@bloxchain/contracts 1.0.0-alpha.7 → 1.0.0

package/core/research/erc721-blox/ERC721Blox.sol

@@ -1,131 +0,0 @@
-// SPDX-License-Identifier: MPL-2.0
-pragma solidity 0.8.33;
-
-// OpenZeppelin
-import "@openzeppelin/contracts-upgradeable/token/ERC721/ERC721Upgradeable.sol";
-import "@openzeppelin/contracts-upgradeable/token/ERC721/extensions/ERC721BurnableUpgradeable.sol";
-import "@openzeppelin/contracts/token/ERC721/IERC721.sol";
-import "@openzeppelin/contracts/utils/introspection/IERC165.sol";
-
-// Core
-import "../../security/SecureOwnable.sol";
-import "../../access/RuntimeRBAC.sol";
-import "../../execution/GuardController.sol";
-import "../../base/BaseStateMachine.sol";
-import "../../lib/interfaces/IDefinition.sol";
-import "./lib/definitions/ERC721BloxDefinitions.sol";
-
-/**
- * @title ERC721Blox
- * @dev ERC721 NFT (IERC721) with SecureOwnable, RuntimeRBAC, and GuardController.
- * Exposes transferFrom, safeTransferFrom (callable only via GuardController), mint (owner-only via controller), and burn (ERC721Burnable via controller).
- * @custom:security-contact security@particlecrypto.com
- */
-contract ERC721Blox is
-    IERC721,
-    ERC721Upgradeable,
-    ERC721BurnableUpgradeable,
-    SecureOwnable,
-    RuntimeRBAC,
-    GuardController
-{
-    /// @custom:oz-upgrades-unsafe-allow constructor
-    constructor() {
-        _disableInitializers();
-    }
-
-    /**
-     * @dev Override to resolve diamond: SecureOwnable, RuntimeRBAC, GuardController all define initialize(5 params).
-     * Call this first, then initializeToken(name, symbol) to set ERC721 metadata.
-     */
-    function initialize(
-        address initialOwner,
-        address broadcaster,
-        address recovery,
-        uint256 timeLockPeriodSec,
-        address eventForwarder
-    ) public virtual override(GuardController, RuntimeRBAC, SecureOwnable) initializer {
-        GuardController.initialize(initialOwner, broadcaster, recovery, timeLockPeriodSec, eventForwarder);
-        RuntimeRBAC.initialize(initialOwner, broadcaster, recovery, timeLockPeriodSec, eventForwarder);
-        SecureOwnable.initialize(initialOwner, broadcaster, recovery, timeLockPeriodSec, eventForwarder);
-
-        IDefinition.RolePermission memory erc721Permissions = ERC721BloxDefinitions.getRolePermissions();
-        _loadDefinitions(
-            ERC721BloxDefinitions.getFunctionSchemas(),
-            erc721Permissions.roleHashes,
-            erc721Permissions.functionPermissions,
-            true
-        );
-
-        _addMacroSelector(ERC721BloxDefinitions.TRANSFER_FROM_SELECTOR);
-        _addMacroSelector(ERC721BloxDefinitions.SAFE_TRANSFER_FROM_SELECTOR);
-        _addMacroSelector(ERC721BloxDefinitions.MINT_SELECTOR);
-        _addMacroSelector(ERC721BloxDefinitions.BURN_SELECTOR);
-    }
-
-    /**
-     * @notice Initialize the ERC721 token name and symbol. Call after initialize(5 params).
-     * @param name Token name
-     * @param symbol Token symbol
-     */
-    function initializeToken(string memory name, string memory symbol) public reinitializer(2) {
-        __ERC721_init(name, symbol);
-    }
-
-    /**
-     * @notice Transfer NFT from one account to another; callable only by this contract via GuardController
-     * @param from Sender address
-     * @param to Recipient address
-     * @param tokenId Token ID to transfer
-     */
-    function transferFrom(address from, address to, uint256 tokenId) public virtual override(ERC721Upgradeable, IERC721) {
-        _validateExecuteBySelf();
-        super.transferFrom(from, to, tokenId);
-    }
-
-    /**
-     * @notice Safe transfer NFT from one account to another (with data); callable only by this contract via GuardController.
-     * The 3-arg overload (no data) in the base contract calls this with empty data, so it is also guarded.
