@bannynet/core-v6 0.0.2 → 0.0.4

package/src/Banny721TokenUriResolver.sol

@@ -28,6 +28,8 @@ contract Banny721TokenUriResolver is
 {
     using Strings for uint256;
 
+    error Banny721TokenUriResolver_ArrayLengthMismatch();
+    error Banny721TokenUriResolver_BannyBodyNotBodyCategory();
     error Banny721TokenUriResolver_CantAccelerateTheLock();
     error Banny721TokenUriResolver_ContentsAlreadyStored();
     error Banny721TokenUriResolver_ContentsMismatch();
@@ -114,12 +116,15 @@ contract Banny721TokenUriResolver is
 
     /// @notice The outfits currently attached to each banny body.
     /// @dev Naked Banny's will only be shown with outfits currently owned by the owner of the banny body.
+    /// @dev NOTE: Equipped outfits travel with the banny body NFT on transfer. When a body is transferred,
+    /// the new owner inherits all equipped outfits and can unequip them to receive the outfit NFTs.
     /// @custom:param hook The hook address of the collection.
     /// @custom:param bannyBodyId The ID of the banny body of the outfits.
     mapping(address hook => mapping(uint256 bannyBodyId => uint256[])) internal _attachedOutfitIdsOf;
 
     /// @notice The background currently attached to each banny body.
     /// @dev Naked Banny's will only be shown with a background currently owned by the owner of the banny body.
+    /// @dev NOTE: Equipped backgrounds travel with the banny body NFT on transfer, same as outfits.
     /// @custom:param hook The hook address of the collection.
     /// @custom:param bannyBodyId The ID of the banny body of the background.
     mapping(address hook => mapping(uint256 bannyBodyId => uint256)) internal _attachedBackgroundIdOf;
@@ -608,6 +613,7 @@ contract Banny721TokenUriResolver is
         view
         returns (string memory)
     {
+        // slither-disable-next-line encode-packed-collision
         return string.concat(
             "data:application/json;base64,",
             Base64.encode(
@@ -945,6 +951,12 @@ contract Banny721TokenUriResolver is
     /// 6. Conflicting categories are rejected (e.g., a full head blocks individual face pieces;
     ///    a full suit blocks separate top/bottom).
     ///
+    /// @dev WARNING: Equipped outfits and backgrounds are held by this contract on behalf of the banny body. When the
+    /// banny body NFT is transferred to a new owner, all equipped assets remain associated with that body. The new
+    /// owner of the body effectively gains control of all equipped items — they can unequip them (receiving the
+    /// outfit
+    /// NFTs) or re-equip different items. Sellers should unequip valuable outfits before transferring a banny body.
+    ///
     /// @param hook The hook storing the assets.
     /// @param bannyBodyId The ID of the banny body being dressed.
     /// @param backgroundId The ID of the background that'll be associated with the specified banny.
@@ -962,6 +974,11 @@ contract Banny721TokenUriResolver is
     {
         _checkIfSenderIsOwner({hook: hook, upc: bannyBodyId});
 
+        // Make sure the bannyBodyId belongs to a body-category tier.
+        if (_productOfTokenId({hook: hook, tokenId: bannyBodyId}).category != _BODY_CATEGORY) {
+            revert Banny721TokenUriResolver_BannyBodyNotBodyCategory();
+        }
+
         // Can't decorate a banny that's locked.
         if (outfitLockedUntil[hook][bannyBodyId] > block.timestamp) {
             revert Banny721TokenUriResolver_OutfitChangesLocked();
@@ -1028,17 +1045,21 @@ contract Banny721TokenUriResolver is
     /// @param upcs The universal product codes of the products having their name stored.
     /// @param names The names of the products.
     function setProductNames(uint256[] memory upcs, string[] memory names) external override onlyOwner {
+        if (upcs.length != names.length) revert Banny721TokenUriResolver_ArrayLengthMismatch();
+
         for (uint256 i; i < upcs.length; i++) {
             uint256 upc = upcs[i];
             string memory name = names[i];
 
             _customProductNameOf[upc] = name;
 
-            emit SetProductName({upc: upc, name: name, caller: msg.sender});
+            emit SetProductName({upc: upc, name: name, caller: _msgSender()});
         }
     }
 
