@bannynet/core-v6 0.0.23 → 0.0.25

package/test/audit/DuplicateCategoryRetention.t.sol

@@ -1,163 +0,0 @@
-// SPDX-License-Identifier: MIT
-pragma solidity 0.8.28;
-
-import {Test} from "forge-std/Test.sol";
-import {JB721Tier} from "@bananapus/721-hook-v6/src/structs/JB721Tier.sol";
-import {JB721TierFlags} from "@bananapus/721-hook-v6/src/structs/JB721TierFlags.sol";
-import {IERC721Receiver} from "@openzeppelin/contracts/token/ERC721/IERC721Receiver.sol";
-
-import {Banny721TokenUriResolver} from "../../src/Banny721TokenUriResolver.sol";
-
-contract DuplicateCategoryMockHook {
-    mapping(uint256 tokenId => address) public ownerOf;
-    mapping(address owner => mapping(address operator => bool)) public isApprovedForAll;
-    address public immutable MOCK_STORE;
-
-    constructor(address store) {
-        MOCK_STORE = store;
-    }
-
-    function STORE() external view returns (address) {
-        return MOCK_STORE;
-    }
-
-    function setOwner(uint256 tokenId, address owner) external {
-        ownerOf[tokenId] = owner;
-    }
-
-    function setApprovalForAll(address operator, bool approved) external {
-        isApprovedForAll[msg.sender][operator] = approved;
-    }
-
-    function safeTransferFrom(address from, address to, uint256 tokenId) external {
-        require(
-            msg.sender == ownerOf[tokenId] || msg.sender == from || isApprovedForAll[from][msg.sender],
-            "MockHook: not authorized"
-        );
-        ownerOf[tokenId] = to;
-
-        if (to.code.length != 0) {
-            bytes4 retval = IERC721Receiver(to).onERC721Received(msg.sender, from, tokenId, "");
-            require(retval == IERC721Receiver.onERC721Received.selector, "MockHook: receiver rejected");
-        }
-    }
-
-    function pricingContext() external pure returns (uint256, uint256, uint256) {
-        return (1, 18, 0);
-    }
-
-    function baseURI() external pure returns (string memory) {
-        return "ipfs://";
-    }
-}
-
-contract DuplicateCategoryMockStore {
-    mapping(address hook => mapping(uint256 tokenId => JB721Tier)) public tiers;
-
-    function setTier(address hook, uint256 tokenId, JB721Tier memory tier) external {
-        tiers[hook][tokenId] = tier;
-    }
-
-    function tierOfTokenId(address hook, uint256 tokenId, bool) external view returns (JB721Tier memory) {
-        return tiers[hook][tokenId];
-    }
-
-    // forge-lint: disable-next-line(mixed-case-function)
-    function encodedTierIPFSUriOf(address, uint256) external pure returns (bytes32) {
-        return bytes32(0);
-    }
-
-    // forge-lint: disable-next-line(mixed-case-function)
-    function encodedIPFSUriOf(address, uint256) external pure returns (bytes32) {
-        return bytes32(0);
-    }
-}
-
-contract ERC721RejectingOwner {
-    function approveResolver(DuplicateCategoryMockHook hook, address resolver) external {
-        hook.setApprovalForAll(resolver, true);
-    }
-
-    function decorate(
-        Banny721TokenUriResolver resolver,
-        address hook,
-        uint256 bodyId,
-        uint256 backgroundId,
-        uint256[] memory outfitIds
-    )
-        external
-    {
-        resolver.decorateBannyWith(hook, bodyId, backgroundId, outfitIds);
-    }
-}
-
-contract DuplicateCategoryRetentionTest is Test {
-    Banny721TokenUriResolver resolver;
-    DuplicateCategoryMockHook hook;
-    DuplicateCategoryMockStore store;
-    ERC721RejectingOwner rejector;
-
-    uint256 internal constant BODY_TOKEN = 4_000_000_001;
-    uint256 internal constant NECKLACE_ONE = 10_000_000_001;
-    uint256 internal constant NECKLACE_TWO = 11_000_000_001;
-
-    function setUp() public {
-        store = new DuplicateCategoryMockStore();
-        hook = new DuplicateCategoryMockHook(address(store));
-        rejector = new ERC721RejectingOwner();
-
-        resolver = new Banny721TokenUriResolver(
-            "<path/>", "<necklace/>", "<mouth/>", "<eyes/>", "<alieneyes/>", address(this), address(0)
-        );
-
-        _setupTier(BODY_TOKEN, 4, 0);
-        _setupTier(NECKLACE_ONE, 10, 3);
-        _setupTier(NECKLACE_TWO, 11, 3);
-
-        hook.setOwner(BODY_TOKEN, address(rejector));
-        hook.setOwner(NECKLACE_ONE, address(rejector));
-        hook.setOwner(NECKLACE_TWO, address(rejector));
-        rejector.approveResolver(hook, address(resolver));
-    }
-
-    function test_retainedOutfitCanBypassOnePerCategoryInvariant() public {
-        uint256[] memory first = new uint256[](1);
-        first[0] = NECKLACE_ONE;
-        rejector.decorate(resolver, address(hook), BODY_TOKEN, 0, first);
-
-        uint256[] memory replacement = new uint256[](1);
-        replacement[0] = NECKLACE_TWO;
-
-        // After the L-1 fix, the duplicate category is detected and the call reverts.
