `setPrimaryTerminalOf` implicitly adds a new terminal that is not already in the project's terminal list.
+- **The uint8 type limits IDs to 0--255.** Currently 34 are defined (1--34), leaving room for future extensions.
 
 ## Install
 

package/RISKS.md

@@ -5,17 +5,17 @@ Constants-only library defining permission ID values used throughout the Bananap
 ## 1. Known Risks
 
 - **ROOT permission (ID 1).** ROOT grants all permissions across every contract. Any address granted ROOT can perform any permissioned operation on any project. Should never be granted to untrusted addresses.
-- **SET_BUYBACK_HOOK includes lock (ID 28).** Gates both `setHookFor` and `lockHookFor`. An operator with this permission can permanently lock the buyback hook configuration.
-- **SET_ROUTER_TERMINAL includes lock (ID 29).** Gates both `setTerminalFor` and `lockTerminalFor`. An operator can permanently lock the router terminal.
+- **SET_BUYBACK_HOOK includes lock (ID 29).** Gates both `setHookFor` and `lockHookFor`. An operator with this permission can permanently lock the buyback hook configuration.
+- **SET_ROUTER_TERMINAL includes lock (ID 30).** Gates both `setTerminalFor` and `lockTerminalFor`. An operator can permanently lock the router terminal.
 - **ID collision risk.** Permission IDs are manually assigned sequential uint8 values. Adding new IDs requires coordination to avoid collision. Library is append-only.
 - **No runtime enforcement.** This library only defines constants. Enforcement happens in consuming contracts. A mismatch between the ID used here and the ID checked in a consumer would silently fail.
-- **High-impact permission IDs (fund-moving).** IDs that control fund flow should receive the most audit scrutiny: `ROOT` (1, grants everything), `CASH_OUT_TOKENS` (4, triggers withdrawals), `SEND_PAYOUTS` (5, triggers payout distribution), `MIGRATE_TERMINAL` (6, moves balances), `SET_TERMINALS` (15, redirects all fund flows), `USE_ALLOWANCE` (17, draws from surplus), `SET_SPLIT_GROUPS` (18, controls where payouts go). Of these, ROOT + SET_TERMINALS + MIGRATE_TERMINAL are the most dangerous — they can redirect all of a project's funds.
+- **High-impact permission IDs (fund-moving).** IDs that control fund flow should receive the most audit scrutiny: `ROOT` (1, grants everything), `CASH_OUT_TOKENS` (4, triggers withdrawals), `SEND_PAYOUTS` (5, triggers payout distribution), `MIGRATE_TERMINAL` (6, moves balances), `SET_TERMINALS` (15, redirects all fund flows), `USE_ALLOWANCE` (18, draws from surplus), `SET_SPLIT_GROUPS` (19, controls where payouts go). Of these, ROOT + SET_TERMINALS + MIGRATE_TERMINAL are the most dangerous — they can redirect all of a project's funds.
 - **Wildcard `projectId=0` semantics.** When a permission is granted with `projectId=0`, it applies to ALL projects. This is used by system contracts (e.g., `REVLoans` gets `USE_ALLOWANCE` with `projectId=0`). A bug in a contract holding wildcard permissions affects every project in the ecosystem, not just one. Only system-level contracts should hold wildcard permissions.
 
 ## 2. Design Notes
 
 - Permission 0 is reserved and cannot be set.
-- IDs are `uint8` (0-255), with 1-33 currently assigned.
-- IDs 34-255 are available for future ecosystem extensions.
-- IDs 34-255 are available for ecosystem extensions. Third-party contracts can define their own permission IDs in this range, but must coordinate to avoid collisions. No on-chain registry exists for custom IDs — collision detection is purely social.
+- IDs are `uint8` (0-255), with 1-34 currently assigned.
+- IDs 35-255 are available for future ecosystem extensions.
+- IDs 35-255 are available for ecosystem extensions. Third-party contracts can define their own permission IDs in this range, but must coordinate to avoid collisions. No on-chain registry exists for custom IDs — collision detection is purely social.
 - This library has zero dependencies -- it is the leaf of the dependency graph.

package/SKILLS.md

@@ -8,7 +8,7 @@ Defines all `uint8` permission ID constants used across the Juicebox V6 ecosyste
 
 | Contract | Role |
 |----------|------|
-| `JBPermissionIds` | Constants-only library. 33 `uint8 internal constant` values (1--33). Pragma `^0.8.0` for maximum compatibility across all Juicebox contracts. |
+| `JBPermissionIds` | Constants-only library. 34 `uint8 internal constant` values (1--34). Pragma `^0.8.0` for maximum compatibility across all Juicebox contracts. |
 
