Merge branch 'main' into LF10073-relay-bridge

.env.example

@@ -18,6 +18,7 @@ ETH_NODE_URI_GRAVITY=https://rpc.gravity.xyz	 #[pre-commit-checker: not a secret
 ETH_NODE_URI_IMMUTABLEZKEVM=https://rpc.immutable.com #[pre-commit-checker: not a secret]
 ETH_NODE_URI_KAIA=https://klaytn.drpc.org #[pre-commit-checker: not a secret]
 ETH_NODE_URI_LINEA=https://rpc.linea.build #[pre-commit-checker: not a secret]
+ETH_NODE_URI_LISK=https://rpc.api.lisk.com #[pre-commit-checker: not a secret]
 ETH_NODE_URI_MANTLE=https://rpc.mantle.xyz	 #[pre-commit-checker: not a secret]
 ETH_NODE_URI_METIS=https://metis-mainnet.public.blastapi.io #[pre-commit-checker: not a secret]
 ETH_NODE_URI_MODE=https://mainnet.mode.network #[pre-commit-checker: not a secret]
@@ -26,12 +27,13 @@ ETH_NODE_URI_MOONRIVER=https://rpc.moonriver.moonbeam.network #[pre-commit-check
 ETH_NODE_URI_OPTIMISM=https://1rpc.io/op #[pre-commit-checker: not a secret]
 ETH_NODE_URI_POLYGON=https://1rpc.io/matic #[pre-commit-checker: not a secret]
 ETH_NODE_URI_POLYGONZKEVM=https://zkevm-rpc.com #[pre-commit-checker: not a secret]
-ETH_NODE_URI_ROOTSTOCK=https://rootstock.drpc.org #[pre-commit-checker: not a secret].io
-ETH_NODE_URI_SEI=https://evm-rpc.sei-apis.com #[pre-commit-checker: not a secret].io
-ETH_NODE_URI_SCROLL=https://1rpc.io/scroll #[pre-commit-checker: not a secret].io
-ETH_NODE_URI_TAIKO=https://rpc.taiko.tools #[pre-commit-checker: not a secret].io
-ETH_NODE_URI_XLAYER=https://rpc.xlayer.tech #[pre-commit-checker: not a secret].io
-ETH_NODE_URI_ZKSYNC=https://zksync2-mainnet.zksync #[pre-commit-checker: not a secret].io
+ETH_NODE_URI_ROOTSTOCK=https://rootstock.drpc.org #[pre-commit-checker: not a secret]
+ETH_NODE_URI_SEI=https://evm-rpc.sei-apis.com #[pre-commit-checker: not a secret]
+ETH_NODE_URI_SCROLL=https://1rpc.io/scroll #[pre-commit-checker: not a secret]
+ETH_NODE_URI_TAIKO=https://rpc.taiko.tools #[pre-commit-checker: not a secret]
+ETH_NODE_URI_WORLDCHAIN=https://worldchain-mainnet.g.alchemy.com/public #[pre-commit-checker: not a secret]
+ETH_NODE_URI_XLAYER=https://rpc.xlayer.tech #[pre-commit-checker: not a secret]
+ETH_NODE_URI_ZKSYNC=https://zksync2-mainnet.zksync #[pre-commit-checker: not a secret]
 
 # Testnet RPCs
 ETH_NODE_URI_GOERLI=https://rpc.ankr.com/eth_goerli #[pre-commit-checker: not a secret]
@@ -59,6 +61,7 @@ GRAVITY_ETHERSCAN_API_KEY=
 IMMUTABLEZKEVM_ETHERSCAN_API_KEY=
 KAIA_ETHERSCAN_API_KEY=
 LINEA_ETHERSCAN_API_KEY=
+LISK_ETHERSCAN_API_KEY=
 MANTLE_ETHERSCAN_API_KEY=
 METIS_ETHERSCAN_API_KEY=
 MODE_ETHERSCAN_API_KEY=
@@ -69,6 +72,7 @@ POLYGON_ETHERSCAN_API_KEY=
 POLYGONZKEVM_ETHERSCAN_API_KEY=
 SCROLL_ETHERSCAN_API_KEY=
 SEI_ETHERSCAN_API_KEY=
+WORLDCHAIN_ETHERSCAN_API_KEY=
 XLAYER_ETHERSCAN_API_KEY=
 TAIKO_ETHERSCAN_API_KEY=
 

