@bannynet/core-v6 0.0.8 → 0.0.10

package/src/Banny721TokenUriResolver.sol

@@ -127,6 +127,12 @@ contract Banny721TokenUriResolver is
     /// @dev Naked Banny's will only be shown with outfits currently owned by the owner of the banny body.
     /// @dev NOTE: Equipped outfits travel with the banny body NFT on transfer. When a body is transferred,
     /// the new owner inherits all equipped outfits and can unequip them to receive the outfit NFTs.
+    // The _attachedOutfitIdsOf array grows with each attachment. Gas cost for operations
+    // iterating this array increases linearly. In practice, Bannys have a small, bounded number of outfit slots
+    // (< 20), making gas cost manageable. No explicit cap is needed given the natural slot limit.
+    // This array may contain stale entries (e.g. outfits transferred away externally). Stale entries are
+    // filtered at read time via `outfitsOf` and `wearerOf`, which check current ownership/attachment status.
+    // This lazy reconciliation avoids extra storage writes on every transfer.
     /// @custom:param hook The hook address of the collection.
     /// @custom:param bannyBodyId The ID of the banny body of the outfits.
     mapping(address hook => mapping(uint256 bannyBodyId => uint256[])) internal _attachedOutfitIdsOf;
@@ -616,6 +622,9 @@ contract Banny721TokenUriResolver is
     }
 
     /// @notice Encode the token URI JSON with base64.
+    // Metadata strings (name, description, external_url) are set by the contract owner, not by users.
+    // No JSON escaping is applied — the owner is trusted to provide valid values. On-chain JSON is consumed
+    // by off-chain indexers and UIs, not rendered in a browser context where XSS would apply.
     function _encodeTokenUri(
         uint256 tokenId,
         JB721Tier memory product,
@@ -1025,6 +1034,9 @@ contract Banny721TokenUriResolver is
     }
 
     /// @dev Make sure tokens can be received if the transaction was initiated by this contract.
+    // NFTs sent via transferFrom (not safeTransferFrom) bypass onERC721Received and cannot be
+    // tracked or recovered. This is an inherent ERC-721 limitation — the contract cannot prevent non-safe
+    // transfers. Users and UIs should always use safeTransferFrom.
     /// @param operator The address that initiated the transaction.
     /// @param from The address that initiated the transfer.
     /// @param tokenId The ID of the token being transferred.
@@ -1073,6 +1085,8 @@ contract Banny721TokenUriResolver is
     }
 
     /// @notice Allows the owner to set the product's name.
+    /// @dev Product names are mutable — the owner can update them at any time. This is intentional to allow
+    /// corrections and localization. Names are only used in metadata and do not affect on-chain logic.
     /// @param upcs The universal product codes of the products having their name stored.
     /// @param names The names of the products.
     function setProductNames(uint256[] memory upcs, string[] memory names) external override onlyOwner {
@@ -1362,6 +1376,16 @@ contract Banny721TokenUriResolver is
         _attachedOutfitIdsOf[hook][bannyBodyId] = outfitIds;
     }
 
+    /// @notice Check if a value is present in an array.
+    /// @param value The value to search for.
+    /// @param array The array to search in.
+    /// @return found True if the value was found.
+    function _isInArray(uint256 value, uint256[] memory array) internal pure returns (bool found) {
+        for (uint256 i; i < array.length; i++) {
+            if (array[i] == value) return true;
+        }
+    }
+
     /// @notice Transfer a token from one address to another.
     /// @param hook The 721 contract of the token being transferred.
     /// @param from The address to transfer the token from.
@@ -1373,6 +1397,10 @@ contract Banny721TokenUriResolver is
 