-        vm.expectRevert(Banny721TokenUriResolver.Banny721TokenUriResolver_DuplicateCategory.selector);
-        rejector.decorate(resolver, address(hook), BODY_TOKEN, 0, replacement);
-    }
-
-    function _setupTier(uint256 tokenId, uint32 tierId, uint24 category) internal {
-        store.setTier(
-            address(hook),
-            tokenId,
-            JB721Tier({
-                id: tierId,
-                price: 0.01 ether,
-                remainingSupply: 100,
-                initialSupply: 100,
-                votingUnits: 0,
-                reserveFrequency: 0,
-                reserveBeneficiary: address(0),
-                encodedIPFSUri: bytes32(0),
-                category: category,
-                discountPercent: 0,
-                flags: JB721TierFlags({
-                    allowOwnerMint: false,
-                    transfersPausable: false,
-                    cantBeRemoved: false,
-                    cantIncreaseDiscountPercent: false,
-                    cantBuyWithCredits: false
-                }),
-                splitPercent: 0,
-                resolvedUri: ""
-            })
-        );
-    }
-}

package/test/audit/MergedOutfitExclusivity.t.sol

@@ -1,228 +0,0 @@
-// SPDX-License-Identifier: MIT
-pragma solidity 0.8.28;
-
-import {Test} from "forge-std/Test.sol";
-import {JB721Tier} from "@bananapus/721-hook-v6/src/structs/JB721Tier.sol";
-import {JB721TierFlags} from "@bananapus/721-hook-v6/src/structs/JB721TierFlags.sol";
-import {IERC721Receiver} from "@openzeppelin/contracts/token/ERC721/IERC721Receiver.sol";
-
-import {Banny721TokenUriResolver} from "../../src/Banny721TokenUriResolver.sol";
-
-/// @dev Mock hook that supports safeTransferFrom with ERC721Receiver checks.
-contract ExclusivityMockHook {
-    // Maps token IDs to their current owner.
-    mapping(uint256 tokenId => address) public ownerOf;
-    // Maps owners to operator approvals.
-    mapping(address owner => mapping(address operator => bool)) public isApprovedForAll;
-
-    // The mock store address, returned by STORE().
-    address public immutable MOCK_STORE;
-
-    constructor(address store) {
-        // Store the mock store address at construction time.
-        MOCK_STORE = store;
-    }
-
-    /// @dev Returns the mock store address for tier lookups.
-    function STORE() external view returns (address) {
-        return MOCK_STORE;
-    }
-
-    /// @dev Sets the owner of a token ID (test helper).
-    function setOwner(uint256 tokenId, address owner) external {
-        ownerOf[tokenId] = owner;
-    }
-
-    /// @dev Sets operator approval for the caller.
-    function setApprovalForAll(address operator, bool approved) external {
-        isApprovedForAll[msg.sender][operator] = approved;
-    }
-
-    /// @dev Safe transfer that checks ERC721Receiver on contract recipients.
-    function safeTransferFrom(address from, address to, uint256 tokenId) external {
-        // Verify the caller is authorized to transfer this token.
