npm - @chainlink/ace - Versions diffs - 0.5.0 → 1.0.0 - Mend

@chainlink/ace 0.5.0 → 1.0.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (126) hide show

package/packages/policy-management/test/helpers/BaseCertifiedActionTest.sol ADDED Viewed

@@ -0,0 +1,44 @@
+// SPDX-License-Identifier: BUSL-1.1
+pragma solidity ^0.8.20;
+import {ICertifiedActionValidator} from "../../src/interfaces/ICertifiedActionValidator.sol";
+import {CertifiedActionValidatorPolicy} from "../../src/policies/CertifiedActionValidatorPolicy.sol";
+import {BaseProxyTest} from "./BaseProxyTest.sol";
+contract BaseCertifiedActionTest is BaseProxyTest {
+  uint256 private _nonce;
+  function _generatePermit(
+    address caller,
+    address subject,
+    bytes4 selector,
+    bytes[] memory parameters
+  )
+    internal
+    returns (ICertifiedActionValidator.Permit memory)
+  {
+    return ICertifiedActionValidator.Permit(
+      keccak256(abi.encodePacked(_nonce++)),
+      caller,
+      address(subject),
+      selector,
+      parameters,
+      "",
+      0,
+      uint48(block.timestamp + 1 days)
+    );
+  }
+  function _signPermit(
+    CertifiedActionValidatorPolicy policy,
+    ICertifiedActionValidator.Permit memory permit,
+    uint256 pKey
+  )
+    internal
+    view
+    returns (bytes memory)
+  {
+    (uint8 v, bytes32 r, bytes32 s) = vm.sign(pKey, policy.hashTypedDataV4Permit(permit));
+    return abi.encodePacked(r, s, v);
+  }
+}

package/packages/policy-management/test/helpers/BaseProxyTest.sol CHANGED Viewed

@@ -1,12 +1,12 @@
 // SPDX-License-Identifier: BUSL-1.1
-pragma solidity 0.8.26;
+pragma solidity ^0.8.20;
 import {Test} from "forge-std/Test.sol";
 import {ERC1967Proxy} from "@openzeppelin/contracts/proxy/ERC1967/ERC1967Proxy.sol";
 import {IPolicyEngine} from "../../src/interfaces/IPolicyEngine.sol";
 import {PolicyEngine} from "../../src/core/PolicyEngine.sol";
 import {Policy} from "../../src/core/Policy.sol";
-import {MockToken} from "./MockToken.sol";
+import {MockTokenUpgradeable} from "./MockTokenUpgradeable.sol";
 /**
  * @title BaseProxyTest
@@ -55,21 +55,102 @@ abstract contract BaseProxyTest is Test {
    */
   function _deployMockToken(address policyEngine) internal returns (address) {
     // Import and create MockToken implementation
-    MockToken mockTokenImpl = new MockToken();
-    bytes memory mockTokenData = abi.encodeWithSelector(MockToken.initialize.selector, policyEngine);
+    MockTokenUpgradeable mockTokenImpl = new MockTokenUpgradeable();
+    bytes memory mockTokenData = abi.encodeWithSelector(MockTokenUpgradeable.initialize.selector, policyEngine);
     ERC1967Proxy mockTokenProxy = new ERC1967Proxy(address(mockTokenImpl), mockTokenData);
     return address(mockTokenProxy);
   }
+  /**
+   * @notice Encode PolicyRunRejected error for use with vm.expectRevert
+   * @param policy The address of the policy that rejected the action
+   * @param reason The reason for rejection
+   * @param payload The payload that was rejected
+   * @return The encoded error data
+   */
   function _encodeRejectedRevert(
-    bytes4 selector,
     address policy,
-    string memory reason
+    string memory reason,
+    IPolicyEngine.Payload memory payload
   )
     internal
     pure
     returns (bytes memory)
   {
-    return abi.encodeWithSelector(IPolicyEngine.PolicyRunRejected.selector, selector, policy, reason);
+    return abi.encodeWithSelector(IPolicyEngine.PolicyRunRejected.selector, policy, reason, payload);
+  }
+  /**
+   * @notice Expect a PolicyRunRejected revert with a payload
+   * @param policy The address of the policy that rejected the action
+   * @param reason The reason for rejection
+   * @param payload The payload that was rejected
+   */
+  function _expectRejectedRevert(address policy, string memory reason, IPolicyEngine.Payload memory payload) internal {
+    vm.expectRevert(_encodeRejectedRevert(policy, reason, payload));
+  }
+  /**
+   * @notice Expect a PolicyRunRejected revert with a payload created from parameters
+   * @param policy The address of the policy that rejected the action
+   * @param reason The reason for rejection
+   * @param selector The function selector
+   * @param sender The sender address
+   * @param data The encoded function parameters
+   * @param context The context bytes (defaults to empty if not provided)
+   */
+  function _expectRejectedRevert(
+    address policy,
+    string memory reason,
+    bytes4 selector,
+    address sender,
+    bytes memory data,
+    bytes memory context
+  )
+    internal
+  {
+    IPolicyEngine.Payload memory payload =
+      IPolicyEngine.Payload({selector: selector, sender: sender, data: data, context: context});
+    _expectRejectedRevert(policy, reason, payload);
+  }
+  /**
+   * @notice Expect a PolicyRunRejected revert with a payload created from parameters (empty context)
+   * @param policy The address of the policy that rejected the action
+   * @param reason The reason for rejection
+   * @param selector The function selector
+   * @param sender The sender address
+   * @param data The encoded function parameters
+   */
+  function _expectRejectedRevert(
+    address policy,
+    string memory reason,
+    bytes4 selector,
+    address sender,
+    bytes memory data
+  )
+    internal
+  {
+    _expectRejectedRevert(policy, reason, selector, sender, data, "");
+  }
+  /**
+   * @notice Expect a PolicyRunError revert with a payload
+   * @param policy The address of the policy that caused the error
+   * @param error The encoded error data
+   * @param payload The payload that caused the error
+   */
+  function _expectRunError(address policy, bytes memory error, IPolicyEngine.Payload memory payload) internal {
+    vm.expectRevert(abi.encodeWithSelector(IPolicyEngine.PolicyRunError.selector, policy, error, payload));
+  }
+  /**
+   * @notice Expect a PolicyPostRunError revert with a payload
+   * @param policy The address of the policy that caused the error
+   * @param error The encoded error data
+   * @param payload The payload that caused the error
+   */
+  function _expectPostRunError(address policy, bytes memory error, IPolicyEngine.Payload memory payload) internal {
+    vm.expectRevert(abi.encodeWithSelector(IPolicyEngine.PolicyPostRunError.selector, policy, error, payload));
   }
 }

