@rev-net/core-v6 0.0.36 → 0.0.39

package/test/REVLoansRegressions.t.sol

@@ -1,364 +0,0 @@
-// SPDX-License-Identifier: MIT
-pragma solidity 0.8.28;
-
-// forge-lint: disable-next-line(unaliased-plain-import)
-import "forge-std/Test.sol";
-// forge-lint: disable-next-line(unaliased-plain-import)
-import /* {*} from */ "@bananapus/core-v6/test/helpers/TestBaseWorkflow.sol";
-// import /* {*} from "@bananapus/721-hook-v6/src/JB721TiersHookDeployer.sol";
-// forge-lint: disable-next-line(unaliased-plain-import)
-import /* {*} from */ "./../src/REVDeployer.sol";
-// forge-lint: disable-next-line(unaliased-plain-import)
-import "@croptop/core-v6/src/CTPublisher.sol";
-import {MockBuybackDataHook} from "./mock/MockBuybackDataHook.sol";
-
-// forge-lint: disable-next-line(unaliased-plain-import)
-import "@bananapus/core-v6/script/helpers/CoreDeploymentLib.sol";
-// forge-lint: disable-next-line(unaliased-plain-import)
-import "@bananapus/721-hook-v6/script/helpers/Hook721DeploymentLib.sol";
-// forge-lint: disable-next-line(unaliased-plain-import)
-import "@bananapus/suckers-v6/script/helpers/SuckerDeploymentLib.sol";
-// forge-lint: disable-next-line(unaliased-plain-import)
-import "@croptop/core-v6/script/helpers/CroptopDeploymentLib.sol";
-// forge-lint: disable-next-line(unaliased-plain-import)
-import "@bananapus/router-terminal-v6/script/helpers/RouterTerminalDeploymentLib.sol";
-
-import {JBConstants} from "@bananapus/core-v6/src/libraries/JBConstants.sol";
-import {JBAccountingContext} from "@bananapus/core-v6/src/structs/JBAccountingContext.sol";
-import {REVLoans} from "../src/REVLoans.sol";
-import {REVStageConfig, REVAutoIssuance} from "../src/structs/REVStageConfig.sol";
-import {REVLoanSource} from "../src/structs/REVLoanSource.sol";
-import {REVDescription} from "../src/structs/REVDescription.sol";
-import {IREVLoans} from "./../src/interfaces/IREVLoans.sol";
-import {JBSuckerDeployerConfig} from "@bananapus/suckers-v6/src/structs/JBSuckerDeployerConfig.sol";
-import {JBSuckerRegistry} from "@bananapus/suckers-v6/src/JBSuckerRegistry.sol";
-import {JB721TiersHookDeployer} from "@bananapus/721-hook-v6/src/JB721TiersHookDeployer.sol";
-import {JB721TiersHook} from "@bananapus/721-hook-v6/src/JB721TiersHook.sol";
-import {JB721TiersHookStore} from "@bananapus/721-hook-v6/src/JB721TiersHookStore.sol";
-import {JB721CheckpointsDeployer} from "@bananapus/721-hook-v6/src/JB721CheckpointsDeployer.sol";
-import {IJB721CheckpointsDeployer} from "@bananapus/721-hook-v6/src/interfaces/IJB721CheckpointsDeployer.sol";
-import {JBAddressRegistry} from "@bananapus/address-registry-v6/src/JBAddressRegistry.sol";
-import {IJBAddressRegistry} from "@bananapus/address-registry-v6/src/interfaces/IJBAddressRegistry.sol";
-import {ERC165} from "@openzeppelin/contracts/utils/introspection/ERC165.sol";
-import {JBRuleset} from "@bananapus/core-v6/src/structs/JBRuleset.sol";
-import {JBPayHookSpecification} from "@bananapus/core-v6/src/structs/JBPayHookSpecification.sol";
-import {REVEmpty721Config} from "./helpers/REVEmpty721Config.sol";
-import {REVOwner} from "../src/REVOwner.sol";
-import {IREVDeployer} from "../src/interfaces/IREVDeployer.sol";
-import {MockSuckerRegistry} from "./mock/MockSuckerRegistry.sol";
-
-/// @notice A fake terminal that tracks whether useAllowanceOf was called.
-/// @dev REVLoans.borrowFrom does not validate source terminal registration.