-        require(
-            msg.sender == ownerOf[tokenId] || msg.sender == from || isApprovedForAll[from][msg.sender],
-            "ExclusivityMockHook: not authorized"
-        );
-
-        // Update ownership to the new owner.
-        ownerOf[tokenId] = to;
-
-        // If the recipient is a contract, check ERC721Receiver.
-        if (to.code.length > 0) {
-            // Call onERC721Received and verify the return selector.
-            bytes4 retval = IERC721Receiver(to).onERC721Received(msg.sender, from, tokenId, "");
-            // Revert if the receiver rejects the transfer.
-            require(retval == IERC721Receiver.onERC721Received.selector, "ExclusivityMockHook: receiver rejected");
-        }
-    }
-
-    /// @dev Returns mock pricing context (currency=1, decimals=18, prices=0).
-    function pricingContext() external pure returns (uint256, uint256, uint256) {
-        return (1, 18, 0);
-    }
-
-    /// @dev Returns a mock base URI for metadata.
-    function baseURI() external pure returns (string memory) {
-        return "ipfs://";
-    }
-}
-
-/// @dev Mock store that returns tier data for token IDs.
-contract ExclusivityMockStore {
-    // Maps (hook, tokenId) to tier data.
-    mapping(address hook => mapping(uint256 tokenId => JB721Tier)) public tiers;
-
-    /// @dev Sets the tier data for a given (hook, tokenId) pair.
-    function setTier(address hook, uint256 tokenId, JB721Tier memory tier) external {
-        tiers[hook][tokenId] = tier;
-    }
-
-    /// @dev Returns the tier for a given (hook, tokenId) pair.
-    function tierOfTokenId(address hook, uint256 tokenId, bool) external view returns (JB721Tier memory) {
-        return tiers[hook][tokenId];
-    }
-
-    /// @dev Returns a zero IPFS URI (unused in these tests).
-    // forge-lint: disable-next-line(mixed-case-function)
-    function encodedIPFSUriOf(address, uint256) external pure returns (bytes32) {
-        return bytes32(0);
-    }
-}
-
-/// @dev Contract that does NOT implement IERC721Receiver -- transfers to it will revert.
-///      Used to simulate a scenario where returning an outfit fails.
-contract ERC721Rejector {
-    /// @dev Approves the resolver as an operator on the hook.
-    function approveResolver(ExclusivityMockHook hook, address resolver) external {
-        hook.setApprovalForAll(resolver, true);
-    }
-
-    /// @dev Calls decorateBannyWith on behalf of this contract.
-    function decorate(
-        Banny721TokenUriResolver resolver,
-        address hook,
-        uint256 bannyBodyId,
-        uint256 backgroundId,
-        uint256[] memory outfitIds
-    )
-        external
-    {
-        resolver.decorateBannyWith(hook, bannyBodyId, backgroundId, outfitIds);
-    }
-}
-
-/// @title MergedOutfitExclusivityTest
-/// @notice Tests that category exclusivity is enforced on the merged set (retained + new outfits),
-///         not just the new outfit set alone.
-contract MergedOutfitExclusivityTest is Test {
-    // The resolver under test.
-    Banny721TokenUriResolver resolver;
-    // Mock hook for NFT ownership tracking.
-    ExclusivityMockHook hook;
-    // Mock store for tier/category lookups.
-    ExclusivityMockStore store;
-    // Contract that rejects ERC721 transfers (no IERC721Receiver).
-    ERC721Rejector rejector;
-
-    // Token IDs follow the pattern used in other banny tests:
-    // body is category 0, tier ID 4 => token 4_000_000_001
-    uint256 constant BODY_TOKEN = 4_000_000_001;
-    // HEAD is category 4, tier ID 11 => token 11_000_000_001
-    uint256 constant HEAD_TOKEN = 11_000_000_001;
-    // EYES is category 5, tier ID 12 => token 12_000_000_001
-    uint256 constant EYES_TOKEN = 12_000_000_001;
-
-    function setUp() public {
-        // Deploy mock store for tier lookups.
-        store = new ExclusivityMockStore();
-        // Deploy mock hook with the store.
-        hook = new ExclusivityMockHook(address(store));
-        // Deploy the contract that rejects incoming ERC721 transfers.