     /// @notice Allows the owner of this contract to set the token metadata description, external URL, and SVG base URI.
+    /// @dev All fields are always written. Pass the current value for any field you do not want to change,
+    /// or pass an empty string to clear a field.
     /// @param description The description to use in token metadata.
     /// @param url The external URL to use in token metadata.
     /// @param baseUri The base URI of the SVG files.
@@ -1051,17 +1072,19 @@ contract Banny721TokenUriResolver is
         override
         onlyOwner
     {
-        if (bytes(description).length != 0) svgDescription = description;
-        if (bytes(url).length != 0) svgExternalUrl = url;
-        if (bytes(baseUri).length != 0) svgBaseUri = baseUri;
+        svgDescription = description;
+        svgExternalUrl = url;
+        svgBaseUri = baseUri;
 
-        emit SetMetadata({description: description, externalUrl: url, baseUri: baseUri, caller: msg.sender});
+        emit SetMetadata({description: description, externalUrl: url, baseUri: baseUri, caller: _msgSender()});
     }
 
     /// @notice The owner of this contract can store SVG files for product IDs.
     /// @param upcs The universal product codes of the products having SVGs stored.
     /// @param svgContents The svg contents being stored, not including the parent <svg></svg> element.
     function setSvgContentsOf(uint256[] memory upcs, string[] calldata svgContents) external override {
+        if (upcs.length != svgContents.length) revert Banny721TokenUriResolver_ArrayLengthMismatch();
+
         for (uint256 i; i < upcs.length; i++) {
             uint256 upc = upcs[i];
             string memory svgContent = svgContents[i];
@@ -1081,7 +1104,7 @@ contract Banny721TokenUriResolver is
             // Store the svg contents.
             _svgContentOf[upc] = svgContent;
 
-            emit SetSvgContent({upc: upc, svgContent: svgContent, caller: msg.sender});
+            emit SetSvgContent({upc: upc, svgContent: svgContent, caller: _msgSender()});
         }
     }
 
@@ -1090,6 +1113,8 @@ contract Banny721TokenUriResolver is
     /// @param upcs The universal product codes of the products having SVG hashes stored.
     /// @param svgHashes The svg hashes being stored, not including the parent <svg></svg> element.
     function setSvgHashesOf(uint256[] memory upcs, bytes32[] memory svgHashes) external override onlyOwner {
+        if (upcs.length != svgHashes.length) revert Banny721TokenUriResolver_ArrayLengthMismatch();
+
         for (uint256 i; i < upcs.length; i++) {
             uint256 upc = upcs[i];
             bytes32 svgHash = svgHashes[i];
@@ -1100,7 +1125,7 @@ contract Banny721TokenUriResolver is
             // Store the svg contents.
             svgHashOf[upc] = svgHash;
 
-            emit SetSvgHash({upc: upc, svgHash: svgHash, caller: msg.sender});
+            emit SetSvgHash({upc: upc, svgHash: svgHash, caller: _msgSender()});
         }
     }
 
@@ -1148,6 +1173,7 @@ contract Banny721TokenUriResolver is
 
             // Check if the call is being made either by the outfit's owner or the owner of the banny body currently
             // wearing it.
+            // slither-disable-next-line calls-loop
             if (_msgSender() != IERC721(hook).ownerOf(outfitId)) {
                 // Get the banny body currently wearing this outfit.
                 uint256 wearerId = wearerOf({hook: hook, outfitId: outfitId});
@@ -1156,6 +1182,7 @@ contract Banny721TokenUriResolver is
                 if (wearerId == 0) revert Banny721TokenUriResolver_UnauthorizedOutfit();
 
                 // If the outfit is worn, the banny body's owner can also authorize its use.
+                // slither-disable-next-line calls-loop
                 if (_msgSender() != IERC721(hook).ownerOf(wearerId)) {
                     revert Banny721TokenUriResolver_UnauthorizedOutfit();
                 }
@@ -1200,8 +1227,8 @@ contract Banny721TokenUriResolver is
                 // `_attachedOutfitIdsOf` hasnt been called yet, so the wearer should still be the banny body being
                 // decorated.
                 if (previousOutfitId != outfitId && wearerOf({hook: hook, outfitId: previousOutfitId}) == bannyBodyId) {
-                    // slither-disable-next-line reentrancy-no-eth
-                    _transferFrom({hook: hook, from: address(this), to: _msgSender(), assetId: previousOutfitId});
+                    // Use try-transfer: the previous outfit may have been burned or its tier removed.
+                    _tryTransferFrom({hook: hook, from: address(this), to: _msgSender(), assetId: previousOutfitId});
                 }
 
                 if (++previousOutfitIndex < previousOutfitIds.length) {
@@ -1221,7 +1248,7 @@ contract Banny721TokenUriResolver is
                 _wearerOf[hook][outfitId] = bannyBodyId;
 
