npm - @bannynet/core-v6 - Versions diffs - 0.0.10 → 0.0.11 - Mend

@bannynet/core-v6 0.0.10 → 0.0.11

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (7) hide show

package/ARCHITECTURE.md +14 -12
package/README.md +19 -6
package/RISKS.md +1 -1
package/USER_JOURNEYS.md +1 -1
package/package.json +7 -7
package/src/Banny721TokenUriResolver.sol +16 -0
package/test/DecorateFlow.t.sol +31 -0

package/ARCHITECTURE.md CHANGED Viewed

@@ -17,25 +17,27 @@ src/
 ### Asset Storage
 ```
-Owner → storeContents(hash, contents)
-  → Store SVG content chunks on-chain (keyed by hash)
-  → Content stored in multiple chunks for large SVGs
+Owner → setSvgHashesOf(upcs, hashes)
+  → Register content hashes for UPCs (owner-only)
-Owner → addProduct(category, hash)
-  → Register a product (body/background/head/suit) for a category
-  → Products linked to stored SVG content
+Anyone → setSvgContentsOf(upcs, contents)
+  → Upload SVG content matching registered hashes
+  → Content validated against hash before storage
+Owner → setProductNames(upcs, names)
+  → Register product names for UPCs
 ```
 ### Outfit Composition
 ```
-NFT Holder → dress(tokenId, outfitTokenIds[])
-  → Attach outfit NFTs (head, suit, background) to a body NFT
-  → Outfit NFTs transferred to resolver contract (locked)
+Body Owner → decorateBannyWith(hook, bodyId, backgroundId, outfitIds)
+  → Attach outfit and background NFTs to a body NFT
+  → Outfit/background NFTs transferred to resolver contract
+  → Previous outfits returned to owner
   → Composite SVG generated from layered components
-NFT Holder → undress(tokenId, outfitTokenIds[])
-  → Remove outfit NFTs from body
-  → Outfit NFTs returned to holder
+Body Owner → lockOutfitChangesFor(hook, bodyId)
+  → Lock outfit changes for 7 days
 ```
 ### Token URI Generation