-        rejector = new ERC721Rejector();
-
-        // Deploy the resolver with placeholder SVG paths and no trusted forwarder.
-        resolver = new Banny721TokenUriResolver(
-            "<path/>", "<necklace/>", "<mouth/>", "<eyes/>", "<alieneyes/>", address(this), address(0)
-        );
-
-        // Set up tier data: body (category 0), HEAD (category 4), EYES (category 5).
-        _setupTier(BODY_TOKEN, 4, 0);
-        _setupTier(HEAD_TOKEN, 11, 4);
-        _setupTier(EYES_TOKEN, 12, 5);
-    }
-
-    // -----------------------------------------------------------------------
-    // Test: Merged set exclusivity with retained outfits
-    // -----------------------------------------------------------------------
-    // Scenario: equip a HEAD outfit, make its return fail, then try to equip
-    // an EYES outfit. The merged set (retained HEAD + new EYES) should violate
-    // HEAD/EYES exclusivity and revert.
-    function test_mergedSetExclusivity_retainedHeadBlocksNewEyes() public {
-        // Give the rejector contract ownership of body, HEAD, and EYES tokens.
-        hook.setOwner(BODY_TOKEN, address(rejector));
-        hook.setOwner(HEAD_TOKEN, address(rejector));
-        hook.setOwner(EYES_TOKEN, address(rejector));
-
-        // Approve the resolver to transfer tokens on behalf of the rejector.
-        rejector.approveResolver(hook, address(resolver));
-
-        // Step 1: Equip the HEAD outfit on the banny body.
-        uint256[] memory headOutfit = new uint256[](1);
-        headOutfit[0] = HEAD_TOKEN;
-        // This transfers HEAD_TOKEN to the resolver's custody.
-        rejector.decorate(resolver, address(hook), BODY_TOKEN, 0, headOutfit);
-
-        // Verify HEAD is now worn by the banny body.
-        assertEq(resolver.wearerOf(address(hook), HEAD_TOKEN), BODY_TOKEN, "HEAD should be worn by body");
-        // Verify HEAD is in the resolver's custody.
-        assertEq(hook.ownerOf(HEAD_TOKEN), address(resolver), "HEAD should be in resolver custody");
-
-        // Step 2: Try to replace HEAD with EYES.
-        // The resolver will try to return HEAD to the rejector, but the rejector
-        // does not implement IERC721Receiver, so the transfer fails silently.
-        // HEAD is retained in the merged set. The new set contains only EYES.
-        // The merged set = [EYES, HEAD] which violates HEAD/EYES exclusivity.
-        uint256[] memory eyesOutfit = new uint256[](1);
-        eyesOutfit[0] = EYES_TOKEN;
-
-        // Expect revert because the merged set has both HEAD (retained) and EYES (new).
-        vm.expectRevert(Banny721TokenUriResolver.Banny721TokenUriResolver_HeadAlreadyAdded.selector);
-        // Attempt to decorate with EYES -- should revert due to exclusivity.
-        rejector.decorate(resolver, address(hook), BODY_TOKEN, 0, eyesOutfit);
-    }
-
-    // -----------------------------------------------------------------------
-    // Helpers
-    // -----------------------------------------------------------------------
-
-    /// @dev Sets up a tier in the mock store for a given token.
-    function _setupTier(uint256 tokenId, uint32 tierId, uint24 category) internal {
-        // Create tier data with the specified ID and category.
-        JB721Tier memory tier = JB721Tier({
-            id: tierId,
-            price: 0.01 ether,
-            remainingSupply: 100,
-            initialSupply: 100,
-            votingUnits: 0,
-            reserveFrequency: 0,
-            reserveBeneficiary: address(0),
-            encodedIPFSUri: bytes32(0),
-            category: category,
-            discountPercent: 0,
-            flags: JB721TierFlags({
-                allowOwnerMint: false,
-                transfersPausable: false,
-                cantBeRemoved: false,
-                cantIncreaseDiscountPercent: false,
-                cantBuyWithCredits: false
-            }),
-            splitPercent: 0,
-            resolvedUri: ""
-        });
-
-        // Store the tier data in the mock store.