 ## Key Functions
 
@@ -44,44 +44,45 @@ Permissions are stored as 256-bit packed integers in `JBPermissions`, keyed by `
 | 13 | `TRANSFER_CREDITS` | `JBController.transferCreditsFrom` | Transfer internal credit balance to another address. Checked against the **token holder**. |
 | 14 | `SET_CONTROLLER` | `JBDirectory.setControllerOf` | Set a project's controller. Checked against project owner. |
 | 15 | `SET_TERMINALS` | `JBDirectory.setTerminalsOf` | Set a project's terminals. Checked against project owner. **Warning:** can remove the primary terminal. Also checked by `JBController.launchRulesetsFor` (ID 3) and `JBController.launchProjectFor`. |
-| 16 | `SET_PRIMARY_TERMINAL` | `JBDirectory.setPrimaryTerminalOf` | Set the primary terminal for a given token. Checked against project owner. |
-| 17 | `USE_ALLOWANCE` | `JBMultiTerminal.useAllowanceOf` | Use surplus allowance to send funds to an arbitrary address. Checked against project owner. |
-| 18 | `SET_SPLIT_GROUPS` | `JBController.setSplitGroupsOf` | Set how payouts and reserved tokens are distributed. Checked against project owner. |
-| 19 | `ADD_PRICE_FEED` | `JBController.addPriceFeedFor` | Add a price feed for a project. The controller checks this permission, then calls `JBPrices.addPriceFeedFor` internally. Checked against project owner. |
-| 20 | `ADD_ACCOUNTING_CONTEXTS` | `JBMultiTerminal.addAccountingContextsFor` | Add accepted token accounting contexts to a terminal. Checked against project owner. |
-| 21 | `SET_TOKEN_METADATA` | `JBController.setTokenMetadataOf` | Set a project token's name and symbol. Checked against project owner. |
+| 16 | `ADD_TERMINALS` | `JBDirectory.setPrimaryTerminalOf` | Add a new terminal when `setPrimaryTerminalOf` implicitly adds it to the project's terminal list. Checked against project owner. |
+| 17 | `SET_PRIMARY_TERMINAL` | `JBDirectory.setPrimaryTerminalOf` | Set the primary terminal for a given token. Checked against project owner. |
+| 18 | `USE_ALLOWANCE` | `JBMultiTerminal.useAllowanceOf` | Use surplus allowance to send funds to an arbitrary address. Checked against project owner. |
+| 19 | `SET_SPLIT_GROUPS` | `JBController.setSplitGroupsOf` | Set how payouts and reserved tokens are distributed. Checked against project owner. |
+| 20 | `ADD_PRICE_FEED` | `JBController.addPriceFeedFor` | Add a price feed for a project. The controller checks this permission, then calls `JBPrices.addPriceFeedFor` internally. Checked against project owner. |
+| 21 | `ADD_ACCOUNTING_CONTEXTS` | `JBMultiTerminal.addAccountingContextsFor` | Add accepted token accounting contexts to a terminal. Checked against project owner. |
+| 22 | `SET_TOKEN_METADATA` | `JBController.setTokenMetadataOf` | Set a project token's name and symbol. Checked against project owner. |
 
 ### nana-721-hook-v6
 
 | ID | Name | Checked in | Permission scope |
 |----|------|------------|-----------------|
-| 22 | `ADJUST_721_TIERS` | `JB721TiersHook.adjustTiers` | Add or remove NFT tiers. Checked against `owner()` (the project's controller). Also used by `CTPublisher`, `CTProjectOwner`, and `REVDeployer`. |
-| 23 | `SET_721_METADATA` | `JB721TiersHook.setMetadata` | Set base URI, contract URI, or token URI resolver. Checked against `owner()`. |
-| 24 | `MINT_721` | `JB721TiersHook.mintFor` | Manually mint NFTs from specific tiers. Checked against `owner()`. |
-| 25 | `SET_721_DISCOUNT_PERCENT` | `JB721TiersHook.setDiscountPercentOf` | Set the discount percent for NFT tiers. Checked against `owner()`. Called twice in the function for two separate code paths. |
+| 23 | `ADJUST_721_TIERS` | `JB721TiersHook.adjustTiers` | Add or remove NFT tiers. Checked against `owner()` (the project's controller). Also used by `CTPublisher`, `CTProjectOwner`, and `REVDeployer`. |
+| 24 | `SET_721_METADATA` | `JB721TiersHook.setMetadata` | Set base URI, contract URI, or token URI resolver. Checked against `owner()`. |
+| 25 | `MINT_721` | `JB721TiersHook.mintFor` | Manually mint NFTs from specific tiers. Checked against `owner()`. |
+| 26 | `SET_721_DISCOUNT_PERCENT` | `JB721TiersHook.setDiscountPercentOf` | Set the discount percent for NFT tiers. Checked against `owner()`. Called twice in the function for two separate code paths. |
 