-     * @param from Sender address
-     * @param to Recipient address
-     * @param tokenId Token ID to transfer
-     * @param data Additional data for recipient hook
-     */
-    function safeTransferFrom(address from, address to, uint256 tokenId, bytes memory data)
-        public
-        virtual
-        override(ERC721Upgradeable, IERC721)
-    {
-        _validateExecuteBySelf();
-        super.safeTransferFrom(from, to, tokenId, data);
-    }
-
-    /**
-     * @notice Mint an NFT to an account (callable only by this contract via GuardController)
-     * @param to Recipient address
-     * @param tokenId Token ID to mint
-     */
-    function mint(address to, uint256 tokenId) external virtual {
-        _validateExecuteBySelf();
-        _mint(to, tokenId);
-    }
-
-    /**
-     * @notice Burn an NFT (callable only by this contract via GuardController)
-     * @param tokenId Token ID to burn
-     */
-    function burn(uint256 tokenId) public virtual override(ERC721BurnableUpgradeable) {
-        _validateExecuteBySelf();
-        super.burn(tokenId);
-    }
-
-    function supportsInterface(bytes4 interfaceId)
-        public
-        view
-        virtual
-        override(ERC721Upgradeable, SecureOwnable, RuntimeRBAC, GuardController, IERC165)
-        returns (bool)
-    {
-        return interfaceId == type(IERC721).interfaceId || super.supportsInterface(interfaceId) || GuardController.supportsInterface(interfaceId);
-    }
-}

package/core/research/erc721-blox/lib/definitions/ERC721BloxDefinitions.sol

@@ -1,172 +0,0 @@
-// SPDX-License-Identifier: MPL-2.0
-pragma solidity 0.8.33;
-
-import "../../../../lib/EngineBlox.sol";
-import "../../../../lib/interfaces/IDefinition.sol";
-
-/**
- * @title ERC721BloxDefinitions
- * @dev Definition library for ERC721Blox execution selectors (transferFrom, safeTransferFrom, mint, burn).
- * Registers function schemas and role permissions so the GuardController can execute these functions
- * via time-lock and meta-transaction workflows.
- * @custom:security-contact security@particlecrypto.com
- */
-library ERC721BloxDefinitions {
-
-    // System macro selectors (allowed to target address(this) for GuardController execution)
-    bytes4 public constant TRANSFER_FROM_SELECTOR = bytes4(keccak256("transferFrom(address,address,uint256)"));
-    bytes4 public constant SAFE_TRANSFER_FROM_SELECTOR = bytes4(keccak256("safeTransferFrom(address,address,uint256,bytes)"));
-    bytes4 public constant MINT_SELECTOR = bytes4(keccak256("mint(address,uint256)"));
-    bytes4 public constant BURN_SELECTOR = bytes4(keccak256("burn(uint256)"));
-
-    bytes32 public constant ERC721_OPERATION = keccak256("ERC721_OPERATION");
-
-    /**
-     * @dev Returns function schemas for ERC721Blox execution selectors (used by controller).
-     */
-    function getFunctionSchemas() public pure returns (EngineBlox.FunctionSchema[] memory) {
-        EngineBlox.FunctionSchema[] memory schemas = new EngineBlox.FunctionSchema[](4);
-
-        EngineBlox.TxAction[] memory timeDelayRequestActions = new EngineBlox.TxAction[](1);
-        timeDelayRequestActions[0] = EngineBlox.TxAction.EXECUTE_TIME_DELAY_REQUEST;
-        EngineBlox.TxAction[] memory timeDelayApproveActions = new EngineBlox.TxAction[](1);
-        timeDelayApproveActions[0] = EngineBlox.TxAction.EXECUTE_TIME_DELAY_APPROVE;
-        EngineBlox.TxAction[] memory timeDelayCancelActions = new EngineBlox.TxAction[](1);
-        timeDelayCancelActions[0] = EngineBlox.TxAction.EXECUTE_TIME_DELAY_CANCEL;