package/README.md CHANGED Viewed

@@ -23,7 +23,8 @@ Banny is a composable NFT character system built on top of Juicebox 721 hooks. E
    → Body's tokenURI now renders the full dressed composition
    |
 4. Outfit lock (optional): lockOutfitChangesFor(hook, bodyId)
-   → Freezes outfit changes for 7 days
+   → Freezes outfit and background changes for 7 days
+   → Prevents moving currently equipped assets away through another body's decoration call
    → Proves the Banny's look is stable (useful for PFPs, displays)
    |
 5. SVG content is stored on-chain via a two-step process:
@@ -92,20 +93,32 @@ Requires `via_ir = true` in foundry.toml due to stack depth in SVG composition.
 | Command | Description |
 |---------|-------------|
 | `forge build` | Compile contracts (requires via-IR) |
-| `forge test` | Run all tests (3 test files: functionality, attacks, decoration flows) |
+| `forge test` | Run all tests (14 test files: functionality, attacks, decoration flows, fork integration, transfer lifecycle, audit gaps, QA, regressions) |
 | `forge test -vvv` | Run tests with full trace |
 ## Repository Layout
 ```
 src/
-  Banny721TokenUriResolver.sol                  # Sole contract (~1,331 lines)
+  Banny721TokenUriResolver.sol                  # Sole contract (~1,428 lines)
   interfaces/
     IBanny721TokenUriResolver.sol               # Public interface + events
 test/
-  Banny721TokenUriResolver.t.sol                # Unit tests (~690 lines)
-  BannyAttacks.t.sol                            # Security/adversarial tests (~323 lines)
-  DecorateFlow.t.sol                            # Decoration flow tests (~1,057 lines)
+  Banny721TokenUriResolver.t.sol                # Unit tests
+  BannyAttacks.t.sol                            # Security/adversarial tests
+  DecorateFlow.t.sol                            # Decoration flow tests
+  Fork.t.sol                                    # Fork integration tests
+  OutfitTransferLifecycle.t.sol                 # Transfer lifecycle tests
+  TestAuditGaps.sol                             # Audit gap coverage (meta-tx, SVG edge cases)
+  TestQALastMile.t.sol                          # QA tests (gas, round-trip, fallback)
+  regression/
+    ArrayLengthValidation.t.sol                 # Input validation regression
+    BodyCategoryValidation.t.sol                # Body category regression
+    BurnedTokenCheck.t.sol                      # Burned token regression
+    CEIReorder.t.sol                            # CEI ordering regression
+    ClearMetadata.t.sol                         # Metadata clearing regression
+    MsgSenderEvents.t.sol                       # Event emission regression
+    RemovedTierDesync.t.sol                     # Removed tier desync regression
 script/
   Deploy.s.sol                                  # Sphinx multi-chain deployment
   Drop1.s.sol                                   # Outfit drop deployment

package/RISKS.md CHANGED Viewed

@@ -11,7 +11,7 @@
 - **Outfit theft via banny body transfer.** Equipped outfits and backgrounds travel with the banny body NFT on transfer. If a banny body is sold with valuable outfits equipped, the buyer gains control of all equipped items. Sellers must unequip before selling. Marketplaces may not surface this risk.
 - **try-catch silent failures.** `_tryTransferFrom` silently catches all transfer failures. If an outfit NFT is burned or its tier removed, the transfer fails silently. The outfit remains logically "equipped" in state but the NFT is lost. This can create phantom outfits that show in SVG rendering but cannot be recovered.
-- **Lock griefing.** `lockOutfitChangesFor` extends the lock to `block.timestamp + 7 days`. Locking just before selling prevents the buyer from changing outfits for up to 7 days.
+- **Lock griefing.** `lockOutfitChangesFor` extends the lock to `block.timestamp + 7 days`. Locking just before selling prevents the buyer from changing outfits for up to 7 days. The lock now also freezes reassignment of currently equipped outfits/backgrounds away from that body during the lock window.
 ## 3. Access Control

package/USER_JOURNEYS.md CHANGED Viewed

@@ -311,7 +311,7 @@ Where `outfitId` is currently equipped on `oldBodyId`, and the caller owns both
 ### Edge Cases
-- **Old body is locked**: The lock is on `oldBodyId`, but the caller is calling `decorateBannyWith` on `newBodyId`. The lock only prevents changes to the locked body, not removal of its outfits via a different body's decoration call. **Wait -- verify this**: The outfit's `wearerOf` returns `oldBodyId`. The caller owns `oldBodyId`. The authorization check at line 1266 checks `ownerOf(wearerId)` which is the caller. So this succeeds. However, `oldBodyId`'s `_attachedOutfitIdsOf` still contains the outfit. The outfit has been moved at the `_wearerOf` level, but the old array is stale. This is handled by `assetIdsOf` which filters by checking `wearerOf` (line 383). **Auditors should verify the lock on `oldBodyId` does not prevent this path.** The lock check is only in `decorateBannyWith` at line 995, and it checks the body being decorated (`bannyBodyId`), not the body being undressed.