 ### nana-buyback-hook-v6
 
 | ID | Name | Checked in | Permission scope |
 |----|------|------------|-----------------|
-| 26 | `SET_BUYBACK_TWAP` | `JBBuybackHook.setTwapWindowOf` | Set the TWAP oracle window duration. Checked against project owner. |
-| 27 | `SET_BUYBACK_POOL` | `JBBuybackHook.setPoolFor`, `JBBuybackHook.initializePoolFor`, `JBBuybackHookRegistry.initializePoolFor` | Set the Uniswap pool for a project's buyback. Checked against project owner. |
-| 28 | `SET_BUYBACK_HOOK` | `JBBuybackHookRegistry.setHookFor`, `JBBuybackHookRegistry.lockHookFor` | Set or lock the buyback hook implementation for a project. Checked against project owner. Also granted by `REVDeployer` as an operator permission. |
+| 27 | `SET_BUYBACK_TWAP` | `JBBuybackHook.setTwapWindowOf` | Set the TWAP oracle window duration. Checked against project owner. |
+| 28 | `SET_BUYBACK_POOL` | `JBBuybackHook.setPoolFor`, `JBBuybackHook.initializePoolFor`, `JBBuybackHookRegistry.initializePoolFor` | Set the Uniswap pool for a project's buyback. Checked against project owner. |
+| 29 | `SET_BUYBACK_HOOK` | `JBBuybackHookRegistry.setHookFor`, `JBBuybackHookRegistry.lockHookFor` | Set or lock the buyback hook implementation for a project. Checked against project owner. Also granted by `REVDeployer` as an operator permission. |
 
 ### nana-router-terminal-v6
 
 | ID | Name | Checked in | Permission scope |
 |----|------|------------|-----------------|
-| 29 | `SET_ROUTER_TERMINAL` | `JBRouterTerminalRegistry.setTerminalFor`, `JBRouterTerminalRegistry.lockTerminalFor` | Set or lock the router terminal for a project. Checked against project owner. |
+| 30 | `SET_ROUTER_TERMINAL` | `JBRouterTerminalRegistry.setTerminalFor`, `JBRouterTerminalRegistry.lockTerminalFor` | Set or lock the router terminal for a project. Checked against project owner. |
 
 ### nana-suckers-v6
 
 | ID | Name | Checked in | Permission scope |
 |----|------|------------|-----------------|
-| 30 | `MAP_SUCKER_TOKEN` | `JBSucker.mapToken` | Map an ERC-20 token to its remote chain counterpart. Immutable once the outbox merkle tree has entries. Checked against project owner. |
-| 31 | `DEPLOY_SUCKERS` | `JBSuckerRegistry.deploySuckersFor` | Deploy sucker contracts for cross-chain bridging. Checked against project owner. Also checked by `JBOmnichainDeployer` and `CTDeployer`. |
-| 32 | `SUCKER_SAFETY` | `JBSucker.enableEmergencyHatchFor` | Enable the emergency hatch to recover stuck tokens. Checked against project owner. |
-| 33 | `SET_SUCKER_DEPRECATION` | `JBSucker.setDeprecation` | Move a sucker through the deprecation lifecycle (ENABLED -> DEPRECATION_PENDING -> SENDING_DISABLED -> DEPRECATED). Checked against project owner. |
+| 31 | `MAP_SUCKER_TOKEN` | `JBSucker.mapToken` | Map an ERC-20 token to its remote chain counterpart. Immutable once the outbox merkle tree has entries. Checked against project owner. |
+| 32 | `DEPLOY_SUCKERS` | `JBSuckerRegistry.deploySuckersFor` | Deploy sucker contracts for cross-chain bridging. Checked against project owner. Also checked by `JBOmnichainDeployer` and `CTDeployer`. |
+| 33 | `SUCKER_SAFETY` | `JBSucker.enableEmergencyHatchFor` | Enable the emergency hatch to recover stuck tokens. Checked against project owner. |
+| 34 | `SET_SUCKER_DEPRECATION` | `JBSucker.setDeprecation` | Move a sucker through the deprecation lifecycle (ENABLED -> DEPRECATION_PENDING -> SENDING_DISABLED -> DEPRECATED). Checked against project owner. |
 