                 // Transfer the outfit to this contract.
-                // slither-disable-next-line reentrancy-no-eth
+                // slither-disable-next-line reentrancy-no-eth,calls-loop
                 if (IERC721(hook).ownerOf(outfitId) != address(this)) {
                     _transferFrom({hook: hook, from: _msgSender(), to: address(this), assetId: outfitId});
                 }
@@ -1239,8 +1266,8 @@ contract Banny721TokenUriResolver is
             // `_attachedOutfitIdsOf` hasnt been called yet, so the wearer should still be the banny body being
             // decorated.
             if (wearerOf({hook: hook, outfitId: previousOutfitId}) == bannyBodyId) {
-                // slither-disable-next-line reentrancy-no-eth
-                _transferFrom({hook: hook, from: address(this), to: _msgSender(), assetId: previousOutfitId});
+                // Use try-transfer: the previous outfit may have been burned or its tier removed.
+                _tryTransferFrom({hook: hook, from: address(this), to: _msgSender(), assetId: previousOutfitId});
             }
 
             if (++previousOutfitIndex < previousOutfitIds.length) {
@@ -1268,12 +1295,6 @@ contract Banny721TokenUriResolver is
 
         // If the background is changing, add the latest background and transfer the old one back to the owner.
         if (backgroundId != previousBackgroundId || userOfPreviousBackground != bannyBodyId) {
-            // If there's a previous background worn by this banny, transfer it back to the owner.
-            if (userOfPreviousBackground == bannyBodyId) {
-                // Transfer the previous background to the owner of the banny.
-                _transferFrom({hook: hook, from: address(this), to: _msgSender(), assetId: previousBackgroundId});
-            }
-
             // Add the background if needed.
             if (backgroundId != 0) {
                 // Keep a reference to the background's owner.
@@ -1301,21 +1322,27 @@ contract Banny721TokenUriResolver is
                     revert Banny721TokenUriResolver_UnrecognizedBackground();
                 }
 
-                // Store the background for the banny.
-                // slither-disable-next-line reentrancy-no-eth
+                // Effects: update all state before any external transfers (CEI pattern).
                 _attachedBackgroundIdOf[hook][bannyBodyId] = backgroundId;
-
-                // Store the banny that's in the background.
-                // slither-disable-next-line reentrancy-no-eth
                 _userOf[hook][backgroundId] = bannyBodyId;
 
-                // Transfer the background to this contract if it's not already owned by this contract.
+                // Interactions: try-transfer the previous background back (may have been burned).
+                if (userOfPreviousBackground == bannyBodyId) {
+                    _tryTransferFrom({hook: hook, from: address(this), to: _msgSender(), assetId: previousBackgroundId});
+                }
+
+                // Transfer the new background to this contract if it's not already owned by this contract.
                 if (owner != address(this)) {
                     _transferFrom({hook: hook, from: _msgSender(), to: address(this), assetId: backgroundId});
                 }
             } else {
-                // slither-disable-next-line reentrancy-no-eth
+                // Effects: clear the background state before any external transfer.
                 _attachedBackgroundIdOf[hook][bannyBodyId] = 0;
+
+                // Interactions: try-transfer the previous background back (may have been burned).
+                if (userOfPreviousBackground == bannyBodyId) {
+                    _tryTransferFrom({hook: hook, from: address(this), to: _msgSender(), assetId: previousBackgroundId});
+                }
             }
         }
     }
@@ -1328,4 +1355,15 @@ contract Banny721TokenUriResolver is
     function _transferFrom(address hook, address from, address to, uint256 assetId) internal {
         IERC721(hook).safeTransferFrom({from: from, to: to, tokenId: assetId});
     }
+
+    /// @notice Try to transfer a token, silently succeeding if the transfer fails (e.g. token was burned).
+    /// @dev Used when returning previously equipped items that may no longer exist.
+    /// @param hook The 721 contract of the token being transferred.
+    /// @param from The address to transfer the token from.
+    /// @param to The address to transfer the token to.
+    /// @param assetId The ID of the token to transfer.
+    function _tryTransferFrom(address hook, address from, address to, uint256 assetId) internal {
+        // slither-disable-next-line reentrancy-no-eth
+        try IERC721(hook).safeTransferFrom({from: from, to: to, tokenId: assetId}) {} catch {}
+    }
 }