-        EngineBlox.TxAction[] memory metaTxRequestApproveActions = new EngineBlox.TxAction[](2);
-        metaTxRequestApproveActions[0] = EngineBlox.TxAction.SIGN_META_REQUEST_AND_APPROVE;
-        metaTxRequestApproveActions[1] = EngineBlox.TxAction.EXECUTE_META_REQUEST_AND_APPROVE;
-        EngineBlox.TxAction[] memory metaTxApproveActions = new EngineBlox.TxAction[](2);
-        metaTxApproveActions[0] = EngineBlox.TxAction.SIGN_META_APPROVE;
-        metaTxApproveActions[1] = EngineBlox.TxAction.EXECUTE_META_APPROVE;
-        EngineBlox.TxAction[] memory metaTxCancelActions = new EngineBlox.TxAction[](2);
-        metaTxCancelActions[0] = EngineBlox.TxAction.SIGN_META_CANCEL;
-        metaTxCancelActions[1] = EngineBlox.TxAction.EXECUTE_META_CANCEL;
-
-        uint16 actionsBitmap = EngineBlox.createBitmapFromActions(timeDelayRequestActions)
-            | EngineBlox.createBitmapFromActions(timeDelayApproveActions)
-            | EngineBlox.createBitmapFromActions(timeDelayCancelActions)
-            | EngineBlox.createBitmapFromActions(metaTxRequestApproveActions)
-            | EngineBlox.createBitmapFromActions(metaTxApproveActions)
-            | EngineBlox.createBitmapFromActions(metaTxCancelActions);
-
-        bytes4[] memory transferFromHandlers = new bytes4[](1);
-        transferFromHandlers[0] = TRANSFER_FROM_SELECTOR;
-        bytes4[] memory safeTransferFromHandlers = new bytes4[](1);
-        safeTransferFromHandlers[0] = SAFE_TRANSFER_FROM_SELECTOR;
-        bytes4[] memory mintHandlers = new bytes4[](1);
-        mintHandlers[0] = MINT_SELECTOR;
-        bytes4[] memory burnHandlers = new bytes4[](1);
-        burnHandlers[0] = BURN_SELECTOR;
-
-        schemas[0] = EngineBlox.FunctionSchema({
-            functionSignature: "transferFrom(address,address,uint256)",
-            functionSelector: TRANSFER_FROM_SELECTOR,
-            operationType: ERC721_OPERATION,
-            operationName: "ERC721_TRANSFER_FROM",
-            supportedActionsBitmap: actionsBitmap,
-            isProtected: true,
-            handlerForSelectors: transferFromHandlers
-        });
-        schemas[1] = EngineBlox.FunctionSchema({
-            functionSignature: "safeTransferFrom(address,address,uint256,bytes)",
-            functionSelector: SAFE_TRANSFER_FROM_SELECTOR,
-            operationType: ERC721_OPERATION,
-            operationName: "ERC721_SAFE_TRANSFER_FROM",
-            supportedActionsBitmap: actionsBitmap,
-            isProtected: true,
-            handlerForSelectors: safeTransferFromHandlers
-        });
-        schemas[2] = EngineBlox.FunctionSchema({
-            functionSignature: "mint(address,uint256)",
-            functionSelector: MINT_SELECTOR,
-            operationType: ERC721_OPERATION,
-            operationName: "ERC721_MINT",
-            supportedActionsBitmap: actionsBitmap,
-            isProtected: true,
-            handlerForSelectors: mintHandlers
-        });
-        schemas[3] = EngineBlox.FunctionSchema({
-            functionSignature: "burn(uint256)",
-            functionSelector: BURN_SELECTOR,
-            operationType: ERC721_OPERATION,
-            operationName: "ERC721_BURN",
-            supportedActionsBitmap: actionsBitmap,
-            isProtected: true,
-            handlerForSelectors: burnHandlers
-        });
-
-        return schemas;
-    }
-
-    /**
-     * @dev Returns role permissions for ERC721Blox execution selectors (OWNER and BROADCASTER).