package/packages/policy-management/test/helpers/CustomMapper.sol CHANGED Viewed

@@ -1,10 +1,12 @@
 // SPDX-License-Identifier: BUSL-1.1
-pragma solidity 0.8.26;
+pragma solidity ^0.8.20;
 import {IMapper} from "../../src/interfaces/IMapper.sol";
 import {IPolicyEngine} from "../../src/interfaces/IPolicyEngine.sol";
 contract CustomMapper is IMapper {
+  string public constant override typeAndVersion = "CustomMapper 1.0.0";
   bytes[] private s_mappedParameters;
   function setMappedParameters(bytes[] memory mappedParameters) public {

package/packages/policy-management/test/helpers/DummyExtractor.sol CHANGED Viewed

@@ -1,10 +1,12 @@
 // SPDX-License-Identifier: BUSL-1.1
-pragma solidity 0.8.26;
+pragma solidity ^0.8.20;
 import {IExtractor} from "../../src/interfaces/IExtractor.sol";
 import {IPolicyEngine} from "../../src/interfaces/IPolicyEngine.sol";
 contract DummyExtractor is IExtractor {
+  string public constant override typeAndVersion = "DummyExtractor 1.0.0";
   function extract(IPolicyEngine.Payload calldata) external pure override returns (IPolicyEngine.Parameter[] memory) {
     return new IPolicyEngine.Parameter[](0);
   }

package/packages/policy-management/test/helpers/ExpectedParameterPolicy.sol CHANGED Viewed

@@ -1,10 +1,12 @@
 // SPDX-License-Identifier: BUSL-1.1
-pragma solidity 0.8.26;
+pragma solidity ^0.8.20;
 import {IPolicyEngine} from "../../src/interfaces/IPolicyEngine.sol";
 import {Policy} from "../../src/core/Policy.sol";
 contract ExpectedParameterPolicy is Policy {
+  string public constant override typeAndVersion = "ExpectedParameterPolicy 1.0.0";
   bytes[] private s_expectedParameters;
   function configure(bytes calldata parameters) internal override onlyInitializing {

package/packages/policy-management/test/helpers/FaultyPolicyEngine.sol ADDED Viewed