package/test/Banny721TokenUriResolver.t.sol

@@ -190,21 +190,22 @@ contract TestBanny721TokenUriResolver is Test {
         assertEq(resolver.svgBaseUri(), "https://svg.example.com/");
     }
 
-    function test_setMetadata_skipsEmptyStrings() public {
+    function test_setMetadata_clearsWithEmptyStrings() public {
         vm.startPrank(deployer);
         resolver.setMetadata("Initial desc", "https://initial.url", "https://initial.base/");
 
-        // Passing empty strings should leave existing values unchanged.
+        // Passing empty strings should clear all fields (L-59 fix).
         resolver.setMetadata("", "", "");
-        assertEq(resolver.svgDescription(), "Initial desc");
-        assertEq(resolver.svgExternalUrl(), "https://initial.url");
-        assertEq(resolver.svgBaseUri(), "https://initial.base/");
+        assertEq(resolver.svgDescription(), "");
+        assertEq(resolver.svgExternalUrl(), "");
+        assertEq(resolver.svgBaseUri(), "");
 
-        // Passing one non-empty value should only update that field.
+        // Passing one non-empty value should update that field and clear others.
+        resolver.setMetadata("Initial desc", "https://initial.url", "https://initial.base/");
         resolver.setMetadata("Updated desc", "", "");
         assertEq(resolver.svgDescription(), "Updated desc");
-        assertEq(resolver.svgExternalUrl(), "https://initial.url");
-        assertEq(resolver.svgBaseUri(), "https://initial.base/");
+        assertEq(resolver.svgExternalUrl(), "");
+        assertEq(resolver.svgBaseUri(), "");
         vm.stopPrank();
     }
 

