npm - @bannynet/core-v6 - Versions diffs - 0.0.17 → 0.0.19 - Mend

@bannynet/core-v6 0.0.17 → 0.0.19

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (34) hide show

package/ADMINISTRATION.md +28 -0
package/ARCHITECTURE.md +51 -75
package/AUDIT_INSTRUCTIONS.md +64 -331
package/CHANGELOG.md +31 -0
package/README.md +53 -167
package/RISKS.md +18 -1
package/SKILLS.md +27 -243
package/STYLE_GUIDE.md +56 -17
package/USER_JOURNEYS.md +51 -496
package/package.json +8 -8
package/references/operations.md +25 -0
package/references/runtime.md +27 -0
package/script/Add.Denver.s.sol +10 -7
package/script/Deploy.s.sol +37 -28
package/script/Drop1.s.sol +424 -329
package/src/Banny721TokenUriResolver.sol +109 -59
package/test/Banny721TokenUriResolver.t.sol +8 -5
package/test/BannyAttacks.t.sol +8 -5
package/test/DecorateFlow.t.sol +8 -5
package/test/Fork.t.sol +25 -17
package/test/OutfitTransferLifecycle.t.sol +8 -5
package/test/TestAuditGaps.sol +8 -5
package/test/TestQALastMile.t.sol +8 -5
package/test/audit/AntiStrandingRetention.t.sol +33 -5
package/test/audit/BurnedBodyStrandsAssets.t.sol +9 -5
package/test/audit/MergedOutfitExclusivity.t.sol +8 -5
package/test/audit/MigrationHelperVerificationBypass.t.sol +102 -0
package/test/audit/TryTransferFromStrandsAssets.t.sol +8 -5
package/test/regression/BodyCategoryValidation.t.sol +8 -5
package/test/regression/BurnedTokenCheck.t.sol +8 -5
package/test/regression/CEIReorder.t.sol +8 -5
package/test/regression/RemovedTierDesync.t.sol +8 -5
package/CHANGE_LOG.md +0 -243
package/assets/findings/banny-retail-v6-pashov-ai-audit-report-20260330-102839.md +0 -34

package/references/runtime.md ADDED Viewed

@@ -0,0 +1,27 @@
+# Banny Runtime
+## Contract Role
+- [`src/Banny721TokenUriResolver.sol`](../src/Banny721TokenUriResolver.sol) resolves token metadata, stores equipped outfits and backgrounds, enforces outfit locks, and composes layered SVG output for Banny collections.
+## Runtime Path
+1. The hook calls the resolver for `tokenURI`-style metadata.
+2. The resolver reads tier and ownership context from the upstream 721 hook.
+3. If the token is a body, it composes background, body, and equipped items into a single SVG.
+4. If the token is an outfit or background, it renders a preview-style representation instead.
+5. During decoration flows, the resolver takes custody of attached items and updates wearer/background mappings.
+## High-Risk Areas
+- Attachment custody: equipped items are held by the resolver, so transfer and return behavior matters.
+- Outfit lock windows: lock duration is part of user-facing state and should not drift unexpectedly.
+- Rendering composition: layer ordering and default-item behavior affect visible output and must stay deterministic.
+- Stale attachment cleanup: views intentionally guard against inconsistent attachment state.
+## Tests To Trust First
+- [`test/DecorateFlow.t.sol`](../test/DecorateFlow.t.sol) for the main equip/unequip lifecycle.
+- [`test/OutfitTransferLifecycle.t.sol`](../test/OutfitTransferLifecycle.t.sol) for custody and return behavior.
+- [`test/BannyAttacks.t.sol`](../test/BannyAttacks.t.sol) for adversarial flows.
+- [`test/TestQALastMile.t.sol`](../test/TestQALastMile.t.sol) and [`test/regression/`](../test/regression/) for pinned edge cases.

package/script/Add.Denver.s.sol CHANGED Viewed

@@ -2,6 +2,7 @@
 pragma solidity 0.8.28;
 import {JB721TierConfig} from "@bananapus/721-hook-v6/src/structs/JB721TierConfig.sol";
+import {JB721TierConfigFlags} from "@bananapus/721-hook-v6/src/structs/JB721TierConfigFlags.sol";
 import {JBSplit} from "@bananapus/core-v6/src/structs/JBSplit.sol";
 import {JB721TiersHook} from "@bananapus/721-hook-v6/src/JB721TiersHook.sol";
@@ -66,13 +67,15 @@ contract Drop1Script is Script, Sphinx {
             encodedIPFSUri: bytes32(0x233dd4173ef4ed0f60822a469277bb328b5ae056d8980301f7bd7ad9df780099),
             category: 1,
             discountPercent: 0,
-            cantIncreaseDiscountPercent: false,
-            cantBuyWithCredits: false,
-            allowOwnerMint: false,
-            useReserveBeneficiaryAsDefault: false,
-            transfersPausable: false,
-            useVotingUnits: false,
-            cantBeRemoved: false,
+            flags: JB721TierConfigFlags({
+                allowOwnerMint: false,
+                useReserveBeneficiaryAsDefault: false,
+                transfersPausable: false,
+                useVotingUnits: false,
+                cantBeRemoved: false,
+                cantIncreaseDiscountPercent: false,
+                cantBuyWithCredits: false
+            }),
             splitPercent: 0,
             splits: new JBSplit[](0)
         });