-        store.setTier(address(hook), tokenId, tier);
-    }
-}

package/test/audit/MigrationHelperVerificationBypass.t.sol

@@ -1,102 +0,0 @@
-// SPDX-License-Identifier: MIT
-pragma solidity 0.8.28;
-
-import {Test} from "forge-std/Test.sol";
-
-import {IJB721TiersHookStore} from "@bananapus/721-hook-v6/src/interfaces/IJB721TiersHookStore.sol";
-
-import {MigrationHelper} from "../../script/helpers/MigrationHelper.sol";
-
-contract MigrationHelperVerificationBypassTest is Test {
-    address internal constant ALICE = address(0xA11CE);
-    address internal constant FALLBACK_RESOLVER = address(0xFA11BAC);
-
-    MockStore internal v4Store;
-    MockStore internal v5Store;
-    MockHook internal v4Hook;
-    MockHook internal v5Hook;
-    MigrationHelperHarness internal harness;
-
-    function setUp() public {
-        v4Store = new MockStore();
-        v5Store = new MockStore();
-        v4Hook = new MockHook(address(v4Store));
-        v5Hook = new MockHook(address(v5Store));
-        harness = new MigrationHelperHarness();
-    }
-
-    function test_verifyTierBalances_skipsAllOwnersForTierWhenFallbackResolverOwnsAnyOfTier() public {
-        address[] memory owners = new address[](1);
-        owners[0] = ALICE;
-
-        uint256[] memory tierIds = new uint256[](1);
-        tierIds[0] = 7;
-
-        // Alice is over-allocated in V5 versus V4 for tier 7.
-        v4Store.setTierBalance(address(v4Hook), ALICE, 7, 1);
-        v5Store.setTierBalance(address(v5Hook), ALICE, 7, 2);
-
-        // One unrelated V4 token of the same tier sits in the fallback resolver.
-        v4Store.setTierBalance(address(v4Hook), FALLBACK_RESOLVER, 7, 1);
-
-        // Intended behavior would reject Alice's inflation, but the helper skips the tier entirely.
-        harness.verifyTierBalances(address(v5Hook), address(v4Hook), FALLBACK_RESOLVER, owners, tierIds);
-    }
-
-    function test_verifyTierBalances_revertsWhenFallbackResolverDoesNotOwnTier() public {
-        address[] memory owners = new address[](1);
-        owners[0] = ALICE;
-
-        uint256[] memory tierIds = new uint256[](1);
-        tierIds[0] = 7;
-
-        v4Store.setTierBalance(address(v4Hook), ALICE, 7, 1);
-        v5Store.setTierBalance(address(v5Hook), ALICE, 7, 2);
-
-        vm.expectRevert(
-            bytes(
-                "V5 tier balance exceeds V4: owner=0x00000000000000000000000000000000000a11ce tier=7 v4Balance=1 v5Balance=2"
-            )
-        );
-        harness.verifyTierBalances(address(v5Hook), address(v4Hook), FALLBACK_RESOLVER, owners, tierIds);
-    }
-}
-
-contract MigrationHelperHarness {
-    function verifyTierBalances(
-        address hookAddress,
-        address v4HookAddress,
-        address v4FallbackResolverAddress,
-        address[] memory owners,
-        uint256[] memory tierIds
-    )
-        external
-        view
-    {
-        MigrationHelper.verifyTierBalances(hookAddress, v4HookAddress, v4FallbackResolverAddress, owners, tierIds);
-    }
-}
-
-contract MockHook {
-    address internal immutable _STORE;
-
-    constructor(address store) {
-        _STORE = store;
-    }
-
-    function STORE() external view returns (IJB721TiersHookStore) {
-        return IJB721TiersHookStore(_STORE);
-    }
-}
-
-contract MockStore {
-    mapping(address hook => mapping(address owner => mapping(uint256 tierId => uint256))) internal _tierBalanceOf;
-
-    function setTierBalance(address hook, address owner, uint256 tierId, uint256 balance) external {
-        _tierBalanceOf[hook][owner][tierId] = balance;
-    }
-
-    function tierBalanceOf(address hook, address owner, uint256 tierId) external view returns (uint256) {
-        return _tierBalanceOf[hook][owner][tierId];
-    }
-}

package/test/audit/TryTransferFromStrandsAssets.t.sol

@@ -1,197 +0,0 @@
-// SPDX-License-Identifier: MIT
-pragma solidity 0.8.28;
-
-import {Test} from "forge-std/Test.sol";
-import {JB721Tier} from "@bananapus/721-hook-v6/src/structs/JB721Tier.sol";