-contract FakeTerminal is ERC165, IJBPayoutTerminal {
-    bool public useAllowanceCalled;
-    uint256 public lastProjectId;
-
-    function useAllowanceOf(
-        uint256 projectId,
-        address,
-        uint256,
-        uint256,
-        uint256,
-        address payable,
-        address payable,
-        string calldata
-    )
-        external
-        override
-        returns (uint256)
-    {
-        useAllowanceCalled = true;
-        lastProjectId = projectId;
-        // Return 0 - no actual funds sent
-        return 0;
-    }
-
-    function accountingContextForTokenOf(uint256, address) external pure override returns (JBAccountingContext memory) {
-        return JBAccountingContext({
-            token: JBConstants.NATIVE_TOKEN, decimals: 18, currency: uint32(uint160(JBConstants.NATIVE_TOKEN))
-        });
-    }
-
-    // Stub implementations for IJBTerminal
-    function accountingContextsOf(uint256) external pure override returns (JBAccountingContext[] memory) {
-        return new JBAccountingContext[](0);
-    }
-
-    function addAccountingContextsFor(uint256, JBAccountingContext[] calldata) external override {}
-
-    function addToBalanceOf(
-        uint256,
-        address,
-        uint256,
-        bool,
-        string calldata,
-        bytes calldata
-    )
-        external
-        payable
-        override
-    {}
-
-    function currentSurplusOf(uint256, address[] calldata, uint256, uint256) external pure override returns (uint256) {
-        return 0;
-    }
-
-    function migrateBalanceOf(uint256, address, IJBTerminal) external pure override returns (uint256) {
-        return 0;
-    }
-
-    function pay(
-        uint256,
-        address,
-        uint256,
-        address,
-        uint256,
-        string calldata,
-        bytes calldata
-    )
-        external
-        payable
-        override
-        returns (uint256)
-    {
-        return 0;
-    }
-
-    function sendPayoutsOf(uint256, address, uint256, uint256, uint256) external pure override returns (uint256) {
-        return 0;
-    }
-
-    function previewPayFor(
-        uint256,
-        address,
-        uint256,
-        address,
-        bytes calldata
-    )
-        external
-        pure
-        override
-        returns (JBRuleset memory, uint256, uint256, JBPayHookSpecification[] memory)
-    {
-        JBRuleset memory ruleset;
-        return (ruleset, 0, 0, new JBPayHookSpecification[](0));
-    }
-
-    function supportsInterface(bytes4 interfaceId) public view override(ERC165, IERC165) returns (bool) {
-        return interfaceId == type(IJBTerminal).interfaceId || interfaceId == type(IJBPayoutTerminal).interfaceId
-            || super.supportsInterface(interfaceId);
-    }
-}
-
-/// @notice Regression tests for REVLoans unvalidated source terminal.
-contract REVLoansRegressions is TestBaseWorkflow {
-    // forge-lint: disable-next-line(mixed-case-variable)
-    bytes32 REV_DEPLOYER_SALT = "REVDeployer";
-    // forge-lint: disable-next-line(mixed-case-variable)
-    bytes32 ERC20_SALT = "REV_TOKEN";
-
-    // forge-lint: disable-next-line(mixed-case-variable)
-    REVDeployer REV_DEPLOYER;
-    // forge-lint: disable-next-line(mixed-case-variable)
-    REVOwner REV_OWNER;
-    // forge-lint: disable-next-line(mixed-case-variable)
-    JB721TiersHook EXAMPLE_HOOK;
-    // forge-lint: disable-next-line(mixed-case-variable)
-    IJB721TiersHookDeployer HOOK_DEPLOYER;
-    // forge-lint: disable-next-line(mixed-case-variable)
-    IJB721TiersHookStore HOOK_STORE;
-    // forge-lint: disable-next-line(mixed-case-variable)
-    IJBAddressRegistry ADDRESS_REGISTRY;
-    // forge-lint: disable-next-line(mixed-case-variable)
-    IREVLoans LOANS_CONTRACT;
-    // forge-lint: disable-next-line(mixed-case-variable)
-    IJBSuckerRegistry SUCKER_REGISTRY;
-    // forge-lint: disable-next-line(mixed-case-variable)
-    CTPublisher PUBLISHER;
-    // forge-lint: disable-next-line(mixed-case-variable)
-    MockBuybackDataHook MOCK_BUYBACK;
-