 ## Common Permission Bundles
 
@@ -89,12 +90,12 @@ Typical combinations when granting operator access via `JBPermissions.setPermiss
 
 | Bundle | IDs | Use case |
 |--------|-----|----------|
-| **Deployer operator** | `QUEUE_RULESETS` (2), `SET_SPLIT_GROUPS` (18), `SET_FUND_ACCESS_LIMITS` (not in this library -- set via ruleset config) | Operator that manages project rulesets and split configuration on behalf of the owner. |
-| **Token manager** | `MINT_TOKENS` (10), `BURN_TOKENS` (11), `SET_TOKEN_METADATA` (21) | Operator that manages token supply and metadata. |
-| **Treasury manager** | `SEND_PAYOUTS` (5), `USE_ALLOWANCE` (17), `ADD_ACCOUNTING_CONTEXTS` (20) | Operator that manages outflows from the project treasury. |
-| **Project admin** | `SET_PROJECT_URI` (7), `DEPLOY_ERC20` (8), `SET_CONTROLLER` (14), `SET_TERMINALS` (15), `SET_PRIMARY_TERMINAL` (16) | Broad administrative access without ROOT. |
-| **NFT manager** | `ADJUST_721_TIERS` (22), `SET_721_METADATA` (23), `MINT_721` (24), `SET_721_DISCOUNT_PERCENT` (25) | Full control over 721 tier configuration. |
-| **Cross-chain operator** | `DEPLOY_SUCKERS` (31), `MAP_SUCKER_TOKEN` (30), `SET_SUCKER_DEPRECATION` (33) | Manages cross-chain bridging lifecycle. |
+| **Deployer operator** | `QUEUE_RULESETS` (2), `SET_SPLIT_GROUPS` (19), `SET_FUND_ACCESS_LIMITS` (not in this library -- set via ruleset config) | Operator that manages project rulesets and split configuration on behalf of the owner. |
+| **Token manager** | `MINT_TOKENS` (10), `BURN_TOKENS` (11), `SET_TOKEN_METADATA` (22) | Operator that manages token supply and metadata. |
+| **Treasury manager** | `SEND_PAYOUTS` (5), `USE_ALLOWANCE` (18), `ADD_ACCOUNTING_CONTEXTS` (21) | Operator that manages outflows from the project treasury. |
+| **Project admin** | `SET_PROJECT_URI` (7), `DEPLOY_ERC20` (8), `SET_CONTROLLER` (14), `SET_TERMINALS` (15), `SET_PRIMARY_TERMINAL` (17) | Broad administrative access without ROOT. |
+| **NFT manager** | `ADJUST_721_TIERS` (23), `SET_721_METADATA` (24), `MINT_721` (25), `SET_721_DISCOUNT_PERCENT` (26) | Full control over 721 tier configuration. |
+| **Cross-chain operator** | `DEPLOY_SUCKERS` (32), `MAP_SUCKER_TOKEN` (31), `SET_SUCKER_DEPRECATION` (34) | Manages cross-chain bridging lifecycle. |
 | **Launch bundle** | `LAUNCH_RULESETS` (3), `SET_TERMINALS` (15) | Both are required for `launchRulesetsFor` -- ID 3 alone is insufficient. |
 