-     */
-    function getRolePermissions() public pure returns (IDefinition.RolePermission memory) {
-        bytes32[] memory roleHashes = new bytes32[](8);
-        EngineBlox.FunctionPermission[] memory functionPermissions = new EngineBlox.FunctionPermission[](8);
-
-        EngineBlox.TxAction[] memory ownerTimeLockRequest = new EngineBlox.TxAction[](1);
-        ownerTimeLockRequest[0] = EngineBlox.TxAction.EXECUTE_TIME_DELAY_REQUEST;
-        EngineBlox.TxAction[] memory ownerTimeLockApprove = new EngineBlox.TxAction[](1);
-        ownerTimeLockApprove[0] = EngineBlox.TxAction.EXECUTE_TIME_DELAY_APPROVE;
-        EngineBlox.TxAction[] memory ownerTimeLockCancel = new EngineBlox.TxAction[](1);
-        ownerTimeLockCancel[0] = EngineBlox.TxAction.EXECUTE_TIME_DELAY_CANCEL;
-        EngineBlox.TxAction[] memory ownerMetaSign = new EngineBlox.TxAction[](1);
-        ownerMetaSign[0] = EngineBlox.TxAction.SIGN_META_REQUEST_AND_APPROVE;
-        EngineBlox.TxAction[] memory ownerMetaApprove = new EngineBlox.TxAction[](1);
-        ownerMetaApprove[0] = EngineBlox.TxAction.SIGN_META_APPROVE;
-        EngineBlox.TxAction[] memory ownerMetaCancel = new EngineBlox.TxAction[](1);
-        ownerMetaCancel[0] = EngineBlox.TxAction.SIGN_META_CANCEL;
-        EngineBlox.TxAction[] memory broadcasterMetaExec = new EngineBlox.TxAction[](1);
-        broadcasterMetaExec[0] = EngineBlox.TxAction.EXECUTE_META_REQUEST_AND_APPROVE;
-        EngineBlox.TxAction[] memory broadcasterMetaApprove = new EngineBlox.TxAction[](1);
-        broadcasterMetaApprove[0] = EngineBlox.TxAction.EXECUTE_META_APPROVE;
-        EngineBlox.TxAction[] memory broadcasterMetaCancel = new EngineBlox.TxAction[](1);
-        broadcasterMetaCancel[0] = EngineBlox.TxAction.EXECUTE_META_CANCEL;
-
-        uint16 ownerBitmap = EngineBlox.createBitmapFromActions(ownerTimeLockRequest)
-            | EngineBlox.createBitmapFromActions(ownerTimeLockApprove)
-            | EngineBlox.createBitmapFromActions(ownerTimeLockCancel)
-            | EngineBlox.createBitmapFromActions(ownerMetaSign)
-            | EngineBlox.createBitmapFromActions(ownerMetaApprove)
-            | EngineBlox.createBitmapFromActions(ownerMetaCancel);
-        uint16 broadcasterBitmap = EngineBlox.createBitmapFromActions(broadcasterMetaExec)
-            | EngineBlox.createBitmapFromActions(broadcasterMetaApprove)
-            | EngineBlox.createBitmapFromActions(broadcasterMetaCancel);
-
-        bytes4[4] memory selectors = [TRANSFER_FROM_SELECTOR, SAFE_TRANSFER_FROM_SELECTOR, MINT_SELECTOR, BURN_SELECTOR];
-        for (uint256 i = 0; i < 4; i++) {
-            bytes4[] memory selfRef = new bytes4[](1);
-            selfRef[0] = selectors[i];
-            roleHashes[i] = EngineBlox.OWNER_ROLE;
-            functionPermissions[i] = EngineBlox.FunctionPermission({
-                functionSelector: selectors[i],
-                grantedActionsBitmap: ownerBitmap,
-                handlerForSelectors: selfRef
-            });
-        }
-        for (uint256 i = 0; i < 4; i++) {
-            bytes4[] memory selfRef = new bytes4[](1);
-            selfRef[0] = selectors[i];
-            roleHashes[4 + i] = EngineBlox.BROADCASTER_ROLE;
-            functionPermissions[4 + i] = EngineBlox.FunctionPermission({
-                functionSelector: selectors[i],
-                grantedActionsBitmap: broadcasterBitmap,
-                handlerForSelectors: selfRef
-            });
-        }
-
-        return IDefinition.RolePermission({
-            roleHashes: roleHashes,
-            functionPermissions: functionPermissions
-        });
-    }
-
-    /**
-     * @dev ERC165: report support for IDefinition when this library is used at an address
-     */
-    function supportsInterface(bytes4 interfaceId) external pure returns (bool) {
-        return interfaceId == type(IDefinition).interfaceId;
-    }
-}

package/core/research/lending-blox/.gitkeep

@@ -1 +0,0 @@
-# Placeholder to keep lending-blox directory in version control

package/core/research/p2p-blox/P2PBlox.sol

@@ -1,266 +0,0 @@
-// SPDX-License-Identifier: MPL-2.0
-pragma solidity 0.8.33;
-
-// OpenZeppelin
-import "@openzeppelin/contracts-upgradeable/utils/ReentrancyGuardUpgradeable.sol";
-import "@openzeppelin/contracts/token/ERC20/IERC20.sol";
-import "@openzeppelin/contracts/token/ERC20/utils/SafeERC20.sol";
-
-// Core
-import "../../security/SecureOwnable.sol";
-import "../../access/RuntimeRBAC.sol";
-import "../../execution/GuardController.sol";
-import "../../base/BaseStateMachine.sol";
-import "../../lib/utils/SharedValidation.sol";
-import "./lib/definitions/P2PBloxDefinitions.sol";
-
-/**
- * @title P2PBlox
- * @dev Peer-to-peer token swap blox: two parties agree on a direct transfer where
- *      the first entity sends token A and the second entity sends token B.