@@ -0,0 +1,54 @@
+// SPDX-License-Identifier: BUSL-1.1
+pragma solidity ^0.8.20;
+import {IPolicyEngine} from "../../src/interfaces/IPolicyEngine.sol";
+contract FaultyPolicyEngine is IPolicyEngine {
+  function typeAndVersion() external pure override returns (string memory) {
+    return "FaultyPolicyEngine 1.0.0";
+  }
+  function attach() external override {}
+  function detach() public override {
+    revert("FaultyPolicyEngine: detach not allowed");
+  }
+  function setExtractor(bytes4, address) external override {}
+  function setExtractors(bytes4[] calldata, address) external override {}
+  function getExtractor(bytes4) external view override returns (address) {
+    return address(0);
+  }
+  function setPolicyMapper(address, address) external override {}
+  function getPolicyMapper(address) external view override returns (address) {
+    return address(0);
+  }
+  function addPolicy(address, bytes4, address, bytes32[] calldata) external override {}
+  function addPolicyAt(address, bytes4, address, bytes32[] calldata, uint256) external override {}
+  function removePolicy(address, bytes4, address) external override {}
+  function getPolicies(address, bytes4) external view override returns (address[] memory) {
+    return new address[](0);
+  }
+  function setPolicyConfiguration(address, uint256, bytes4, bytes calldata) external override {}
+  function getPolicyConfigVersion(address) external view override returns (uint256) {
+    return 0;
+  }
+  function setDefaultPolicyAllow(bool) external override {}
+  function setTargetDefaultPolicyAllow(address, bool) external override {}
+  function check(Payload calldata) external view override {}
+  function run(Payload calldata) external override {}
+}

package/packages/policy-management/test/helpers/MockCertifiedActionValidatorPolicyExtension.sol ADDED Viewed

@@ -0,0 +1,46 @@
+// SPDX-License-Identifier: BUSL-1.1
+pragma solidity ^0.8.20;
+import {CertifiedActionValidatorPolicy} from "../../src/policies/CertifiedActionValidatorPolicy.sol";
+contract MockCertifiedActionValidatorPolicyExtension is CertifiedActionValidatorPolicy {
+  function _validatePrePresentedPermitHook(
+    bytes32, /*permitId*/
+    address, /*caller*/
+    address, /*subject*/
+    bytes4, /*selector*/
+    bytes[] memory /*parameters*/
+  )
+    internal
+    view
+    override
+    returns (bool)
+  {
+    // call a non-internal function so that it is observable by vm.expectCall
+    return this.validatePrePresentedPermitHook();
+  }
+  function validatePrePresentedPermitHook() public pure returns (bool) {
+    return true;
+  }
+  function _validateSignedPermitHook(
+    Permit memory, /*permit*/
+    address, /*caller*/
+    address, /*subject*/
+    bytes4, /*selector*/
+    bytes[] memory /*parameters*/
+  )
+    internal
+    view
+    override
+    returns (bool)
+  {
+    // call a non-internal function so that it is observable by vm.expectCall
+    return this.validatePermitHook();
+  }
+  function validatePermitHook() public pure returns (bool) {
+    return true;
+  }
+}

package/packages/policy-management/test/helpers/MockToken.sol CHANGED Viewed

@@ -2,9 +2,8 @@
 pragma solidity ^0.8.20;
 import {PolicyProtected} from "@chainlink/policy-management/core/PolicyProtected.sol";
-import {Initializable} from "@openzeppelin/contracts-upgradeable/proxy/utils/Initializable.sol";
-contract MockToken is Initializable, PolicyProtected {
+contract MockToken is PolicyProtected {
   mapping(address account => uint256 balance) public s_balances;
   uint256 public totalSupply = 0;
   bool public paused;
@@ -18,9 +17,7 @@ contract MockToken is Initializable, PolicyProtected {
     _;
   }
-  function initialize(address policyEngine) external initializer {
-    __PolicyProtected_init(msg.sender, policyEngine);
-  }
+  constructor(address policyEngine) PolicyProtected(msg.sender, policyEngine) {}
   function transfer(address to, uint256 amount) external whenNotPaused runPolicy {
     s_balances[to] += amount;

package/packages/policy-management/test/helpers/MockTokenExtractor.sol CHANGED Viewed