 ## Integration Points
@@ -128,11 +129,12 @@ N/A -- no structs or enums. All values are `uint8 internal constant`.
 - **Permission ID 0 is forbidden.** `JBPermissions` reverts with `JBPermissions_NoZeroPermission()` if bit 0 is set. Valid IDs start at 1.
 - **Wildcard project ID (0) grants cross-project access.** Granting `QUEUE_RULESETS` with `projectId = 0` means the operator can queue rulesets for *every* project the account owns. This is powerful and should be used sparingly.
 - **SET_TERMINALS (ID 15) can break a project.** Replacing the terminal list without including the current primary terminal will remove it, breaking payments and cashouts until a new primary is set.
+- **ADD_TERMINALS (ID 16) vs SET_TERMINALS (ID 15).** `ADD_TERMINALS` is a narrower permission checked when `setPrimaryTerminalOf` implicitly adds a new terminal. `SET_TERMINALS` replaces the entire terminal list.
 - **LAUNCH_RULESETS (ID 3) requires both IDs 3 and 15.** The function enforces two separate permission checks because it configures terminals in addition to launching rulesets.
 - **Holder-scoped permissions.** IDs 4 (`CASH_OUT_TOKENS`), 11 (`BURN_TOKENS`), 12 (`CLAIM_TOKENS`), and 13 (`TRANSFER_CREDITS`) are checked against the **token holder**, not the project owner. This means a holder grants an operator permission to act on the holder's own tokens.
-- **SET_BUYBACK_POOL (ID 27) vs SET_BUYBACK_HOOK (ID 28) — different scopes.** ID 27 guards pool configuration (`setPoolFor`, `initializePoolFor`). ID 28 guards hook selection (`setHookFor`, `lockHookFor`). `setTwapWindowOf` uses ID 26 (`SET_BUYBACK_TWAP`). Grant all three if the operator needs full buyback management.
-- **ADD_PRICE_FEED (ID 19) is checked on JBController, not JBPrices.** The permission gate is on `JBController.addPriceFeed`, which then calls `JBPrices.addPriceFeedFor` internally.
-- **uint8 range.** IDs are `uint8` (0--255) but the packed storage is `uint256`, so the system supports up to 256 permission bits. Currently 33 are defined (1--33).
+- **SET_BUYBACK_POOL (ID 28) vs SET_BUYBACK_HOOK (ID 29) — different scopes.** ID 28 guards pool configuration (`setPoolFor`, `initializePoolFor`). ID 29 guards hook selection (`setHookFor`, `lockHookFor`). `setTwapWindowOf` uses ID 27 (`SET_BUYBACK_TWAP`). Grant all three if the operator needs full buyback management.
+- **ADD_PRICE_FEED (ID 20) is checked on JBController, not JBPrices.** The permission gate is on `JBController.addPriceFeed`, which then calls `JBPrices.addPriceFeedFor` internally.
+- **uint8 range.** IDs are `uint8` (0--255) but the packed storage is `uint256`, so the system supports up to 256 permission bits. Currently 34 are defined (1--34).
 