.github/pull_request_template.md

@@ -7,6 +7,7 @@
 - [ ] I have performed a self-review of my code
 - [ ] This pull request is as small as possible and only tackles one problem
 - [ ] I have added tests that cover the functionality / test the bug
+- [ ] For new facets: I have checked all points from this list: https://www.notion.so/lifi/New-Facet-Contract-Checklist-157f0ff14ac78095a2b8f999d655622e
 - [ ] I have updated any required documentation
 
 # Checklist for reviewer (DO NOT DEPLOY and contracts BEFORE CHECKING THIS!!!)

.github/workflows/diamondEmergencyPause.yml

@@ -65,6 +65,7 @@ jobs:
           ETH_NODE_URI_IMMUTABLEZKEVM: ${{ secrets.ETH_NODE_URI_IMMUTABLEZKEVM }}
           ETH_NODE_URI_KAIA: ${{ secrets.ETH_NODE_URI_KAIA }}
           ETH_NODE_URI_LINEA: ${{ secrets.ETH_NODE_URI_LINEA }}
+          ETH_NODE_URI_LISK: ${{ secrets.ETH_NODE_URI_LISK }}
           ETH_NODE_URI_MANTLE: ${{ secrets.ETH_NODE_URI_MANTLE }}
           ETH_NODE_URI_METIS: ${{ secrets.ETH_NODE_URI_METIS }}
           ETH_NODE_URI_MODE: ${{ secrets.ETH_NODE_URI_MODE }}
@@ -78,6 +79,7 @@ jobs:
           ETH_NODE_URI_SCROLL: ${{ secrets.ETH_NODE_URI_SCROLL }}
           ETH_NODE_URI_SEI: ${{ secrets.ETH_NODE_URI_SEI }}
           ETH_NODE_URI_TAIKO: ${{ secrets.ETH_NODE_URI_TAIKO }}
+          ETH_NODE_URI_WORLDCHAIN: ${{ secrets.ETH_NODE_URI_WORLDCHAIN }}
           ETH_NODE_URI_XLAYER: ${{ secrets.ETH_NODE_URI_XLAYER }}
           ETH_NODE_URI_ZKSYNC: ${{ secrets.ETH_NODE_URI_ZKSYNC }}
           PRIVATE_KEY_PAUSER_WALLET: ${{ secrets.PRIV_KEY_PAUSER_WALLET }}

.github/workflows/enforceTestCoverage.yml

@@ -24,7 +24,7 @@ jobs:
       ETH_NODE_URI_ARBITRUM: ${{ secrets.ETH_NODE_URI_ARBITRUM }}
       ETH_NODE_URI_BSC: ${{ secrets.ETH_NODE_URI_BSC }}
       ETH_NODE_URI_GNOSIS: ${{ secrets.ETH_NODE_URI_GNOSIS }}
-      MIN_TEST_COVERAGE: 74 # = 74% line coverage
+      MIN_TEST_COVERAGE: ${{ secrets.MIN_TEST_COVERAGE }}
     steps:
       - uses: actions/[email protected]
 

.github/workflows/forge.yml

@@ -46,7 +46,7 @@ jobs:
         run: forge install
 
       - name: Run forge tests (with auto-repeat in case of error)
-        uses: Wandalen/[email protected].0
+        uses: Wandalen/[email protected].2
         with:
           command: forge test --evm-version 'shanghai'
           attempt_limit: 10

.github/workflows/protectAuditLabels.yml

@@ -4,15 +4,14 @@
 # - Will fail if it runs into an error, otherwise pass
 # - Will skip checks if the PR was just approved or set from draft to "ready for review" state
 
-
 name: Protect Audit Labels
 
 on:
   pull_request:
     types: [labeled, unlabeled, synchronize, review_requested, ready_for_review]
 
   pull_request_review:
-      types: [submitted]
+    types: [submitted]
 jobs:
   protect_audit_labels:
     runs-on: ubuntu-latest
@@ -93,3 +92,4 @@ jobs:
             echo -e "\033[32mUnauthorized label modification was successfully prevented and undone.\033[0m"
           else
             echo -e "\033[32mNo protected labels were modified.\033[0m"
+          fi