@@ -1,11 +1,13 @@
 // SPDX-License-Identifier: BUSL-1.1
-pragma solidity 0.8.26;
+pragma solidity ^0.8.20;
 import {IExtractor} from "../../src/interfaces/IExtractor.sol";
 import {IPolicyEngine} from "../../src/interfaces/IPolicyEngine.sol";
-import {MockToken} from "./MockToken.sol";
+import {MockTokenUpgradeable} from "./MockTokenUpgradeable.sol";
 contract MockTokenExtractor is IExtractor {
+  string public constant override typeAndVersion = "MockTokenExtractor 1.0.0";
   bytes32 public constant PARAM_FROM = keccak256("from");
   bytes32 public constant PARAM_TO = keccak256("to");
   bytes32 public constant PARAM_AMOUNT = keccak256("amount");
@@ -15,10 +17,13 @@ contract MockTokenExtractor is IExtractor {
     address to = address(0);
     uint256 amount = 0;
-    if (payload.selector == MockToken.transfer.selector || payload.selector == MockToken.transferWithContext.selector) {
+    if (
+      payload.selector == MockTokenUpgradeable.transfer.selector
+        || payload.selector == MockTokenUpgradeable.transferWithContext.selector
+    ) {
       from = payload.sender;
       (to, amount) = abi.decode(payload.data, (address, uint256));
-    } else if (payload.selector == MockToken.transferFrom.selector) {
+    } else if (payload.selector == MockTokenUpgradeable.transferFrom.selector) {
       (from, to, amount) = abi.decode(payload.data, (address, address, uint256));
     } else {
       revert IPolicyEngine.UnsupportedSelector(payload.selector);

package/packages/policy-management/test/helpers/MockTokenUpgradeable.sol ADDED Viewed

@@ -0,0 +1,66 @@
+// SPDX-License-Identifier: BUSL-1.1
+pragma solidity ^0.8.20;
+import {PolicyProtectedUpgradeable} from "@chainlink/policy-management/core/PolicyProtectedUpgradeable.sol";
+import {Initializable} from "@openzeppelin/contracts-upgradeable/proxy/utils/Initializable.sol";
+contract MockTokenUpgradeable is Initializable, PolicyProtectedUpgradeable {
+  mapping(address account => uint256 balance) public s_balances;
+  uint256 public totalSupply = 0;
+  bool public paused;
+  error Paused();
+  modifier whenNotPaused() {
+    if (paused) {
+      revert Paused();
+    }
+    _;
+  }
+  function initialize(address policyEngine) external initializer {
+    __PolicyProtected_init(msg.sender, policyEngine);
+  }
+  function transfer(address to, uint256 amount) external whenNotPaused runPolicy {
+    s_balances[to] += amount;
+  }
+  function transferWithContext(
+    address to,
+    uint256 amount,
+    bytes calldata context
+  )
+    external
+    whenNotPaused
+    runPolicyWithContext(context)
+  {
+    s_balances[to] += amount;
+  }
+  function transferFrom(address, /*from*/ address to, uint256 amount) external whenNotPaused runPolicy {
+    s_balances[to] += amount;
+  }
+  function balanceOf(address account) external view returns (uint256) {
+    return s_balances[account];
+  }
+  function mint(address to, uint256 amount) external whenNotPaused runPolicy {
+    s_balances[to] += amount;
+    totalSupply += amount;
+  }
+  function burn(address to, uint256 amount) external whenNotPaused runPolicy {
+    s_balances[to] -= amount;
+    totalSupply -= amount;
+  }
+  function pause() external runPolicy {
+    paused = true;
+  }
+  function unpause() external runPolicy {
+    paused = false;
+  }
+}

package/packages/policy-management/test/helpers/PolicyAlwaysAllowed.sol CHANGED Viewed

@@ -1,10 +1,12 @@
 // SPDX-License-Identifier: BUSL-1.1
-pragma solidity 0.8.26;
+pragma solidity ^0.8.20;
 import {IPolicyEngine} from "../../src/interfaces/IPolicyEngine.sol";
 import {Policy} from "../../src/core/Policy.sol";
 contract PolicyAlwaysAllowed is Policy {
+  string public constant override typeAndVersion = "PolicyAlwaysAllowed 1.0.0";
   uint8 private s_policyNumber;
   event PolicyAllowedExecuted(uint256 value);

package/packages/policy-management/test/helpers/PolicyAlwaysContinue.sol CHANGED Viewed