 ## Example Integration
 

package/STYLE_GUIDE.md

@@ -21,7 +21,7 @@ One contract/interface/struct/enum per file. Name the file after the type it con
 
 ```solidity
 // Contracts — pin to exact version
-pragma solidity ^0.8.28;
+pragma solidity 0.8.28;
 
 // Interfaces, structs, enums — caret for forward compatibility
 pragma solidity ^0.8.0;

package/USER_JOURNEYS.md

@@ -180,7 +180,7 @@ Since this is a constants-only library with no runtime behavior, these journeys
 - `JBBuybackHookRegistry.setHookFor(uint256 projectId, IJBRulesetDataHook hook)` -- configures the hook
 - `JBBuybackHookRegistry.lockHookFor(uint256 projectId, IJBRulesetDataHook expectedHook)` -- permanently locks the configuration
 
-**Who can call**: The project owner, or an address with the owner's `SET_BUYBACK_HOOK` (ID 28) permission for that project. A single permission ID gates both operations.
+**Who can call**: The project owner, or an address with the owner's `SET_BUYBACK_HOOK` (ID 29) permission for that project. A single permission ID gates both operations.
 
 **Parameters**:
 - `projectId` -- The project whose buyback hook is being configured or locked
@@ -188,7 +188,7 @@ Since this is a constants-only library with no runtime behavior, these journeys
 
 ### Steps (SET_BUYBACK_HOOK example)
 
-1. **Operator with SET_BUYBACK_HOOK (ID 28) calls `JBBuybackHookRegistry.setHookFor(5, hookAddress)`**
+1. **Operator with SET_BUYBACK_HOOK (ID 29) calls `JBBuybackHookRegistry.setHookFor(5, hookAddress)`**
 
    - Configures the buyback hook for project 5
    - This is a reversible operation (can be called again with a different hook)
@@ -206,9 +206,9 @@ Since this is a constants-only library with no runtime behavior, these journeys
 **Events**: Events are emitted by `JBBuybackHookRegistry` (in nana-buyback-hook-v6), not this library.
 
 **Edge cases**:
-- A single permission ID (28 or 29) gates BOTH the "set" and "lock" operations. Granting the permission implicitly trusts the operator to potentially lock the configuration.
+- A single permission ID (29 or 30) gates BOTH the "set" and "lock" operations. Granting the permission implicitly trusts the operator to potentially lock the configuration.
 - The locking is permanent (no unlock mechanism in the registry).
-- Project owners should only grant SET_BUYBACK_HOOK (28) or SET_ROUTER_TERMINAL (29) to operators they trust not to lock prematurely.
+- Project owners should only grant SET_BUYBACK_HOOK (29) or SET_ROUTER_TERMINAL (30) to operators they trust not to lock prematurely.
 
 ---
 
@@ -228,20 +228,20 @@ Since this is a constants-only library with no runtime behavior, these journeys
 ### Steps
 
 1. **Deploy suckers: `JBSuckerRegistry.deploySuckersFor(5, salt, configurations)`**
-   - Permission: `DEPLOY_SUCKERS` (ID 31)
+   - Permission: `DEPLOY_SUCKERS` (ID 32)
    - Creates sucker contracts for cross-chain bridging
 
 2. **Map tokens: `JBSucker.mapToken(map)`** where `map` is a `JBTokenMapping` struct
-   - Permission: `MAP_SUCKER_TOKEN` (ID 30)
+   - Permission: `MAP_SUCKER_TOKEN` (ID 31)
    - Maps a local ERC-20 to its remote chain counterpart
    - CAUTION: once the outbox merkle tree has entries, the mapping is immutable (can only be disabled, not remapped)
 
 3. **Enable emergency hatch: `JBSucker.enableEmergencyHatchFor(tokens)`**
-   - Permission: `SUCKER_SAFETY` (ID 32)
+   - Permission: `SUCKER_SAFETY` (ID 33)
    - Allows recovery of stuck tokens via the emergency hatch
 
 4. **Deprecate sucker: `JBSucker.setDeprecation(timestamp)`**
-   - Permission: `SET_SUCKER_DEPRECATION` (ID 33)
+   - Permission: `SET_SUCKER_DEPRECATION` (ID 34)
    - The timestamp after which the sucker is deprecated.
 
 **State changes** (per step):
@@ -280,21 +280,22 @@ Since this is a constants-only library with no runtime behavior, these journeys
 | 13 | `TRANSFER_CREDITS` | `JBController.transferCreditsFrom` | Token holder |
 | 14 | `SET_CONTROLLER` | `JBDirectory.setControllerOf` | Project owner |
 | 15 | `SET_TERMINALS` | `JBDirectory.setTerminalsOf` | Project owner |
-| 16 | `SET_PRIMARY_TERMINAL` | `JBDirectory.setPrimaryTerminalOf` | Project owner |
-| 17 | `USE_ALLOWANCE` | `JBMultiTerminal.useAllowanceOf` | Project owner |
-| 18 | `SET_SPLIT_GROUPS` | `JBController.setSplitGroupsOf` | Project owner |