- *      Each side submits a request (offer / counter-offer); a dedicated P2P_APPROVER_ROLE
- *      then approves or rejects the swap before execution.
- *
- * Flow:
- * 1. Party A calls requestOffer(tokenA, amountA, tokenB, amountB) — "I send token A, I want token B".
- * 2. Party B calls requestCounterOffer(offerId, tokenB, amountB, tokenA, amountA) — must match the offer.
- * 3. A wallet with P2P_APPROVER_ROLE calls approveSwap(offerId) to execute both transfers, or
- *    rejectSwap(offerId) to reject the swap.
- *
- * Both parties must have approved this contract for their respective tokens before approveSwap.
- * Uses SafeERC20 and CEI pattern; protected by ReentrancyGuard where state changes and external calls occur.
- *
- * @custom:security-contact security@particlecrypto.com
- */
-contract P2PBlox is GuardController, RuntimeRBAC, SecureOwnable {
-    using SafeERC20 for IERC20;
-
-    /// @dev Swap lifecycle status
-    enum SwapStatus {
-        PENDING,   // Offer created, no counter yet
-        MATCHED,   // Counter-offer submitted, awaiting approver
-        EXECUTING, // Transfers in progress (internal; prevents reentrancy)
-        EXECUTED,  // Swap approved and transfers completed
-        REJECTED,  // Swap rejected by approver
-        CANCELLED  // Offer cancelled (reserved for future use)
-    }
-
-    /// @dev Single offer/counter pair: party A gives (tokenA, amountA), party B gives (tokenB, amountB)
-    struct P2PSwap {
-        address partyA;
-        address tokenA;
-        uint256 amountA;
-        address tokenB;
-        uint256 amountB;
-        address partyB;      // Set when counter-offer is submitted
-        SwapStatus status;
-    }
-
-    /// @dev Next offer ID (1-based)
-    uint256 private _nextOfferId;
-
-    /// @dev offerId => P2PSwap
-    mapping(uint256 => P2PSwap) private _swaps;
-
-    /// @dev Emitted when party A creates an offer
-    event OfferCreated(
-        uint256 indexed offerId,
-        address indexed partyA,
-        address tokenA,
-        uint256 amountA,
-        address tokenB,
-        uint256 amountB
-    );
-
-    /// @dev Emitted when party B submits a counter-offer matching the offer
-    event CounterOfferCreated(
-        uint256 indexed offerId,
-        address indexed partyB
-    );
-
-    /// @dev Emitted when the approver executes the swap
-    event SwapApproved(uint256 indexed offerId);
-
-    /// @dev Emitted when the approver rejects the swap
-    event SwapRejected(uint256 indexed offerId);
-
-    error InvalidOffer(uint256 offerId);
-    error OfferNotPending(uint256 offerId);
-    error OfferNotMatched(uint256 offerId);
-    error CounterOfferMismatch();
-    error InvalidParties();
-    error OnlyApprover();
-    error ZeroAmount();
-
-    /// @custom:oz-upgrades-unsafe-allow constructor
-    constructor() {
-        _disableInitializers();
-    }
-
-    /**
-     * @notice Initializes P2PBlox and creates the P2P_APPROVER_ROLE.
-     * Assign approver wallets via RuntimeRBAC roleConfigBatch (ADD_WALLET for P2P_APPROVER_ROLE) after deployment.