package/test/regression/I25_CEIReorder.t.sol

@@ -0,0 +1,204 @@
+// SPDX-License-Identifier: MIT
+pragma solidity 0.8.26;
+
+import "forge-std/Test.sol";
+import {JB721Tier} from "@bananapus/721-hook-v6/src/structs/JB721Tier.sol";
+import {IERC721Receiver} from "@openzeppelin/contracts/token/ERC721/IERC721Receiver.sol";
+
+import {Banny721TokenUriResolver} from "../../src/Banny721TokenUriResolver.sol";
+
+/// @notice Mock hook that records transfer ordering so we can verify CEI.
+contract MockHookI25 {
+    mapping(uint256 => address) public ownerOf;
+    address public immutable MOCK_STORE;
+    mapping(address => mapping(address => bool)) public isApprovedForAll;
+
+    /// @notice Tracks order of transfers for CEI verification.
+    uint256[] public transferLog;
+
+    constructor(address store) {
+        MOCK_STORE = store;
+    }
+
+    function STORE() external view returns (address) {
+        return MOCK_STORE;
+    }
+
+    function setOwner(uint256 tokenId, address owner) external {
+        ownerOf[tokenId] = owner;
+    }
+
+    function setApprovalForAll(address operator, bool approved) external {
+        isApprovedForAll[msg.sender][operator] = approved;
+    }
+
+    function safeTransferFrom(address from, address to, uint256 tokenId) external {
+        require(
+            msg.sender == ownerOf[tokenId] || msg.sender == from || isApprovedForAll[from][msg.sender],
+            "MockHook: not authorized"
+        );
+        ownerOf[tokenId] = to;
+        transferLog.push(tokenId);
+        if (to.code.length > 0) {
+            bytes4 retval = IERC721Receiver(to).onERC721Received(msg.sender, from, tokenId, "");
+            require(retval == IERC721Receiver.onERC721Received.selector, "MockHook: receiver rejected");
+        }
+    }
+
+    function transferLogLength() external view returns (uint256) {
+        return transferLog.length;
+    }
+
+    function pricingContext() external pure returns (uint256, uint256, uint256) {
+        return (1, 18, 0);
+    }
+
+    function baseURI() external pure returns (string memory) {
+        return "ipfs://";
+    }
+}
+
+/// @notice Minimal mock store.
+contract MockStoreI25 {
+    mapping(address => mapping(uint256 => JB721Tier)) public tiers;
+
+    function setTier(address hook, uint256 tokenId, JB721Tier memory tier) external {
+        tiers[hook][tokenId] = tier;
+    }
+
+    function tierOfTokenId(address hook, uint256 tokenId, bool) external view returns (JB721Tier memory) {
+        return tiers[hook][tokenId];
+    }
+
+    function encodedIPFSUriOf(address, uint256) external pure returns (bytes32) {
+        return bytes32(0);
+    }
+}
+
+/// @notice Regression test for I-25: _decorateBannyWithBackground follows CEI pattern.
+/// @dev The fix reordered state writes (effects) before external transfers (interactions)
+/// in _decorateBannyWithBackground. This test verifies that after a background replacement,
+/// state is consistent and both the old background return and new background custody work.
+contract I25_CEIReorderTest is Test {
+    Banny721TokenUriResolver resolver;
+    MockHookI25 hook;
+    MockStoreI25 store;
+
+    address deployer = makeAddr("deployer");
+    address alice = makeAddr("alice");
+
+    uint256 constant BODY_TOKEN = 4_000_000_001;
+    uint256 constant BG_TOKEN_A = 5_000_000_001; // background A
+    uint256 constant BG_TOKEN_B = 5_000_000_002; // background B
+
+    function setUp() public {
+        store = new MockStoreI25();
+        hook = new MockHookI25(address(store));
+
+        vm.prank(deployer);
+        resolver = new Banny721TokenUriResolver(
+            "<path/>", "<necklace/>", "<mouth/>", "<eyes/>", "<alieneyes/>", deployer, address(0)
+        );
+
+        // Set up body (category 0).
+        _setupTier(BODY_TOKEN, 4, 0);
+        // Set up two backgrounds (category 1).
+        _setupTier(BG_TOKEN_A, 5, 1);
+        _setupTier(BG_TOKEN_B, 6, 1);
+
+        hook.setOwner(BODY_TOKEN, alice);
+        hook.setOwner(BG_TOKEN_A, alice);
+        hook.setOwner(BG_TOKEN_B, alice);
+