-| 19 | `ADD_PRICE_FEED` | `JBController.addPriceFeedFor` | Project owner |
-| 20 | `ADD_ACCOUNTING_CONTEXTS` | `JBMultiTerminal.addAccountingContextsFor` | Project owner |
-| 21 | `SET_TOKEN_METADATA` | `JBController.setTokenMetadataOf` | Project owner |
-| 22 | `ADJUST_721_TIERS` | `JB721TiersHook.adjustTiers` | Project owner |
-| 23 | `SET_721_METADATA` | `JB721TiersHook.setMetadata` | Project owner |
-| 24 | `MINT_721` | `JB721TiersHook.mintFor` | Project owner |
-| 25 | `SET_721_DISCOUNT_PERCENT` | `JB721TiersHook.setDiscountPercentOf` | Project owner |
-| 26 | `SET_BUYBACK_TWAP` | `JBBuybackHook.setTwapWindowOf` | Project owner |
-| 27 | `SET_BUYBACK_POOL` | `JBBuybackHook.setPoolFor` | Project owner |
-| 28 | `SET_BUYBACK_HOOK` | `JBBuybackHookRegistry.setHookFor` + `lockHookFor` | Project owner |
-| 29 | `SET_ROUTER_TERMINAL` | `JBRouterTerminalRegistry.setTerminalFor` + `lockTerminalFor` | Project owner |
-| 30 | `MAP_SUCKER_TOKEN` | `JBSucker.mapToken` | Project owner |
-| 31 | `DEPLOY_SUCKERS` | `JBSuckerRegistry.deploySuckersFor` | Project owner |
-| 32 | `SUCKER_SAFETY` | `JBSucker.enableEmergencyHatchFor` | Project owner |
-| 33 | `SET_SUCKER_DEPRECATION` | `JBSucker.setDeprecation` | Project owner |
+| 16 | `ADD_TERMINALS` | `JBDirectory.setPrimaryTerminalOf` (implicit add) | Project owner |
+| 17 | `SET_PRIMARY_TERMINAL` | `JBDirectory.setPrimaryTerminalOf` | Project owner |
+| 18 | `USE_ALLOWANCE` | `JBMultiTerminal.useAllowanceOf` | Project owner |
+| 19 | `SET_SPLIT_GROUPS` | `JBController.setSplitGroupsOf` | Project owner |
+| 20 | `ADD_PRICE_FEED` | `JBController.addPriceFeedFor` | Project owner |
+| 21 | `ADD_ACCOUNTING_CONTEXTS` | `JBMultiTerminal.addAccountingContextsFor` | Project owner |
+| 22 | `SET_TOKEN_METADATA` | `JBController.setTokenMetadataOf` | Project owner |
+| 23 | `ADJUST_721_TIERS` | `JB721TiersHook.adjustTiers` | Project owner |
+| 24 | `SET_721_METADATA` | `JB721TiersHook.setMetadata` | Project owner |
+| 25 | `MINT_721` | `JB721TiersHook.mintFor` | Project owner |
+| 26 | `SET_721_DISCOUNT_PERCENT` | `JB721TiersHook.setDiscountPercentOf` | Project owner |
+| 27 | `SET_BUYBACK_TWAP` | `JBBuybackHook.setTwapWindowOf` | Project owner |
+| 28 | `SET_BUYBACK_POOL` | `JBBuybackHook.setPoolFor` | Project owner |
+| 29 | `SET_BUYBACK_HOOK` | `JBBuybackHookRegistry.setHookFor` + `lockHookFor` | Project owner |
+| 30 | `SET_ROUTER_TERMINAL` | `JBRouterTerminalRegistry.setTerminalFor` + `lockTerminalFor` | Project owner |
+| 31 | `MAP_SUCKER_TOKEN` | `JBSucker.mapToken` | Project owner |
+| 32 | `DEPLOY_SUCKERS` | `JBSuckerRegistry.deploySuckersFor` | Project owner |
+| 33 | `SUCKER_SAFETY` | `JBSucker.enableEmergencyHatchFor` | Project owner |
+| 34 | `SET_SUCKER_DEPRECATION` | `JBSucker.setDeprecation` | Project owner |

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@bananapus/permission-ids-v6",
-  "version": "0.0.13",
+  "version": "0.0.15",
   "license": "MIT",
   "repository": {
     "type": "git",

package/src/JBPermissionIds.sol

@@ -25,29 +25,31 @@ library JBPermissionIds {
     uint8 internal constant SET_CONTROLLER = 14; // Permission to call `JBDirectory.setControllerOf`.
     uint8 internal constant SET_TERMINALS = 15; // Permission to call `JBDirectory.setTerminalsOf`.
     // Be careful - `SET_TERMINALS` can be used to remove the primary terminal.
-    uint8 internal constant SET_PRIMARY_TERMINAL = 16; // Permission to call `JBDirectory.setPrimaryTerminalOf`.
-    uint8 internal constant USE_ALLOWANCE = 17; // Permission to call `JBMultiTerminal.useAllowanceOf`.
-    uint8 internal constant SET_SPLIT_GROUPS = 18; // Permission to call `JBController.setSplitGroupsOf`.
-    uint8 internal constant ADD_PRICE_FEED = 19; // Permission to call `JBController.addPriceFeedFor`.
-    uint8 internal constant ADD_ACCOUNTING_CONTEXTS = 20; // Permission to call
+    uint8 internal constant ADD_TERMINALS = 16; // Permission to call `JBDirectory.setPrimaryTerminalOf` when it
+    // implicitly adds a new terminal.
+    uint8 internal constant SET_PRIMARY_TERMINAL = 17; // Permission to call `JBDirectory.setPrimaryTerminalOf`.
+    uint8 internal constant USE_ALLOWANCE = 18; // Permission to call `JBMultiTerminal.useAllowanceOf`.
