@rev-net/core-v6 0.0.8 → 0.0.10

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (62) hide show
  1. package/ADMINISTRATION.md +186 -0
  2. package/ARCHITECTURE.md +87 -0
  3. package/README.md +8 -6
  4. package/RISKS.md +49 -0
  5. package/SKILLS.md +24 -10
  6. package/STYLE_GUIDE.md +558 -0
  7. package/docs/src/README.md +2 -2
  8. package/foundry.toml +9 -6
  9. package/package.json +12 -9
  10. package/remappings.txt +1 -1
  11. package/script/Deploy.s.sol +4 -3
  12. package/script/helpers/RevnetCoreDeploymentLib.sol +1 -1
  13. package/src/REVDeployer.sol +103 -76
  14. package/src/REVLoans.sol +14 -4
  15. package/src/interfaces/IREVDeployer.sol +2 -1
  16. package/src/structs/REV721TiersHookFlags.sol +14 -0
  17. package/src/structs/REVBaseline721HookConfig.sol +27 -0
  18. package/src/structs/REVDeploy721TiersHookConfig.sol +2 -2
  19. package/test/REV.integrations.t.sol +4 -3
  20. package/test/REVAutoIssuanceFuzz.t.sol +12 -8
  21. package/test/{REVDeployerAuditRegressions.t.sol → REVDeployerRegressions.t.sol} +4 -3
  22. package/test/REVInvincibility.t.sol +23 -25
  23. package/test/REVInvincibilityHandler.sol +1 -0
  24. package/test/REVLifecycle.t.sol +4 -4
  25. package/test/REVLoans.invariants.t.sol +5 -3
  26. package/test/REVLoansAttacks.t.sol +7 -10
  27. package/test/REVLoansFeeRecovery.t.sol +4 -5
  28. package/test/REVLoansFindings.t.sol +644 -0
  29. package/test/{REVLoansAuditRegressions.t.sol → REVLoansRegressions.t.sol} +14 -25
  30. package/test/REVLoansSourced.t.sol +7 -4
  31. package/test/REVLoansUnSourced.t.sol +4 -3
  32. package/test/{TestPR26_BurnHeldTokens.t.sol → TestBurnHeldTokens.t.sol} +4 -3
  33. package/test/{TestPR27_CEIPattern.t.sol → TestCEIPattern.t.sol} +6 -5
  34. package/test/{TestPR15_CashOutCallerValidation.t.sol → TestCashOutCallerValidation.t.sol} +4 -5
  35. package/test/{TestPR09_ConversionDocumentation.t.sol → TestConversionDocumentation.t.sol} +4 -3
  36. package/test/{TestPR13_CrossSourceReallocation.t.sol → TestCrossSourceReallocation.t.sol} +4 -3
  37. package/test/TestEmptyBuybackSpecs.t.sol +4 -3
  38. package/test/{TestPR12_FlashLoanSurplus.t.sol → TestFlashLoanSurplus.t.sol} +4 -3
  39. package/test/{TestPR22_HookArrayOOB.t.sol → TestHookArrayOOB.t.sol} +4 -3
  40. package/test/{TestPR10_LiquidationBehavior.t.sol → TestLiquidationBehavior.t.sol} +7 -6
  41. package/test/{TestPR11_LowFindings.t.sol → TestLowFindings.t.sol} +4 -3
  42. package/test/{TestPR32_MixedFixes.t.sol → TestMixedFixes.t.sol} +4 -3
  43. package/test/TestSplitWeightAdjustment.t.sol +445 -0
  44. package/test/TestSplitWeightE2E.t.sol +528 -0
  45. package/test/TestSplitWeightFork.t.sol +780 -0
  46. package/test/TestStageTransitionBorrowable.t.sol +4 -3
  47. package/test/{TestPR29_SwapTerminalPermission.t.sol → TestSwapTerminalPermission.t.sol} +4 -3
  48. package/test/{TestPR21_Uint112Overflow.t.sol → TestUint112Overflow.t.sol} +7 -6
  49. package/test/{TestPR16_ZeroRepayment.t.sol → TestZeroRepayment.t.sol} +7 -8
  50. package/test/fork/ForkTestBase.sol +649 -0
  51. package/test/fork/TestCashOutFork.t.sol +246 -0
  52. package/test/fork/TestLoanBorrowFork.t.sol +161 -0
  53. package/test/fork/TestLoanCrossRulesetFork.t.sol +300 -0
  54. package/test/fork/TestLoanLiquidationFork.t.sol +134 -0
  55. package/test/fork/TestLoanReallocateFork.t.sol +112 -0
  56. package/test/fork/TestLoanRepayFork.t.sol +187 -0
  57. package/test/fork/TestSplitWeightFork.t.sol +186 -0