@@ -1,11 +1,13 @@
 // SPDX-License-Identifier: BUSL-1.1
-pragma solidity 0.8.26;
+pragma solidity ^0.8.20;
 import {IPolicyEngine} from "../../src/interfaces/IPolicyEngine.sol";
 import {Policy} from "../../src/core/Policy.sol";
 contract PolicyAlwaysContinue is Policy {
+  string public constant override typeAndVersion = "PolicyAlwaysContinue 1.0.0";
   function run(
     address,
     address,

package/packages/policy-management/test/helpers/PolicyAlwaysRejected.sol CHANGED Viewed

@@ -1,11 +1,15 @@
 // SPDX-License-Identifier: BUSL-1.1
-pragma solidity 0.8.26;
+pragma solidity ^0.8.20;
 import {IPolicyEngine} from "../../src/interfaces/IPolicyEngine.sol";
 import {Policy} from "../../src/core/Policy.sol";
 contract PolicyAlwaysRejected is Policy {
+  string public constant override typeAndVersion = "PolicyAlwaysRejected 1.0.0";
+  event ConfigFuncExecuted();
   function run(
     address,
     address,
@@ -20,4 +24,9 @@ contract PolicyAlwaysRejected is Policy {
   {
     revert IPolicyEngine.PolicyRejected("test policy always rejects");
   }
+  function configFunc() external onlyOwner {
+    // dummy logic
+    emit ConfigFuncExecuted();
+  }
 }

package/packages/policy-management/test/helpers/PolicyFailingRun.sol CHANGED Viewed

@@ -1,10 +1,12 @@
 // SPDX-License-Identifier: BUSL-1.1
-pragma solidity 0.8.26;
+pragma solidity ^0.8.20;
 import {IPolicyEngine} from "../../src/interfaces/IPolicyEngine.sol";
 import {Policy} from "../../src/core/Policy.sol";
 contract PolicyFailingRun is Policy {
+  string public constant override typeAndVersion = "PolicyFailingRun 1.0.0";
   function run(
     address,
     address,

package/packages/policy-management/test/policies/AllowPolicy.t.sol CHANGED Viewed