+        vm.prank(alice);
+        hook.setApprovalForAll(address(resolver), true);
+    }
+
+    /// @notice Replacing background A with B should update state correctly and return A to caller.
+    function test_replaceBackground_stateConsistentAfterCEIReorder() public {
+        uint256[] memory emptyOutfits = new uint256[](0);
+
+        // Attach background A.
+        vm.prank(alice);
+        resolver.decorateBannyWith(address(hook), BODY_TOKEN, BG_TOKEN_A, emptyOutfits);
+
+        // Verify background A is attached.
+        assertEq(resolver.userOf(address(hook), BG_TOKEN_A), BODY_TOKEN, "BG_A should be used by body");
+        assertEq(hook.ownerOf(BG_TOKEN_A), address(resolver), "BG_A should be held by resolver");
+
+        // Replace background A with B.
+        vm.prank(alice);
+        resolver.decorateBannyWith(address(hook), BODY_TOKEN, BG_TOKEN_B, emptyOutfits);
+
+        // Verify state is consistent after replacement.
+        assertEq(resolver.userOf(address(hook), BG_TOKEN_B), BODY_TOKEN, "BG_B should now be used by body");
+        assertEq(resolver.userOf(address(hook), BG_TOKEN_A), 0, "BG_A should no longer be used");
+        assertEq(hook.ownerOf(BG_TOKEN_B), address(resolver), "BG_B should be held by resolver");
+        assertEq(hook.ownerOf(BG_TOKEN_A), alice, "BG_A should be returned to alice");
+
+        // Verify assetIdsOf reflects the new background.
+        (uint256 backgroundId,) = resolver.assetIdsOf(address(hook), BODY_TOKEN);
+        assertEq(backgroundId, BG_TOKEN_B, "assetIdsOf should show BG_B");
+    }
+
+    /// @notice Clearing a background (setting to 0) should update state before transfer.
+    function test_clearBackground_stateConsistentAfterCEIReorder() public {
+        uint256[] memory emptyOutfits = new uint256[](0);
+
+        // Attach background A.
+        vm.prank(alice);
+        resolver.decorateBannyWith(address(hook), BODY_TOKEN, BG_TOKEN_A, emptyOutfits);
+
+        // Clear background.
+        vm.prank(alice);
+        resolver.decorateBannyWith(address(hook), BODY_TOKEN, 0, emptyOutfits);
+
+        // State should be cleared and token returned.
+        assertEq(resolver.userOf(address(hook), BG_TOKEN_A), 0, "BG_A should no longer be used");
+        assertEq(hook.ownerOf(BG_TOKEN_A), alice, "BG_A should be returned to alice");
+
+        (uint256 backgroundId,) = resolver.assetIdsOf(address(hook), BODY_TOKEN);
+        assertEq(backgroundId, 0, "assetIdsOf should show no background");
+    }
+
+    /// @notice Setting the same background again should be a no-op (no redundant transfers).
+    function test_sameBackground_noRedundantTransfer() public {
+        uint256[] memory emptyOutfits = new uint256[](0);
+
+        // Attach background A.
+        vm.prank(alice);
+        resolver.decorateBannyWith(address(hook), BODY_TOKEN, BG_TOKEN_A, emptyOutfits);
+
+        uint256 logBefore = hook.transferLogLength();
+
+        // Re-attach same background.
+        vm.prank(alice);
+        resolver.decorateBannyWith(address(hook), BODY_TOKEN, BG_TOKEN_A, emptyOutfits);
+
+        // No new transfers should have occurred for the background.
+        uint256 logAfter = hook.transferLogLength();
+        assertEq(logAfter, logBefore, "No transfers should occur when re-attaching same background");
+    }
+
+    function _setupTier(uint256 tokenId, uint32 tierId, uint24 category) internal {
+        JB721Tier memory tier = JB721Tier({
+            id: tierId,
+            price: 0.01 ether,
+            remainingSupply: 100,
+            initialSupply: 100,
+            votingUnits: 0,
+            reserveFrequency: 0,
+            reserveBeneficiary: address(0),
+            encodedIPFSUri: bytes32(0),
+            category: category,
+            discountPercent: 0,
+            allowOwnerMint: false,
+            transfersPausable: false,
+            cannotBeRemoved: false,
+            cannotIncreaseDiscountPercent: false,
+            splitPercent: 0,
+            resolvedUri: ""
+        });
+        store.setTier(address(hook), tokenId, tier);
+    }
+}