.github/workflows/protectSecurityRelevantCode.yml

@@ -6,8 +6,8 @@ name: Protect security-critical code/system
 # - protects the pre-commit checker script stored in .husky/pre-commit
 
 on:
-  pull_request:
-    types: [opened, synchronize, reopened, ready_for_review]
+  pull_request_review:
+    types: [submitted]
 
 jobs:
   protect-critical-code:

.github/workflows/types.yaml

@@ -10,111 +10,179 @@ jobs:
   generate-tag:
     runs-on: ubuntu-latest
     permissions:
-      contents: read
+      contents: write # Needed to push new tags
 
     steps:
-      - name: Checkout contracts repository
-        uses: actions/checkout@v4
+      # Step 1: Checkout the contracts repository
+      - name: Checkout Contracts Repository
+        uses: actions/[email protected]
         with:
           ref: ${{ env.BRANCH_NAME }}
 
+      # Step 2: Install Foundry
       - name: Install Foundry
         uses: foundry-rs/foundry-toolchain@v1
 
-      - name: Install Solidity Libs
+      # Step 3: Install Solidity Libraries
+      - name: Install Solidity Libraries
         run: forge install
 
+      # Step 4: Setup Node.js
       - name: Setup Node.js
         uses: actions/[email protected]
         with:
           node-version: 20
 
-      - name: Install Node deps
+      # Step 5: Install Node.js dependencies
+      - name: Install Node Dependencies
         run: yarn install
 
+      # Step 6: Generate ABI from contracts
       - name: Generate ABI
         run: yarn abi:generate
 
-      - name: Generate types bindings
+      # Step 7: Generate TypeScript bindings from ABI
+      - name: Generate TypeScript Bindings
         run: yarn typechain
 
-      - name: Checkout lifi-contract-types repository
-        uses: actions/checkout@v4
+      # Step 8: Checkout the lifi-contract-types repository
+      - name: Checkout lifi-contract-types Repository
+        uses: actions/[email protected]
         with:
           repository: lifinance/lifi-contract-types
           path: lifi-contract-types
           ssh-key: ${{ secrets.SSH_REPO_TOKEN }}
           ref: main
 
-      - name: Copy types bindings
+      # Step 9: Copy generated types and ABI into the lifi-contract-types repo
+      - name: Copy Type Bindings and ABI
         run: |
-          rm -r lifi-contract-types/src/
-          mv typechain lifi-contract-types/src
+          rm -rf lifi-contract-types/src/
+          mkdir -p lifi-contract-types/src
+          cp -r typechain/* lifi-contract-types/src/
           cp diamond.json lifi-contract-types/dist/
 
-      - name: Build contract types
+      - name: Verify File Status (for debugging)
+        run: |
+          cd lifi-contract-types
+          git status
+
+      # Step 10: Build the lifi-contract-types project
+      - name: Build Contract Types
         run: cd lifi-contract-types && yarn install && yarn build
 
-      - name: Retrieve latest Tag
+      # Step 11: Retrieve the latest tag from the repository
+      - name: Retrieve Latest Tag
         id: latest_release
         run: |
-          # fetch tag releases
-          release_json=$(curl https://api.github.com/repos/lifinance/lifi-contract-types/tags)
+          # Fetch tags from the lifi-contract-types repository
+          RELEASE_JSON=$(curl https://api.github.com/repos/lifinance/lifi-contract-types/tags)
 
-          # get the latest tag
-          LATEST_TAG=$(echo "$release_json" | jq -r '.[0].name')
+          # Extract the latest tag name
+          LATEST_TAG=$(echo "$RELEASE_JSON" | jq -r '.[0].name')
 
-          # we need to make sure that on staging we're going to update a -beta version, if any
+          # Handle beta versions for non-main branches
           if [[ "$BRANCH_NAME" != "main" ]]; then
-            # if it has already "-beta", no other action is required, since it means
-            # that we're already going to update the latest staging release
             if [[ "$LATEST_TAG" != *"beta"* ]]; then
-              # otherwise, start looping through the tags and search for the latest -beta tag
-              while read item; do
-                tag_name=$(jq -r '.name' <<< "$item")
-                # check if there's already a latest tag beta release
-                # and, if present, use it instead of the main one
-                # if we end up without any latest beta tag, we will create a beta release from the latest tag
-                if [[ "$tag_name" == "$LATEST_TAG-$beta"* ]]; then
-                  LATEST_TAG=$tag_name
+              while read ITEM; do
+                TAG_NAME=$(jq -r '.name' <<< "$ITEM")
+                if [[ "$TAG_NAME" == "$LATEST_TAG-$beta"* ]]; then
+                  LATEST_TAG=$TAG_NAME
                   break
                 fi
-              done <<<$(echo "$release_json" | jq -c -r '.[]')
+              done <<<$(echo "$RELEASE_JSON" | jq -c -r '.[]')
             fi
           fi
-          echo "latest tag: $LATEST_TAG"
-          echo "LATEST_TAG=${LATEST_TAG}" >> $GITHUB_ENV
 