-import {JB721TierFlags} from "@bananapus/721-hook-v6/src/structs/JB721TierFlags.sol";
-import {IERC721Receiver} from "@openzeppelin/contracts/token/ERC721/IERC721Receiver.sol";
-
-import {Banny721TokenUriResolver} from "../../src/Banny721TokenUriResolver.sol";
-
-contract StrandMockHook {
-    mapping(uint256 tokenId => address) public ownerOf;
-    mapping(address owner => mapping(address operator => bool)) public isApprovedForAll;
-
-    address public immutable MOCK_STORE;
-
-    constructor(address store) {
-        MOCK_STORE = store;
-    }
-
-    function STORE() external view returns (address) {
-        return MOCK_STORE;
-    }
-
-    function setOwner(uint256 tokenId, address owner) external {
-        ownerOf[tokenId] = owner;
-    }
-
-    function setApprovalForAll(address operator, bool approved) external {
-        isApprovedForAll[msg.sender][operator] = approved;
-    }
-
-    function safeTransferFrom(address from, address to, uint256 tokenId) external {
-        require(
-            msg.sender == ownerOf[tokenId] || msg.sender == from || isApprovedForAll[from][msg.sender],
-            "StrandMockHook: not authorized"
-        );
-
-        ownerOf[tokenId] = to;
-
-        if (to.code.length > 0) {
-            bytes4 retval = IERC721Receiver(to).onERC721Received(msg.sender, from, tokenId, "");
-            require(retval == IERC721Receiver.onERC721Received.selector, "StrandMockHook: receiver rejected");
-        }
-    }
-
-    function pricingContext() external pure returns (uint256, uint256, uint256) {
-        return (1, 18, 0);
-    }
-
-    function baseURI() external pure returns (string memory) {
-        return "ipfs://";
-    }
-}
-
-contract StrandMockStore {
-    mapping(address hook => mapping(uint256 tokenId => JB721Tier)) public tiers;
-
-    function setTier(address hook, uint256 tokenId, JB721Tier memory tier) external {
-        tiers[hook][tokenId] = tier;
-    }
-
-    function tierOfTokenId(address hook, uint256 tokenId, bool) external view returns (JB721Tier memory) {
-        return tiers[hook][tokenId];
-    }
-
-    // forge-lint: disable-next-line(mixed-case-function)
-    function encodedIPFSUriOf(address, uint256) external pure returns (bytes32) {
-        return bytes32(0);
-    }
-}
-
-contract NonReceiverOwner {
-    function approveResolver(StrandMockHook hook, address resolver) external {
-        hook.setApprovalForAll(resolver, true);
-    }
-
-    function decorate(
-        Banny721TokenUriResolver resolver,
-        address hook,
-        uint256 bannyBodyId,
-        uint256 backgroundId,
-        uint256[] memory outfitIds
-    )
-        external
-    {
-        resolver.decorateBannyWith(hook, bannyBodyId, backgroundId, outfitIds);
-    }
-}
-
-contract TryTransferFromStrandsAssetsTest is Test {
-    Banny721TokenUriResolver resolver;
-    StrandMockHook hook;
-    StrandMockStore store;
-    NonReceiverOwner ownerContract;
-
-    uint256 constant BODY_TOKEN = 4_000_000_001;
-    uint256 constant BACKGROUND_TOKEN = 5_000_000_001;
-    uint256 constant NECKLACE_TOKEN = 10_000_000_001;
-
-    function setUp() public {
-        store = new StrandMockStore();
-        hook = new StrandMockHook(address(store));
-        ownerContract = new NonReceiverOwner();
-
-        resolver = new Banny721TokenUriResolver(
-            "<path/>", "<necklace/>", "<mouth/>", "<eyes/>", "<alieneyes/>", address(this), address(0)
-        );
-
-        _setupTier(BODY_TOKEN, 4, 0);
-        _setupTier(BACKGROUND_TOKEN, 5, 1);
-        _setupTier(NECKLACE_TOKEN, 10, 3);
-
-        hook.setOwner(BODY_TOKEN, address(ownerContract));
-        hook.setOwner(BACKGROUND_TOKEN, address(ownerContract));
-        hook.setOwner(NECKLACE_TOKEN, address(ownerContract));
-
-        ownerContract.approveResolver(hook, address(resolver));
-    }
-
-    function test_antiStranding_assetsRetainedWhenOwnerCannotReceiveERC721() public {
-        // Equip background and necklace outfit.