package/test/regression/L56_MsgSenderEvents.t.sol

@@ -0,0 +1,152 @@
+// SPDX-License-Identifier: MIT
+pragma solidity 0.8.26;
+
+import "forge-std/Test.sol";
+import {JB721Tier} from "@bananapus/721-hook-v6/src/structs/JB721Tier.sol";
+import {IERC721Receiver} from "@openzeppelin/contracts/token/ERC721/IERC721Receiver.sol";
+
+import {Banny721TokenUriResolver} from "../../src/Banny721TokenUriResolver.sol";
+import {IBanny721TokenUriResolver} from "../../src/interfaces/IBanny721TokenUriResolver.sol";
+
+/// @notice Minimal mock hook.
+contract MockHook56 {
+    mapping(uint256 => address) public ownerOf;
+    address public immutable MOCK_STORE;
+    mapping(address => mapping(address => bool)) public isApprovedForAll;
+
+    constructor(address store) {
+        MOCK_STORE = store;
+    }
+
+    function STORE() external view returns (address) {
+        return MOCK_STORE;
+    }
+
+    function setOwner(uint256 tokenId, address owner) external {
+        ownerOf[tokenId] = owner;
+    }
+
+    function setApprovalForAll(address operator, bool approved) external {
+        isApprovedForAll[msg.sender][operator] = approved;
+    }
+
+    function safeTransferFrom(address from, address to, uint256 tokenId) external {
+        require(
+            msg.sender == ownerOf[tokenId] || msg.sender == from || isApprovedForAll[from][msg.sender],
+            "MockHook: not authorized"
+        );
+        ownerOf[tokenId] = to;
+        if (to.code.length > 0) {
+            bytes4 retval = IERC721Receiver(to).onERC721Received(msg.sender, from, tokenId, "");
+            require(retval == IERC721Receiver.onERC721Received.selector, "MockHook: receiver rejected");
+        }
+    }
+
+    function pricingContext() external pure returns (uint256, uint256, uint256) {
+        return (1, 18, 0);
+    }
+
+    function baseURI() external pure returns (string memory) {
+        return "ipfs://";
+    }
+}
+
+/// @notice Minimal mock store.
+contract MockStore56 {
+    mapping(address => mapping(uint256 => JB721Tier)) public tiers;
+
+    function setTier(address hook, uint256 tokenId, JB721Tier memory tier) external {
+        tiers[hook][tokenId] = tier;
+    }
+
+    function tierOfTokenId(address hook, uint256 tokenId, bool) external view returns (JB721Tier memory) {
+        return tiers[hook][tokenId];
+    }
+
+    function encodedIPFSUriOf(address, uint256) external pure returns (bytes32) {
+        return bytes32(0);
+    }
+}
+
+/// @notice Regression test: L-56 -- events should emit _msgSender(), not msg.sender.
+contract L56_MsgSenderEventsTest is Test {
+    Banny721TokenUriResolver resolver;
+    MockHook56 hook;
+    MockStore56 store;
+
+    address deployer = makeAddr("deployer");
+
+    function setUp() public {
+        store = new MockStore56();
+        hook = new MockHook56(address(store));
+
+        vm.prank(deployer);
+        resolver = new Banny721TokenUriResolver(
+            "<path/>", "<necklace/>", "<mouth/>", "<eyes/>", "<alieneyes/>", deployer, address(0)
+        );
+    }
+
+    /// @notice Verify SetProductName event emits _msgSender() (== deployer) not msg.sender.
+    function test_setProductNames_emitsCorrectCaller() public {
+        uint256[] memory upcs = new uint256[](1);
+        upcs[0] = 100;
+        string[] memory names = new string[](1);
+        names[0] = "Test";
+
+        vm.expectEmit(true, true, true, true);
+        emit IBanny721TokenUriResolver.SetProductName({upc: 100, name: "Test", caller: deployer});
+
+        vm.prank(deployer);
+        resolver.setProductNames(upcs, names);
+    }
+
+    /// @notice Verify SetMetadata event emits _msgSender() (== deployer) not msg.sender.
+    function test_setMetadata_emitsCorrectCaller() public {
+        vm.expectEmit(true, true, true, true);
+        emit IBanny721TokenUriResolver.SetMetadata({
+            description: "desc", externalUrl: "url", baseUri: "base", caller: deployer
+        });
+
+        vm.prank(deployer);
+        resolver.setMetadata("desc", "url", "base");
+    }
+
+    /// @notice Verify SetSvgHash event emits _msgSender() (== deployer) not msg.sender.
+    function test_setSvgHashesOf_emitsCorrectCaller() public {
+        uint256[] memory upcs = new uint256[](1);
+        upcs[0] = 100;
+        bytes32[] memory hashes = new bytes32[](1);
+        hashes[0] = keccak256("test");
+
+        vm.expectEmit(true, true, true, true);
+        emit IBanny721TokenUriResolver.SetSvgHash({upc: 100, svgHash: keccak256("test"), caller: deployer});
+
+        vm.prank(deployer);
+        resolver.setSvgHashesOf(upcs, hashes);
+    }
+
+    /// @notice Verify SetSvgContent event emits _msgSender() not msg.sender.
+    function test_setSvgContentsOf_emitsCorrectCaller() public {
+        string memory content = "test-svg-content";
+
+        // Store hash first.
+        uint256[] memory upcs = new uint256[](1);
+        upcs[0] = 100;
+        bytes32[] memory hashes = new bytes32[](1);
+        hashes[0] = keccak256(abi.encodePacked(content));
+
+        vm.prank(deployer);
+        resolver.setSvgHashesOf(upcs, hashes);
+
+        // Now store content -- anyone can call this.
+        string[] memory contents = new string[](1);
+        contents[0] = content;
+
+        address alice = makeAddr("alice");
+        vm.expectEmit(true, true, true, true);
+        emit IBanny721TokenUriResolver.SetSvgContent({upc: 100, svgContent: content, caller: alice});
+
+        vm.prank(alice);
+        resolver.setSvgContentsOf(upcs, contents);
+    }
+}