+    uint8 internal constant SET_SPLIT_GROUPS = 19; // Permission to call `JBController.setSplitGroupsOf`.
+    uint8 internal constant ADD_PRICE_FEED = 20; // Permission to call `JBController.addPriceFeedFor`.
+    uint8 internal constant ADD_ACCOUNTING_CONTEXTS = 21; // Permission to call
     // `JBMultiTerminal.addAccountingContextsFor`.
-    uint8 internal constant SET_TOKEN_METADATA = 21; // Permission to call
+    uint8 internal constant SET_TOKEN_METADATA = 22; // Permission to call
     // `JBController.setTokenMetadataOf`.
 
     /* Used by `nana-721-hook`: https://github.com/Bananapus/nana-721-hook */
-    uint8 internal constant ADJUST_721_TIERS = 22; // Permission to call `JB721TiersHook.adjustTiers`.
-    uint8 internal constant SET_721_METADATA = 23; // Permission to call `JB721TiersHook.setMetadata`.
-    uint8 internal constant MINT_721 = 24; // Permission to call `JB721TiersHook.mintFor`.
-    uint8 internal constant SET_721_DISCOUNT_PERCENT = 25; // Permission to call `JB721TiersHook.setDiscountPercentOf`.
+    uint8 internal constant ADJUST_721_TIERS = 23; // Permission to call `JB721TiersHook.adjustTiers`.
+    uint8 internal constant SET_721_METADATA = 24; // Permission to call `JB721TiersHook.setMetadata`.
+    uint8 internal constant MINT_721 = 25; // Permission to call `JB721TiersHook.mintFor`.
+    uint8 internal constant SET_721_DISCOUNT_PERCENT = 26; // Permission to call `JB721TiersHook.setDiscountPercentOf`.
 
     /* Used by `nana-buyback-hook`: https://github.com/Bananapus/nana-buyback-hook */
-    uint8 internal constant SET_BUYBACK_TWAP = 26; // Permission to call `JBBuybackHook.setTwapWindowOf`.
-    uint8 internal constant SET_BUYBACK_POOL = 27; // Permission to call `JBBuybackHook.setPoolFor`.
+    uint8 internal constant SET_BUYBACK_TWAP = 27; // Permission to call `JBBuybackHook.setTwapWindowOf`.
+    uint8 internal constant SET_BUYBACK_POOL = 28; // Permission to call `JBBuybackHook.setPoolFor`.
     /// @dev This single ID intentionally gates both setting and locking the buyback hook as a simplification.
     /// Granting this permission allows the operator to call both `JBBuybackHookRegistry.setHookFor` (to configure the
     /// hook) and `JBBuybackHookRegistry.lockHookFor` (to permanently lock the hook configuration). Project owners
     /// should be aware that an operator with this permission can lock the hook, preventing future changes.
-    uint8 internal constant SET_BUYBACK_HOOK = 28; // Permission to call `JBBuybackHookRegistry.setHookFor` and
+    uint8 internal constant SET_BUYBACK_HOOK = 29; // Permission to call `JBBuybackHookRegistry.setHookFor` and
     // `JBBuybackHookRegistry.lockHookFor`.
 
     /* Used by `nana-router-terminal`: https://github.com/Bananapus/nana-router-terminal-v6 */
@@ -56,12 +58,12 @@ library JBPermissionIds {
     /// configure the terminal) and `JBRouterTerminalRegistry.lockTerminalFor` (to permanently lock the terminal
     /// configuration). Project owners should be aware that an operator with this permission can lock the terminal,
     /// preventing future changes.
-    uint8 internal constant SET_ROUTER_TERMINAL = 29; // Permission to call
+    uint8 internal constant SET_ROUTER_TERMINAL = 30; // Permission to call
     // `JBRouterTerminalRegistry.setTerminalFor` and `JBRouterTerminalRegistry.lockTerminalFor`.
 
     /* Used by `nana-suckers`: https://github.com/Bananapus/nana-suckers */
-    uint8 internal constant MAP_SUCKER_TOKEN = 30; // Permission to call `JBSucker.mapToken`.
-    uint8 internal constant DEPLOY_SUCKERS = 31; // Permission to call `JBSuckerRegistry.deploySuckersFor`.
-    uint8 internal constant SUCKER_SAFETY = 32; // Permission to call `JBSucker.enableEmergencyHatchFor`.
-    uint8 internal constant SET_SUCKER_DEPRECATION = 33; // Permission to call `JBSucker.setDeprecation`.
+    uint8 internal constant MAP_SUCKER_TOKEN = 31; // Permission to call `JBSucker.mapToken`.
+    uint8 internal constant DEPLOY_SUCKERS = 32; // Permission to call `JBSuckerRegistry.deploySuckersFor`.
+    uint8 internal constant SUCKER_SAFETY = 33; // Permission to call `JBSucker.enableEmergencyHatchFor`.
+    uint8 internal constant SET_SUCKER_DEPRECATION = 34; // Permission to call `JBSucker.setDeprecation`.
 }