     /// @notice Try to transfer a token, silently succeeding if the transfer fails (e.g. token was burned).
     /// @dev Used when returning previously equipped items that may no longer exist.
+    // `_tryTransferFrom` may silently fail to transfer outfit NFTs, leaving them attached to the
+    // Banny but owned by a different address. This is by design — the try-catch pattern prevents a single failing
+    // outfit transfer from blocking the entire Banny transfer. Orphaned outfits can be recovered by the original
+    // owner.
     /// @param hook The 721 contract of the token being transferred.
     /// @param from The address to transfer the token from.
     /// @param to The address to transfer the token to.
@@ -1381,14 +1409,4 @@ contract Banny721TokenUriResolver is
         // slither-disable-next-line reentrancy-no-eth
         try IERC721(hook).safeTransferFrom({from: from, to: to, tokenId: assetId}) {} catch {}
     }
-
-    /// @notice Check if a value is present in an array.
-    /// @param value The value to search for.
-    /// @param array The array to search in.
-    /// @return found True if the value was found.
-    function _isInArray(uint256 value, uint256[] memory array) internal pure returns (bool found) {
-        for (uint256 i; i < array.length; i++) {
-            if (array[i] == value) return true;
-        }
-    }
 }

package/test/Banny721TokenUriResolver.t.sol

@@ -79,10 +79,12 @@ contract MockStore {
         return tiers[hook][tokenId];
     }
 
+    // forge-lint: disable-next-line(mixed-case-function)
     function encodedTierIPFSUriOf(address, uint256) external pure returns (bytes32) {
         return bytes32(0);
     }
 
+    // forge-lint: disable-next-line(mixed-case-function)
     function encodedIPFSUriOf(address, uint256) external pure returns (bytes32) {
         return bytes32(0);
     }
@@ -166,7 +168,7 @@ contract TestBanny721TokenUriResolver is Test {
     // --- Constructor --------------------------------------------------- //
     //*********************************************************************//
 
-    function test_constructor_setsDefaults() public {
+    function test_constructor_setsDefaults() public view {
         assertEq(resolver.BANNY_BODY(), "<path/>");
         assertEq(resolver.DEFAULT_NECKLACE(), "<necklace/>");
         assertEq(resolver.DEFAULT_MOUTH(), "<mouth/>");
@@ -607,27 +609,27 @@ contract TestBanny721TokenUriResolver is Test {
         resolver.decorateBannyWith(address(hook), BODY_TOKEN, 0, outfitIds1);
 
         // Create a new necklace token.
-        uint256 NECKLACE_TOKEN_2 = 11_000_000_001;
-        _setupTier(NECKLACE_TOKEN_2, 11, 3); // Same category (3)
-        hook.setOwner(NECKLACE_TOKEN_2, alice);
+        uint256 necklaceToken2 = 11_000_000_001;
+        _setupTier(necklaceToken2, 11, 3); // Same category (3)
+        hook.setOwner(necklaceToken2, alice);
 
         // Replace with new necklace. Old one should be returned.
         uint256[] memory outfitIds2 = new uint256[](1);
-        outfitIds2[0] = NECKLACE_TOKEN_2;
+        outfitIds2[0] = necklaceToken2;
         vm.prank(alice);
         resolver.decorateBannyWith(address(hook), BODY_TOKEN, 0, outfitIds2);
 
         // Old necklace returned to alice.
         assertEq(hook.ownerOf(NECKLACE_TOKEN), alice, "old necklace should be returned");
         // New necklace held by resolver.
-        assertEq(hook.ownerOf(NECKLACE_TOKEN_2), address(resolver), "new necklace should be held");
+        assertEq(hook.ownerOf(necklaceToken2), address(resolver), "new necklace should be held");
     }
 
     //*********************************************************************//
     // --- onERC721Received ---------------------------------------------- //
     //*********************************************************************//
 
-    function test_onERC721Received_acceptsFromSelf() public {
+    function test_onERC721Received_acceptsFromSelf() public view {
         bytes4 result = resolver.onERC721Received(address(resolver), alice, 1, "");
         assertEq(result, IERC721Receiver.onERC721Received.selector, "should accept from self");
     }
@@ -641,7 +643,7 @@ contract TestBanny721TokenUriResolver is Test {
     // --- View: assetIdsOf with no outfits ------------------------------ //
     //*********************************************************************//
 