-        uint256[] memory outfits = new uint256[](1);
-        outfits[0] = NECKLACE_TOKEN;
-
-        ownerContract.decorate(resolver, address(hook), BODY_TOKEN, BACKGROUND_TOKEN, outfits);
-
-        assertEq(hook.ownerOf(BACKGROUND_TOKEN), address(resolver), "background should be in resolver custody");
-        assertEq(hook.ownerOf(NECKLACE_TOKEN), address(resolver), "outfit should be in resolver custody");
-
-        // Try to undress --transfers back to NonReceiverOwner will fail because it doesn't implement IERC721Receiver.
-        uint256[] memory empty = new uint256[](0);
-        ownerContract.decorate(resolver, address(hook), BODY_TOKEN, 0, empty);
-
-        // Both NFTs remain in resolver custody (transfer failed silently).
-        assertEq(hook.ownerOf(BACKGROUND_TOKEN), address(resolver), "background remains in resolver custody");
-        assertEq(hook.ownerOf(NECKLACE_TOKEN), address(resolver), "outfit remains in resolver custody");
-
-        // KEY CHANGE: State is now PRESERVED --tracking is NOT cleared on failed transfers.
-        // Background remains tracked because _decorateBannyWithBackground aborts the removal on failed transfer.
-        assertEq(
-            resolver.userOf(address(hook), BACKGROUND_TOKEN),
-            BODY_TOKEN,
-            "background tracking preserved -- still attached to body"
-        );
-
-        // Outfit is retained in the attached list because _storeOutfitsWithRetained merges failed transfers.
-        assertEq(
-            resolver.wearerOf(address(hook), NECKLACE_TOKEN),
-            BODY_TOKEN,
-            "outfit tracking preserved --still worn by body"
-        );
-
-        // assetIdsOf reflects the retained state.
-        (uint256 backgroundId, uint256[] memory currentOutfits) = resolver.assetIdsOf(address(hook), BODY_TOKEN);
-        assertEq(backgroundId, BACKGROUND_TOKEN, "body still exposes the background");
-        assertEq(currentOutfits.length, 1, "body still exposes the outfit");
-        assertEq(currentOutfits[0], NECKLACE_TOKEN, "retained outfit is the necklace");
-
-        // The owner CAN still re-decorate because the assets are still tracked.
-        // Re-equipping the same outfit (no-op transfer) works fine.
-        outfits[0] = NECKLACE_TOKEN;
-        ownerContract.decorate(resolver, address(hook), BODY_TOKEN, BACKGROUND_TOKEN, outfits);
-
-        // State remains consistent.
-        (backgroundId, currentOutfits) = resolver.assetIdsOf(address(hook), BODY_TOKEN);
-        assertEq(backgroundId, BACKGROUND_TOKEN, "background re-equipped");
-        assertEq(currentOutfits.length, 1, "outfit still attached");
-        assertEq(currentOutfits[0], NECKLACE_TOKEN, "outfit is still the necklace");
-    }
-
-    function _setupTier(uint256 tokenId, uint32 tierId, uint24 category) internal {
-        JB721Tier memory tier = JB721Tier({
-            id: tierId,
-            price: 0.01 ether,
-            remainingSupply: 100,
-            initialSupply: 100,
-            votingUnits: 0,
-            reserveFrequency: 0,
-            reserveBeneficiary: address(0),
-            encodedIPFSUri: bytes32(0),
-            category: category,
-            discountPercent: 0,
-            flags: JB721TierFlags({
-                allowOwnerMint: false,
-                transfersPausable: false,
-                cantBeRemoved: false,
-                cantIncreaseDiscountPercent: false,
-                cantBuyWithCredits: false
-            }),
-            splitPercent: 0,
-            resolvedUri: ""
-        });
-
-        store.setTier(address(hook), tokenId, tier);
-    }
-}