-     * @param initialOwner Initial owner
-     * @param broadcaster Broadcaster address
-     * @param recovery Recovery address
-     * @param timeLockPeriodSec Time-lock period in seconds
-     * @param eventForwarder Event forwarder address
-     */
-    function initialize(
-        address initialOwner,
-        address broadcaster,
-        address recovery,
-        uint256 timeLockPeriodSec,
-        address eventForwarder
-    ) public virtual override(GuardController, RuntimeRBAC, SecureOwnable) initializer {
-        GuardController.initialize(initialOwner, broadcaster, recovery, timeLockPeriodSec, eventForwarder);
-        RuntimeRBAC.initialize(initialOwner, broadcaster, recovery, timeLockPeriodSec, eventForwarder);
-        SecureOwnable.initialize(initialOwner, broadcaster, recovery, timeLockPeriodSec, eventForwarder);
-
-        // Create dedicated approver role (non-protected; assign wallets via RuntimeRBAC roleConfigBatch)
-        _createRole("P2P_APPROVER_ROLE", P2PBloxDefinitions.P2P_APPROVER_MAX_WALLETS, false);
-
-        _nextOfferId = 1;
-    }
-
-    /**
-     * @notice Party A creates an offer: "I send token A (amount A), I want token B (amount B)".
-     * @param tokenA Token address party A will send
-     * @param amountA Amount of token A
-     * @param tokenB Token address party A wants to receive
-     * @param amountB Amount of token B
-     * @return offerId The created offer ID
-     */
-    function requestOffer(
-        address tokenA,
-        uint256 amountA,
-        address tokenB,
-        uint256 amountB
-    ) external nonReentrant returns (uint256 offerId) {
-        SharedValidation.validateNotZeroAddress(tokenA);
-        SharedValidation.validateNotZeroAddress(tokenB);
-        if (amountA == 0 || amountB == 0) revert ZeroAmount();
-
-        offerId = _nextOfferId++;
-        unchecked {
-            _nextOfferId = _nextOfferId;
-        }
-
-        _swaps[offerId] = P2PSwap({
-            partyA: msg.sender,
-            tokenA: tokenA,
-            amountA: amountA,
-            tokenB: tokenB,
-            amountB: amountB,
-            partyB: address(0),
-            status: SwapStatus.PENDING
-        });
-
-        emit OfferCreated(offerId, msg.sender, tokenA, amountA, tokenB, amountB);
-        return offerId;
-    }
-
-    /**
-     * @notice Party B submits a counter-offer that must match the existing offer (token/amounts).
-     * @param offerId The offer to match
-     * @param tokenB Token address party B will send (must equal offer.tokenB)
-     * @param amountB Amount party B will send (must equal offer.amountB)
-     * @param tokenA Token address party B wants to receive (must equal offer.tokenA)
-     * @param amountA Amount party B wants (must equal offer.amountA)
-     */
-    function requestCounterOffer(
-        uint256 offerId,
-        address tokenB,
-        uint256 amountB,
-        address tokenA,
-        uint256 amountA
-    ) external nonReentrant {
-        P2PSwap storage swap = _swaps[offerId];
-        if (swap.partyA == address(0)) revert InvalidOffer(offerId);
-        if (swap.status != SwapStatus.PENDING) revert OfferNotPending(offerId);
-        if (msg.sender == swap.partyA) revert InvalidParties();
-
-        if (
-            tokenA != swap.tokenA || amountA != swap.amountA ||
-            tokenB != swap.tokenB || amountB != swap.amountB
-        ) revert CounterOfferMismatch();
-
-        swap.partyB = msg.sender;
-        swap.status = SwapStatus.MATCHED;
-
-        emit CounterOfferCreated(offerId, msg.sender);
-    }
-
-    /**
-     * @notice Executes the swap: transfers token A from party A to party B and token B from party B to party A.
-     * Callable only by P2P_APPROVER_ROLE. Both parties must have approved this contract for their tokens.
-     * @param offerId The matched offer to execute
-     */
-    function approveSwap(uint256 offerId) external nonReentrant {
-        if (!hasRole(P2PBloxDefinitions.P2P_APPROVER_ROLE, msg.sender)) revert OnlyApprover();
-
-        P2PSwap storage swap = _swaps[offerId];
-        if (swap.partyA == address(0)) revert InvalidOffer(offerId);
-        if (swap.status != SwapStatus.MATCHED) revert OfferNotMatched(offerId);
-
-        // CEI: capture and update state before external calls
-        address partyA = swap.partyA;
-        address partyB = swap.partyB;
-        address tokenA = swap.tokenA;
-        address tokenB = swap.tokenB;
-        uint256 amountA = swap.amountA;
-        uint256 amountB = swap.amountB;
-
-        swap.status = SwapStatus.EXECUTING;
-
-        IERC20(tokenA).safeTransferFrom(partyA, partyB, amountA);
-        IERC20(tokenB).safeTransferFrom(partyB, partyA, amountB);
-
-        swap.status = SwapStatus.EXECUTED;
-        emit SwapApproved(offerId);
-    }
-
-    /**
-     * @notice Rejects a matched swap. Callable only by P2P_APPROVER_ROLE.