-    function test_assetIdsOf_empty() public {
+    function test_assetIdsOf_empty() public view {
         (uint256 backgroundId, uint256[] memory outfitIds) = resolver.assetIdsOf(address(hook), BODY_TOKEN);
         assertEq(backgroundId, 0, "no background initially");
         assertEq(outfitIds.length, 0, "no outfits initially");
@@ -651,11 +653,11 @@ contract TestBanny721TokenUriResolver is Test {
     // --- View: userOf / wearerOf --------------------------------------- //
     //*********************************************************************//
 
-    function test_userOf_returnsZeroIfNotAttached() public {
+    function test_userOf_returnsZeroIfNotAttached() public view {
         assertEq(resolver.userOf(address(hook), BACKGROUND_TOKEN), 0, "no user initially");
     }
 
-    function test_wearerOf_returnsZeroIfNotWorn() public {
+    function test_wearerOf_returnsZeroIfNotWorn() public view {
         assertEq(resolver.wearerOf(address(hook), NECKLACE_TOKEN), 0, "no wearer initially");
     }
 

package/test/BannyAttacks.t.sol

@@ -70,10 +70,12 @@ contract AttackMockStore {
         return tiers[hook][tokenId];
     }
 
+    // forge-lint: disable-next-line(mixed-case-function)
     function encodedTierIPFSUriOf(address, uint256) external pure returns (bytes32) {
         return bytes32(0);
     }
 
+    // forge-lint: disable-next-line(mixed-case-function)
     function encodedIPFSUriOf(address, uint256) external pure returns (bytes32) {
         return bytes32(0);
     }

package/test/DecorateFlow.t.sol

@@ -70,10 +70,12 @@ contract DecorateFlowMockStore {
         return tiers[hook][tokenId];
     }
 
+    // forge-lint: disable-next-line(mixed-case-function)
     function encodedTierIPFSUriOf(address, uint256) external pure returns (bytes32) {
         return bytes32(0);
     }
 
+    // forge-lint: disable-next-line(mixed-case-function)
     function encodedIPFSUriOf(address, uint256) external pure returns (bytes32) {
         return bytes32(0);
     }

package/test/Fork.t.sol

@@ -27,7 +27,6 @@ import {JB721TiersHookFlags} from "@bananapus/721-hook-v6/src/structs/JB721Tiers
 import {JBDeploy721TiersHookConfig} from "@bananapus/721-hook-v6/src/structs/JBDeploy721TiersHookConfig.sol";
 import {JB721Tier} from "@bananapus/721-hook-v6/src/structs/JB721Tier.sol";
 import {IJB721TokenUriResolver} from "@bananapus/721-hook-v6/src/interfaces/IJB721TokenUriResolver.sol";
-import {IJBPrices} from "@bananapus/core-v6/src/interfaces/IJBPrices.sol";
 import {JBCurrencyIds} from "@bananapus/core-v6/src/libraries/JBCurrencyIds.sol";
 import {JBSplit} from "@bananapus/core-v6/src/structs/JBSplit.sol";
 
@@ -113,10 +112,12 @@ contract ReentrantMockStore {
         return tiers[hook][tokenId];
     }
 
+    // forge-lint: disable-next-line(mixed-case-function)
     function encodedTierIPFSUriOf(address, uint256) external pure returns (bytes32) {
         return bytes32(0);
     }
 
+    // forge-lint: disable-next-line(mixed-case-function)
     function encodedIPFSUriOf(address, uint256) external pure returns (bytes32) {
         return bytes32(0);
     }
@@ -299,13 +300,13 @@ contract BannyForkTest is Test {
         assertEq(IERC721(address(bannyHook)).ownerOf(ORIGINAL_BODY_1), alice);
     }
 