  58. package/test/mock/MockBuybackDataHook.sol +9 -9
  59. package/test/mock/MockBuybackDataHookMintPath.sol +10 -9
  60. package/test/regression/{TestI20_CumulativeLoanCounter.t.sol → TestCumulativeLoanCounter.t.sol} +9 -8
  61. package/test/regression/{TestL27_LiquidateGapHandling.t.sol → TestLiquidateGapHandling.t.sol} +9 -8
  62. package/SECURITY.md +0 -68
package/SECURITY.md DELETED
@@ -1,68 +0,0 @@
1
- # Security Considerations
2
-
3
- ## [INTEROP-6] Cross-Chain Accounting Mismatch: NATIVE_TOKEN on Non-ETH Chains
4
-
5
- **Severity:** Medium
6
- **Status:** Acknowledged — by design, not fixable without oracle dependencies
7
-
8
- ### Description
9
-
10
- When a revnet expands to a chain where the native token is not ETH (e.g., Celo where native = CELO), using `JBConstants.NATIVE_TOKEN` as the terminal accounting context and sucker token mapping creates a semantic mismatch. The protocol treats CELO payments as ETH-equivalent.
11
-
12
- ### What the Matching Hash Covers
13
-
14
- The hash computed in `REVDeployer._makeRulesetConfigurations()` ensures both sides of a cross-chain deployment agree on:
15
- - `baseCurrency`, `loans`, `name`, `ticker`, `salt`
16
- - Per stage: timing, splits, issuance, cash-out tax
17
- - Per auto-issuance: chainId, beneficiary, count
18
-
19
- ### What the Matching Hash Does NOT Cover
20
-
21
- - Terminal configurations (which tokens are accepted)
22
- - Accounting contexts (token address, decimals, currency)
23
- - Sucker token mappings (localToken → remoteToken)
24
-
25
- Two deployments can produce identical hashes while one accepts ETH-native and the other accepts CELO-native. The hash is a safety check for economic parameter alignment, not a guarantee of asset compatibility.
26
-
27
- ### Impact on Revnets
28
-
29
- 1. **Issuance mispricing** — A revnet with `baseCurrency = ETH` that accepts `NATIVE_TOKEN` on Celo prices CELO payments as ETH (1:1 without a price feed), massively overvaluing them.
30
- 2. **Surplus fragmentation** — Cash-out bonding curve on each chain only sees that chain's surplus. Token holders must bridge to the chain with more surplus for fair cash-out values.
31
- 3. **Cash-out arbitrage** — Different effective valuations across chains let arbitrageurs buy tokens cheaply on one chain and cash out on another.
32
-
33
- ### Recommended Configuration for Non-ETH Chains
34
-
35
- When deploying a revnet to Celo or other non-ETH-native chains:
36
-
37
- ```solidity
38
- // DO: Use WETH ERC20 as accounting context
39
- accountingContextsToAccept[0] = JBAccountingContext({
40
- token: WETH_ADDRESS, // e.g., 0xD221812... on Celo
41
- decimals: 18,
42
- currency: ETH_CURRENCY
43
- });
44
-
45
- // DO: Map WETH → WETH in sucker token mappings
46
- tokenMappings[0] = JBTokenMapping({
47
- localToken: WETH_ADDRESS,
48
- remoteToken: WETH_ADDRESS,
49
- minGas: 200_000,
50
- minBridgeAmount: 0.01 ether
51
- });
52
-
53
- // DON'T: Use NATIVE_TOKEN on non-ETH chains
54
- // This maps CELO → ETH which are different assets
55
- tokenMappings[0] = JBTokenMapping({
56
- localToken: JBConstants.NATIVE_TOKEN, // = CELO on Celo
57
- remoteToken: JBConstants.NATIVE_TOKEN, // = ETH on Ethereum
58
- ...
59
- });
60
- ```
61
-
62
- ### Safe Chains
63
-
64
- OP Stack L2s where native token IS ETH: Ethereum, Optimism, Base, Arbitrum.
65
-
66
- ### Affected Chains
67
-
68
- Any chain where native token ≠ ETH: Celo (CELO), Polygon (MATIC), Avalanche (AVAX), BNB Chain (BNB).