-     * @param offerId The matched offer to reject
-     */
-    function rejectSwap(uint256 offerId) external {
-        if (!hasRole(P2PBloxDefinitions.P2P_APPROVER_ROLE, msg.sender)) revert OnlyApprover();
-
-        P2PSwap storage swap = _swaps[offerId];
-        if (swap.partyA == address(0)) revert InvalidOffer(offerId);
-        if (swap.status != SwapStatus.MATCHED) revert OfferNotMatched(offerId);
-
-        swap.status = SwapStatus.REJECTED;
-        emit SwapRejected(offerId);
-    }
-
-    /**
-     * @notice Returns the full swap record for an offer ID.
-     * @param offerId The offer ID
-     */
-    function getSwap(uint256 offerId) external view returns (P2PSwap memory) {
-        return _swaps[offerId];
-    }
-
-    /**
-     * @notice Returns the next offer ID (for frontends).
-     */
-    function getNextOfferId() external view returns (uint256) {
-        return _nextOfferId;
-    }
-
-    function supportsInterface(bytes4 interfaceId)
-        public
-        view
-        virtual
-        override(GuardController, RuntimeRBAC, SecureOwnable)
-        returns (bool)
-    {
-        return GuardController.supportsInterface(interfaceId)
-            || RuntimeRBAC.supportsInterface(interfaceId)
-            || SecureOwnable.supportsInterface(interfaceId);
-    }
-
-    uint256[50] private __gap;
-}

package/core/research/p2p-blox/README.md

@@ -1,85 +0,0 @@
-# P2P Blox — Peer-to-Peer Token Swap
-
-P2PBlox is a research blox that lets two parties agree on a **direct token swap**: the first entity sends **token A** and the second entity sends **token B**. Each side submits a request (offer and counter-offer); a **dedicated approver role** then approves or rejects the swap before execution.
-
-## Design
-
-- **Dual request**: Party A creates an offer; Party B submits a counter-offer that must match (same tokens and amounts).
-- **Approver role**: Only wallets with `P2P_APPROVER_ROLE` can call `approveSwap` or `rejectSwap`.
-- **Execution**: On approval, the contract performs `transferFrom` for both legs (A→B for token A, B→A for token B). Both parties must have approved the P2PBlox contract for their respective tokens before approval.
-- **Stack**: P2PBlox extends GuardController, RuntimeRBAC, and SecureOwnable (same pattern as FactoryBlox). Swap lifecycle (offer / counter / approve / reject) is implemented in the blox; approver membership is managed via RuntimeRBAC.
-
-## Flow
-
-1. **Party A** — `requestOffer(tokenA, amountA, tokenB, amountB)`  
-   “I send `tokenA` amount `amountA`, I want `tokenB` amount `amountB`.”
-
-2. **Party B** — `requestCounterOffer(offerId, tokenB, amountB, tokenA, amountA)`  
-   Must match the offer: same `tokenA`/`amountA` and `tokenB`/`amountB`. Party B cannot be the same as Party A.
-
-3. **Approver** — either:
-   - `approveSwap(offerId)`  
-     Executes: `tokenA.transferFrom(partyA, partyB, amountA)` and `tokenB.transferFrom(partyB, partyA, amountB)`.
-   - `rejectSwap(offerId)`  
-     Marks the swap as rejected (no transfers).
-
-## State and Status
-
-- **PENDING** — Offer created, no counter-offer yet.
-- **MATCHED** — Counter-offer submitted; waiting for approver.
-- **EXECUTING** — Internal state during transfers (reentrancy guard).
-- **EXECUTED** — Swap completed.
-- **REJECTED** — Approver rejected the swap.
-- **CANCELLED** — Reserved for future use.
-
-## Role: P2P_APPROVER_ROLE
-
-- Created at initialization (non-protected).