package/script/Deploy.s.sol CHANGED Viewed

@@ -16,6 +16,7 @@ import {
 import {IJB721TokenUriResolver} from "@bananapus/721-hook-v6/src/interfaces/IJB721TokenUriResolver.sol";
 import {JB721InitTiersConfig} from "@bananapus/721-hook-v6/src/structs/JB721InitTiersConfig.sol";
 import {JB721TierConfig} from "@bananapus/721-hook-v6/src/structs/JB721TierConfig.sol";
+import {JB721TierConfigFlags} from "@bananapus/721-hook-v6/src/structs/JB721TierConfigFlags.sol";
 import {IJBSplitHook} from "@bananapus/core-v6/src/interfaces/IJBSplitHook.sol";
 import {JBConstants} from "@bananapus/core-v6/src/libraries/JBConstants.sol";
 import {JBCurrencyIds} from "@bananapus/core-v6/src/libraries/JBCurrencyIds.sol";
@@ -229,13 +230,15 @@ contract DeployScript is Script, Sphinx {
             encodedIPFSUri: bytes32(0),
             category: BANNY_BODY_CATEGORY,
             discountPercent: 0,
-            cantIncreaseDiscountPercent: true,
-            cantBuyWithCredits: false,
-            allowOwnerMint: false,
-            useReserveBeneficiaryAsDefault: false,
-            transfersPausable: false,
-            useVotingUnits: false,
-            cantBeRemoved: true,
+            flags: JB721TierConfigFlags({
+                allowOwnerMint: false,
+                useReserveBeneficiaryAsDefault: false,
+                transfersPausable: false,
+                useVotingUnits: false,
+                cantBeRemoved: true,
+                cantIncreaseDiscountPercent: true,
+                cantBuyWithCredits: false
+            }),
             splitPercent: 0,
             splits: new JBSplit[](0)
         });
@@ -248,13 +251,15 @@ contract DeployScript is Script, Sphinx {
             encodedIPFSUri: bytes32(0),
             category: BANNY_BODY_CATEGORY,
             discountPercent: 0,
-            cantIncreaseDiscountPercent: true,
-            cantBuyWithCredits: false,
-            allowOwnerMint: false,
-            useReserveBeneficiaryAsDefault: false,
-            transfersPausable: false,
-            useVotingUnits: false,
-            cantBeRemoved: true,
+            flags: JB721TierConfigFlags({
+                allowOwnerMint: false,
+                useReserveBeneficiaryAsDefault: false,
+                transfersPausable: false,
+                useVotingUnits: false,
+                cantBeRemoved: true,
+                cantIncreaseDiscountPercent: true,
+                cantBuyWithCredits: false
+            }),
             splitPercent: 0,
             splits: new JBSplit[](0)
         });
@@ -267,13 +272,15 @@ contract DeployScript is Script, Sphinx {
             encodedIPFSUri: bytes32(0),
             category: BANNY_BODY_CATEGORY,
             discountPercent: 0,
-            cantIncreaseDiscountPercent: true,
-            cantBuyWithCredits: false,
-            allowOwnerMint: false,
-            useReserveBeneficiaryAsDefault: false,
-            transfersPausable: false,
-            useVotingUnits: false,
-            cantBeRemoved: true,
+            flags: JB721TierConfigFlags({
+                allowOwnerMint: false,
+                useReserveBeneficiaryAsDefault: false,
+                transfersPausable: false,
+                useVotingUnits: false,
+                cantBeRemoved: true,
+                cantIncreaseDiscountPercent: true,
+                cantBuyWithCredits: false
+            }),
             splitPercent: 0,
             splits: new JBSplit[](0)
         });
@@ -286,13 +293,15 @@ contract DeployScript is Script, Sphinx {
             encodedIPFSUri: bytes32(0),
             category: BANNY_BODY_CATEGORY,
             discountPercent: 0,
-            cantIncreaseDiscountPercent: true,
-            cantBuyWithCredits: false,
-            allowOwnerMint: false,
-            useReserveBeneficiaryAsDefault: false,
-            transfersPausable: false,
-            useVotingUnits: false,
-            cantBeRemoved: true,
+            flags: JB721TierConfigFlags({
+                allowOwnerMint: false,
+                useReserveBeneficiaryAsDefault: false,
+                transfersPausable: false,
+                useVotingUnits: false,
+                cantBeRemoved: true,
+                cantIncreaseDiscountPercent: true,
+                cantBuyWithCredits: false
+            }),
             splitPercent: 0,
             splits: new JBSplit[](0)
         });