-    function test_fork_e2e_alienBodyDefaultEyes() public {
+    function test_fork_e2e_alienBodyDefaultEyes() public view {
         // Alice owns ALIEN_BODY_1. Naked alien body should inject alien eyes in SVG.
         string memory svg = resolver.svgOf(address(bannyHook), ALIEN_BODY_1, true, false);
         assertGt(bytes(svg).length, 0, "alien body SVG should render");
     }
 
-    function test_fork_e2e_outfitRenderedOnMannequin() public {
+    function test_fork_e2e_outfitRenderedOnMannequin() public view {
         // Unequipped outfit token should render on mannequin.
         string memory uri = resolver.tokenUriOf(address(bannyHook), NECKLACE_1);
         assertGt(bytes(uri).length, 0, "outfit URI should render on mannequin");
@@ -781,14 +782,14 @@ contract BannyForkTest is Test {
     // 7. TOKEN URI RENDERING
     // ═══════════════════════════════════════════════════════════════════════
 
-    function test_fork_render_nakedBodyHasDefaultInjections() public {
+    function test_fork_render_nakedBodyHasDefaultInjections() public view {
         // A naked body should still render with default necklace, eyes, mouth.
         string memory svg = resolver.svgOf(address(bannyHook), ORIGINAL_BODY_1, true, false);
         assertGt(bytes(svg).length, 0, "naked body should render");
         // The SVG should contain the body path and defaults.
     }
 
-    function test_fork_render_allFourBodyTypes() public {
+    function test_fork_render_allFourBodyTypes() public view {
         // Each body type should render.
         string memory alienSvg = resolver.svgOf(address(bannyHook), ALIEN_BODY_1, true, false);
         string memory pinkSvg = resolver.svgOf(address(bannyHook), PINK_BODY_1, true, false);
@@ -1011,17 +1012,17 @@ contract BannyForkTest is Test {
         assertEq(outfitIds.length, 0);
     }
 
-    function test_fork_edge_assetIdsEmptyInitially() public {
+    function test_fork_edge_assetIdsEmptyInitially() public view {
         (uint256 bgId, uint256[] memory outfitIds) = resolver.assetIdsOf(address(bannyHook), ORIGINAL_BODY_1);
         assertEq(bgId, 0);
         assertEq(outfitIds.length, 0);
     }
 
-    function test_fork_edge_wearerOfUnwornReturnsZero() public {
+    function test_fork_edge_wearerOfUnwornReturnsZero() public view {
         assertEq(resolver.wearerOf(address(bannyHook), NECKLACE_1), 0);
     }
 
-    function test_fork_edge_userOfUnusedBackgroundReturnsZero() public {
+    function test_fork_edge_userOfUnusedBackgroundReturnsZero() public view {
         assertEq(resolver.userOf(address(bannyHook), BACKGROUND_1), 0);
     }
 
@@ -1136,7 +1137,7 @@ contract BannyForkTest is Test {
         resolver.decorateBannyWith(address(bannyHook), ORIGINAL_BODY_1, 0, outfits);
     }
 
-    function test_fork_edge_namesReturnsCorrectData() public {
+    function test_fork_edge_namesReturnsCorrectData() public view {
         // Verify namesOf returns correct product name for each body type.
         (string memory alienFull,,) = resolver.namesOf(address(bannyHook), ALIEN_BODY_1);
         assertGt(bytes(alienFull).length, 0, "alien name should not be empty");
@@ -1791,6 +1792,7 @@ contract BannyForkTest is Test {
     // Internal helpers
     // ═══════════════════════════════════════════════════════════════════════
 
+    // forge-lint: disable-next-line(mixed-case-function)
     function _deployJBCore() internal {
         jbPermissions = new JBPermissions(trustedForwarder);
         jbProjects = new JBProjects(multisig, address(0), trustedForwarder);
@@ -1944,6 +1946,7 @@ contract BannyForkTest is Test {
         });
     }
 
+    // forge-lint: disable-next-line(mixed-case-function)
     function _mintInitialNFTs() internal {
         // Mint bodies and outfits to alice, bob.
         vm.startPrank(multisig); // hook owner can mint