-- Max wallets defined in `P2PBloxDefinitions.P2P_APPROVER_MAX_WALLETS` (e.g. 5).
-- No wallets are assigned in `initialize`; assign approvers after deployment via RuntimeRBAC `roleConfigBatch` (e.g. `ADD_WALLET` for `P2P_APPROVER_ROLE`).
-
-## Security
-
-- **CEI**: State (including status) is updated before external `transferFrom` calls.
-- **Reentrancy**: `requestOffer`, `requestCounterOffer`, and `approveSwap` use `nonReentrant`.
-- **Inputs**: Zero address and zero amount checks; counter-offer must match offer; party B ≠ party A.
-- **Transfers**: SafeERC20 for both tokens.
-
-## API Summary
-
-| Function | Caller | Description |
-|----------|--------|-------------|
-| `requestOffer(tokenA, amountA, tokenB, amountB)` | Any | Create offer; returns `offerId`. |
-| `requestCounterOffer(offerId, tokenB, amountB, tokenA, amountA)` | Any (≠ party A) | Match offer; must match tokens/amounts. |
-| `approveSwap(offerId)` | P2P_APPROVER_ROLE | Execute both transfers. |
-| `rejectSwap(offerId)` | P2P_APPROVER_ROLE | Reject swap (no transfers). |
-| `getSwap(offerId)` | Any | Return full swap record. |
-| `getNextOfferId()` | Any | Next offer ID (for UIs). |
-
-## Events
-
-- `OfferCreated(offerId, partyA, tokenA, amountA, tokenB, amountB)`
-- `CounterOfferCreated(offerId, partyB)`
-- `SwapApproved(offerId)`
-- `SwapRejected(offerId)`
-
-## Files
-
-- `P2PBlox.sol` — Main contract (swap logic, role checks, SafeERC20, CEI).
-- `lib/definitions/P2PBloxDefinitions.sol` — Constants: `P2P_APPROVER_ROLE`, `P2P_APPROVER_MAX_WALLETS`, `P2P_SWAP_OPERATION`.
-
-## Deployment and Setup
-
-1. Deploy P2PBlox (e.g. via proxy/clone pattern used elsewhere in the protocol).
-2. Call `initialize(initialOwner, broadcaster, recovery, timeLockPeriodSec, eventForwarder)`.
-3. Assign at least one wallet to `P2P_APPROVER_ROLE` using RuntimeRBAC `roleConfigBatch` (CREATE_ROLE already done in `initialize`; use ADD_WALLET for the approver role hash from `P2PBloxDefinitions.P2P_APPROVER_ROLE`).
-
-## Custom Errors
-
-- `InvalidOffer(offerId)` — Offer does not exist.
-- `OfferNotPending(offerId)` — Offer not in PENDING (e.g. already matched).
-- `OfferNotMatched(offerId)` — Offer not in MATCHED (cannot approve/reject).
-- `CounterOfferMismatch()` — Counter-offer tokens/amounts do not match offer.
-- `InvalidParties()` — Counter-offer from same address as party A.
-- `OnlyApprover()` — Caller does not have `P2P_APPROVER_ROLE`.
-- `ZeroAmount()` — Either amount in an offer is zero.

package/core/research/p2p-blox/lib/definitions/P2PBloxDefinitions.sol

@@ -1,19 +0,0 @@
-// SPDX-License-Identifier: MPL-2.0
-pragma solidity 0.8.33;
-
-/**
- * @title P2PBloxDefinitions
- * @dev Constants and definitions for the P2P (peer-to-peer) swap blox.
- * Defines the dedicated approver role and operation types used by P2PBlox.
- * @custom:security-contact security@particlecrypto.com
- */
-library P2PBloxDefinitions {
-    /// @dev Role hash for the dedicated swap approver (can approve or reject matched swaps)
-    bytes32 public constant P2P_APPROVER_ROLE = keccak256(bytes("P2P_APPROVER_ROLE"));
-
-    /// @dev Maximum number of wallets that can hold the P2P_APPROVER_ROLE
-    uint256 public constant P2P_APPROVER_MAX_WALLETS = 5;
-
-    /// @dev Operation type for P2P swap lifecycle (offer, counter, approve, reject)
-    bytes32 public constant P2P_SWAP_OPERATION = keccak256("P2P_SWAP_OPERATION");
-}