-    // forge-lint: disable-next-line(mixed-case-variable)
-    uint256 FEE_PROJECT_ID;
-    // forge-lint: disable-next-line(mixed-case-variable)
-    uint256 REVNET_ID;
-
-    // forge-lint: disable-next-line(mixed-case-variable)
-    address USER = makeAddr("user");
-
-    address private constant TRUSTED_FORWARDER = 0xB2b5841DBeF766d4b521221732F9B618fCf34A87;
-
-    function setUp() public override {
-        super.setUp();
-
-        FEE_PROJECT_ID = jbProjects().createFor(multisig());
-
-        SUCKER_REGISTRY = new JBSuckerRegistry(jbDirectory(), jbPermissions(), multisig(), address(0));
-        HOOK_STORE = new JB721TiersHookStore();
-        EXAMPLE_HOOK = new JB721TiersHook(
-            jbDirectory(),
-            jbPermissions(),
-            jbPrices(),
-            jbRulesets(),
-            HOOK_STORE,
-            jbSplits(),
-            IJB721CheckpointsDeployer(address(new JB721CheckpointsDeployer())),
-            multisig()
-        );
-        ADDRESS_REGISTRY = new JBAddressRegistry();
-        HOOK_DEPLOYER = new JB721TiersHookDeployer(EXAMPLE_HOOK, HOOK_STORE, ADDRESS_REGISTRY, multisig());
-        PUBLISHER = new CTPublisher(jbDirectory(), jbPermissions(), FEE_PROJECT_ID, multisig());
-        MOCK_BUYBACK = new MockBuybackDataHook();
-
-        LOANS_CONTRACT = new REVLoans({
-            controller: jbController(),
-            suckerRegistry: IJBSuckerRegistry(address(new MockSuckerRegistry())),
-            revId: FEE_PROJECT_ID,
-            owner: address(this),
-            permit2: permit2(),
-            trustedForwarder: TRUSTED_FORWARDER
-        });
-
-        REV_OWNER = new REVOwner(
-            IJBBuybackHookRegistry(address(MOCK_BUYBACK)),
-            jbDirectory(),
-            FEE_PROJECT_ID,
-            SUCKER_REGISTRY,
-            address(LOANS_CONTRACT),
-            address(0)
-        );
-
-        REV_DEPLOYER = new REVDeployer{salt: REV_DEPLOYER_SALT}(
-            jbController(),
-            SUCKER_REGISTRY,
-            FEE_PROJECT_ID,
-            HOOK_DEPLOYER,
-            PUBLISHER,
-            IJBBuybackHookRegistry(address(MOCK_BUYBACK)),
-            address(LOANS_CONTRACT),
-            TRUSTED_FORWARDER,
-            address(REV_OWNER)
-        );
-
-        REV_OWNER.setDeployer(REV_DEPLOYER);
-
-        vm.prank(multisig());
-        jbProjects().approve(address(REV_DEPLOYER), FEE_PROJECT_ID);
-
-        // Deploy a revnet with loans enabled
-        _deployRevnet();
-
-        // Give user ETH
-        vm.deal(USER, 100e18);
-    }
-
-    function _deployRevnet() internal {
-        JBAccountingContext[] memory accountingContextsToAccept = new JBAccountingContext[](1);
-        accountingContextsToAccept[0] = JBAccountingContext({
-            token: JBConstants.NATIVE_TOKEN, decimals: 18, currency: uint32(uint160(JBConstants.NATIVE_TOKEN))
-        });
-
-        JBTerminalConfig[] memory terminalConfigurations = new JBTerminalConfig[](1);
-        terminalConfigurations[0] =
-            JBTerminalConfig({terminal: jbMultiTerminal(), accountingContextsToAccept: accountingContextsToAccept});
-
-        REVStageConfig[] memory stageConfigurations = new REVStageConfig[](1);
-        JBSplit[] memory splits = new JBSplit[](1);
-        splits[0].beneficiary = payable(multisig());
-        splits[0].percent = 10_000;
-
-        stageConfigurations[0] = REVStageConfig({
-            startsAtOrAfter: uint40(block.timestamp),
-            autoIssuances: new REVAutoIssuance[](0),
-            splitPercent: 0,
-            splits: splits,
-            initialIssuance: uint112(1000e18),
-            issuanceCutFrequency: 0,
-            issuanceCutPercent: 0,
-            cashOutTaxRate: 5000,
-            extraMetadata: 0
-        });
-
-        REVConfig memory revnetConfiguration = REVConfig({
-            // forge-lint: disable-next-line(named-struct-fields)
-            description: REVDescription("H6Test", "H6T", "ipfs://h6test", "H6_TOKEN"),
-            baseCurrency: uint32(uint160(JBConstants.NATIVE_TOKEN)),
-            splitOperator: multisig(),