+- **Old body is locked**: Reverts `OutfitChangesLocked`. A locked source body keeps its currently equipped outfits and background until the lock expires, even if the caller owns both bodies.
 ---

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
     "name": "@bannynet/core-v6",
-    "version": "0.0.10",
+    "version": "0.0.11",
     "license": "MIT",
     "repository": {
         "type": "git",
@@ -20,14 +20,14 @@
         "artifacts": "source ./.env && npx sphinx artifacts --org-id 'ea165b21-7cdc-4d7b-be59-ecdd4c26bee4' --project-name 'banny-core-v6'"
     },
     "dependencies": {
-        "@bananapus/721-hook-v6": "^0.0.17",
-        "@bananapus/core-v6": "^0.0.17",
+        "@bananapus/721-hook-v6": "^0.0.19",
+        "@bananapus/core-v6": "^0.0.24",
         "@bananapus/permission-ids-v6": "^0.0.10",
-        "@bananapus/router-terminal-v6": "^0.0.13",
-        "@bananapus/suckers-v6": "^0.0.11",
-        "@croptop/core-v6": "^0.0.18",
+        "@bananapus/router-terminal-v6": "^0.0.17",
+        "@bananapus/suckers-v6": "^0.0.13",
+        "@croptop/core-v6": "^0.0.20",
         "@openzeppelin/contracts": "^5.6.1",
-        "@rev-net/core-v6": "^0.0.13",
+        "@rev-net/core-v6": "^0.0.15",
         "keccak": "^3.0.4"
     },
     "devDependencies": {

package/src/Banny721TokenUriResolver.sol CHANGED Viewed

@@ -1156,6 +1156,16 @@ contract Banny721TokenUriResolver is
     // ---------------------- internal transactions ---------------------- //
     //*********************************************************************//
+    /// @notice Revert if an equipped asset is being reassigned away from a locked source body.
+    /// @param hook The hook storing the assets.
+    /// @param bannyBodyId The body currently using the asset.
+    /// @param exemptBodyId The destination body currently being decorated.
+    function _revertIfBodyLocked(address hook, uint256 bannyBodyId, uint256 exemptBodyId) internal view {
+        if (bannyBodyId != 0 && bannyBodyId != exemptBodyId && outfitLockedUntil[hook][bannyBodyId] > block.timestamp) {
+            revert Banny721TokenUriResolver_OutfitChangesLocked();
+        }
+    }
     /// @notice Add a background to a banny body.
     /// @param hook The hook storing the assets.
     /// @param bannyBodyId The ID of the banny body being dressed.
@@ -1186,6 +1196,9 @@ contract Banny721TokenUriResolver is
                     if (_msgSender() != IERC721(hook).ownerOf(userId)) {
                         revert Banny721TokenUriResolver_UnauthorizedBackground();
                     }
+                    // A locked source body keeps its equipped background until the lock expires.
+                    _revertIfBodyLocked({hook: hook, bannyBodyId: userId, exemptBodyId: bannyBodyId});
                 }
                 // Get the background's product info.
@@ -1274,6 +1287,9 @@ contract Banny721TokenUriResolver is
                 if (_msgSender() != IERC721(hook).ownerOf(wearerId)) {
                     revert Banny721TokenUriResolver_UnauthorizedOutfit();
                 }
+                // A locked source body keeps its equipped outfits until the lock expires.
+                _revertIfBodyLocked({hook: hook, bannyBodyId: wearerId, exemptBodyId: bannyBodyId});
             }
             // Get the outfit's product info.

package/test/DecorateFlow.t.sol CHANGED Viewed

@@ -797,6 +797,37 @@ contract DecorateFlowTests is Test {
         assertEq(hook.ownerOf(NECKLACE_1), bob, "necklace returned to bob");
     }
+    /// @notice A locked body keeps its equipped background until the lock expires, even if the owner also controls an
+    /// unlocked destination body.
+    function test_lock_preventsMovingBackgroundFromLockedBody() public {
+        vm.prank(alice);
+        resolver.decorateBannyWith(address(hook), BODY_A, BACKGROUND_1, new uint256[](0));
+        vm.prank(alice);
+        resolver.lockOutfitChangesFor(address(hook), BODY_A);
+        vm.prank(alice);
+        vm.expectRevert(Banny721TokenUriResolver.Banny721TokenUriResolver_OutfitChangesLocked.selector);
+        resolver.decorateBannyWith(address(hook), BODY_B, BACKGROUND_1, new uint256[](0));
+    }
+    /// @notice A locked body keeps its equipped outfits until the lock expires, even if the owner also controls an
+    /// unlocked destination body.
+    function test_lock_preventsMovingOutfitFromLockedBody() public {
+        uint256[] memory outfits = new uint256[](1);
+        outfits[0] = NECKLACE_1;
+        vm.prank(alice);
+        resolver.decorateBannyWith(address(hook), BODY_A, 0, outfits);
+        vm.prank(alice);
+        resolver.lockOutfitChangesFor(address(hook), BODY_A);
+        vm.prank(alice);
+        vm.expectRevert(Banny721TokenUriResolver.Banny721TokenUriResolver_OutfitChangesLocked.selector);
+        resolver.decorateBannyWith(address(hook), BODY_B, 0, outfits);
+    }
     // =========================================================================
     //  SECTION 8: Complex Multi-Step Scenarios
     // =========================================================================