@@ -1,16 +1,16 @@
 // SPDX-License-Identifier: BUSL-1.1
-pragma solidity 0.8.26;
+pragma solidity ^0.8.20;
 import {IPolicyEngine, PolicyEngine} from "@chainlink/policy-management/core/PolicyEngine.sol";
 import {ERC20TransferExtractor} from "@chainlink/policy-management/extractors/ERC20TransferExtractor.sol";
 import {AllowPolicy} from "@chainlink/policy-management/policies/AllowPolicy.sol";
-import {MockToken} from "../helpers/MockToken.sol";
+import {MockTokenUpgradeable} from "../helpers/MockTokenUpgradeable.sol";
 import {ERC3643MintBurnExtractor} from "@chainlink/policy-management/extractors/ERC3643MintBurnExtractor.sol";
 import {BaseProxyTest} from "../helpers/BaseProxyTest.sol";
 contract AllowPolicyTest is BaseProxyTest {
   PolicyEngine public policyEngine;
-  MockToken public token;
+  MockTokenUpgradeable public token;
   AllowPolicy public allowPolicy;
   address public deployer;
   address public account;
@@ -30,21 +30,23 @@ contract AllowPolicyTest is BaseProxyTest {
     // add account by default
     allowPolicy.allowAddress(account);
-    token = MockToken(_deployMockToken(address(policyEngine)));
+    token = MockTokenUpgradeable(_deployMockToken(address(policyEngine)));
     // set up the allowPolicy to check the recipient and origin of token transfers (multiple accounts)
     ERC20TransferExtractor transferExtractor = new ERC20TransferExtractor();
     bytes32[] memory transferPolicyParams = new bytes32[](2);
     transferPolicyParams[0] = transferExtractor.PARAM_TO();
     transferPolicyParams[1] = transferExtractor.PARAM_FROM();
-    policyEngine.setExtractor(MockToken.transfer.selector, address(transferExtractor));
-    policyEngine.addPolicy(address(token), MockToken.transfer.selector, address(allowPolicy), transferPolicyParams);
+    policyEngine.setExtractor(MockTokenUpgradeable.transfer.selector, address(transferExtractor));
+    policyEngine.addPolicy(
+      address(token), MockTokenUpgradeable.transfer.selector, address(allowPolicy), transferPolicyParams
+    );
     // set up the allowPolicy to check the mint account (single account)
     ERC3643MintBurnExtractor mintBurnExtractor = new ERC3643MintBurnExtractor();
     bytes32[] memory mintPolicyParams = new bytes32[](1);
     mintPolicyParams[0] = mintBurnExtractor.PARAM_ACCOUNT();
-    policyEngine.setExtractor(MockToken.mint.selector, address(mintBurnExtractor));
-    policyEngine.addPolicy(address(token), MockToken.mint.selector, address(allowPolicy), mintPolicyParams);
+    policyEngine.setExtractor(MockTokenUpgradeable.mint.selector, address(mintBurnExtractor));
+    policyEngine.addPolicy(address(token), MockTokenUpgradeable.mint.selector, address(allowPolicy), mintPolicyParams);
   }
   function test_allowAddress_succeeds() public {
@@ -113,8 +115,12 @@ contract AllowPolicyTest is BaseProxyTest {
     vm.startPrank(account, account);
     // transfer from address to recipient (reverts)
-    vm.expectRevert(
-      _encodeRejectedRevert(MockToken.transfer.selector, address(allowPolicy), "address is not on allow list")
+    _expectRejectedRevert(
+      address(allowPolicy),
+      "address is not on allow list",
+      MockTokenUpgradeable.transfer.selector,
+      account,
+      abi.encode(recipient, 100)
     );
     token.transfer(recipient, 100);
   }
@@ -135,8 +141,12 @@ contract AllowPolicyTest is BaseProxyTest {
     // transfer from address to recipient (should revert after removal)
     vm.startPrank(account, account);
-    vm.expectRevert(
-      _encodeRejectedRevert(MockToken.transfer.selector, address(allowPolicy), "address is not on allow list")
+    _expectRejectedRevert(
+      address(allowPolicy),
+      "address is not on allow list",
+      MockTokenUpgradeable.transfer.selector,
+      account,
+      abi.encode(recipient, 100)
     );
     token.transfer(recipient, 100);
   }
@@ -150,8 +160,12 @@ contract AllowPolicyTest is BaseProxyTest {
   function test_mint_notInList_failure() public {
     vm.startPrank(deployer, deployer);
-    vm.expectRevert(
-      _encodeRejectedRevert(MockToken.mint.selector, address(allowPolicy), "address is not on allow list")
+    _expectRejectedRevert(
+      address(allowPolicy),
+      "address is not on allow list",
+      MockTokenUpgradeable.mint.selector,
+      deployer,
+      abi.encode(recipient, 20)
     );
     token.mint(recipient, 20);
   }
@@ -160,15 +174,17 @@ contract AllowPolicyTest is BaseProxyTest {
     vm.startPrank(deployer);
     // misconfigure the allowPolicy to check burn operations (no accounts)
     ERC3643MintBurnExtractor mintBurnExtractor = new ERC3643MintBurnExtractor();
-    policyEngine.setExtractor(MockToken.burn.selector, address(mintBurnExtractor));
-    policyEngine.addPolicy(address(token), MockToken.burn.selector, address(allowPolicy), new bytes32[](0));
-    bytes memory error = abi.encodeWithSignature("Error(string)", "expected at least 1 parameter");
-    vm.expectRevert(
-      abi.encodeWithSelector(
-        IPolicyEngine.PolicyRunError.selector, MockToken.burn.selector, address(allowPolicy), error
-      )
-    );
+    policyEngine.setExtractor(MockTokenUpgradeable.burn.selector, address(mintBurnExtractor));
+    policyEngine.addPolicy(address(token), MockTokenUpgradeable.burn.selector, address(allowPolicy), new bytes32[](0));
+    IPolicyEngine.Payload memory payload = IPolicyEngine.Payload({
+      selector: MockTokenUpgradeable.burn.selector,
+      sender: deployer,
+      data: abi.encode(account, 100),
+      context: new bytes(0)
+    });
+    bytes memory error = abi.encodeWithSignature("InvalidParameters(string)", "expected at least 1 parameter");
+    _expectRunError(address(allowPolicy), error, payload);
     token.burn(account, 100);
   }
 }