-            stageConfigurations: stageConfigurations
-        });
-
-        vm.prank(multisig());
-        (REVNET_ID,) = REV_DEPLOYER.deployFor({
-            revnetId: FEE_PROJECT_ID,
-            configuration: revnetConfiguration,
-            terminalConfigurations: terminalConfigurations,
-            suckerDeploymentConfiguration: REVSuckerDeploymentConfig({
-                deployerConfigurations: new JBSuckerDeployerConfig[](0), salt: keccak256("H6_TEST")
-            }),
-            tiered721HookConfiguration: REVEmpty721Config.empty721Config(uint32(uint160(JBConstants.NATIVE_TOKEN))),
-            allowedPosts: REVEmpty721Config.emptyAllowedPosts()
-        });
-    }
-
-    //*********************************************************************//
-    // --- Unvalidated Source Terminal in REVLoans ---------------------- //
-    //*********************************************************************//
-
-    /// @notice Demonstrates that borrowFrom accepts any terminal without validating
-    ///         it is registered in the JBDirectory for the project.
-    /// @dev The fake terminal's useAllowanceOf is called, showing no directory check occurs.
-    ///      In production, a malicious terminal could return fake amounts or misroute funds.
-    /// @notice Verifies that borrowFrom now rejects unregistered terminals.
-    /// @dev Previously this test demonstrated the vulnerability. After the fix,
-    ///      borrowFrom reverts with REVLoans_InvalidTerminal before reaching the fake terminal.
-    function test_unvalidatedSourceTerminal() public {
-        // Step 1: User pays into the revnet to get tokens (collateral)
-        vm.prank(USER);
-        uint256 tokens = jbMultiTerminal().pay{value: 1e18}(REVNET_ID, JBConstants.NATIVE_TOKEN, 1e18, USER, 0, "", "");
-        assertGt(tokens, 0, "user should receive tokens");
-
-        // Step 2: Create a fake terminal NOT registered in the directory
-        FakeTerminal fakeTerminal = new FakeTerminal();
-
-        // Verify the fake terminal is NOT in the directory
-        IJBTerminal[] memory registeredTerminals = jbDirectory().terminalsOf(REVNET_ID);
-        bool found = false;
-        for (uint256 i = 0; i < registeredTerminals.length; i++) {
-            if (address(registeredTerminals[i]) == address(fakeTerminal)) {
-                found = true;
-            }
-        }
-        assertFalse(found, "fake terminal should NOT be in the directory");
-
-        // Step 3: Try to borrow using the fake terminal as the source.
-        // This now correctly reverts with REVLoans_InvalidTerminal.
-        REVLoanSource memory fakeSource =
-            REVLoanSource({token: JBConstants.NATIVE_TOKEN, terminal: IJBPayoutTerminal(address(fakeTerminal))});
-
-        uint256 borrowable =
-            LOANS_CONTRACT.borrowableAmountFrom(REVNET_ID, tokens, 18, uint32(uint160(JBConstants.NATIVE_TOKEN)));
-        assertGt(borrowable, 0, "should have borrowable amount");
-
-        // The borrow should revert with REVLoans_InvalidTerminal because the fake terminal
-        // is not registered in the directory. The fake terminal is never called.
-        vm.expectRevert(
-            abi.encodeWithSelector(REVLoans.REVLoans_InvalidTerminal.selector, address(fakeTerminal), REVNET_ID)
-        );
-
-        vm.prank(USER);
-        LOANS_CONTRACT.borrowFrom(REVNET_ID, fakeSource, borrowable, tokens, payable(USER), 500, USER);
-    }
-
-    /// @notice Verify that the configured loan source (real terminal) is properly registered.
-    function test_configuredSourceIsRegistered() public view {
-        // The real terminal should be in the directory
-        IJBTerminal[] memory terminals = jbDirectory().terminalsOf(REVNET_ID);
-        bool found = false;
-        for (uint256 i = 0; i < terminals.length; i++) {
-            if (address(terminals[i]) == address(jbMultiTerminal())) {
-                found = true;
-            }
-        }
-        assertTrue(found, "real terminal should be in the directory");
-    }
-}