-      - name: Update version
+          # Check if LATEST_TAG is empty or null
+          if [[ -z "$LATEST_TAG" || "$LATEST_TAG" == "null" ]]; then
+            echo "ERROR: No latest tag found in the repository."
+            exit 1
+          fi
+
+          # Validate semver format
+          if [[ ! "$LATEST_TAG" =~ ^v?[0-9]+\.[0-9]+\.[0-9]+(-beta)?$ ]]; then
+            echo "ERROR: Invalid version format: $LATEST_TAG (not a valid semver format)"
+            exit 1
+          fi
+
+          echo "LATEST_TAG=$LATEST_TAG"
+          echo "LATEST_TAG=$LATEST_TAG" >> $GITHUB_ENV
+
+      # Step 12: Increment the version number based on the commit message and branch
+      - name: Update Version
+        if: ${{ success() }}
         env:
+          LATEST_TAG: ${{ env.LATEST_TAG }}
+          BRANCH_NAME: ${{ env.BRANCH_NAME }}
           MESSAGE: ${{ github.event.head_commit.message }}
         id: bump_version
-        uses: christian-draeger/[email protected]
-        with:
-          current-version: '${{ env.LATEST_TAG }}'
-          version-fragment: "${{ env.BRANCH_NAME == 'main' && (contains(env.MESSAGE, 'major') && 'major' || contains(env.MESSAGE, 'feat') && 'feature' || 'bug') || 'beta' }}"
+        run: |
+          # Remove leading "v" from LATEST_TAG for semver parsing
+          CURRENT_VERSION="${LATEST_TAG#v}"
+          echo "Current version: $CURRENT_VERSION"
+
+          VERSION_FRAGMENT=""
+
+          # Determine the type of version bump
+          if [[ "$BRANCH_NAME" == "main" ]]; then
+            if [[ "$MESSAGE" =~ "major" ]]; then
+              VERSION_FRAGMENT="major"
+            elif [[ "$MESSAGE" =~ "feat" ]]; then
+              VERSION_FRAGMENT="minor"
+            else
+              VERSION_FRAGMENT="patch"
+            fi
+          else
+            VERSION_FRAGMENT="beta"
+          fi
+
+          # Parse and increment the version
+          IFS='.' read -r MAJOR MINOR PATCH <<< "${CURRENT_VERSION//[^0-9.]/}"
+
+          if [[ "$VERSION_FRAGMENT" == "major" ]]; then
+            MAJOR=$((MAJOR + 1))
+            MINOR=0
+            PATCH=0
+          elif [[ "$VERSION_FRAGMENT" == "minor" ]]; then
+            MINOR=$((MINOR + 1))
+            PATCH=0
+          elif [[ "$VERSION_FRAGMENT" == "patch" ]]; then
+            PATCH=$((PATCH + 1))
+          elif [[ "$VERSION_FRAGMENT" == "beta" ]]; then
+            PATCH=$((PATCH + 1))
+            NEW_VERSION="${MAJOR}.${MINOR}.${PATCH}-beta"
+          else
+            NEW_VERSION="${MAJOR}.${MINOR}.${PATCH}"
+          fi
+
+          echo "New version: $NEW_VERSION"
+          echo "NEW_VERSION=$NEW_VERSION" >> $GITHUB_ENV
 
-      - name: Push tag
+      # Step 13: Push the updated version tag to the repository
+      - name: Push Updated Tag
+        if: ${{ success() }}
         env:
+          NEW_VERSION: ${{ env.NEW_VERSION }}
+          BRANCH_NAME: ${{ env.BRANCH_NAME }}
           MESSAGE: ${{ github.event.head_commit.message }}
-        if: steps.bump_version.outputs.next-version
         run: |
           cd lifi-contract-types
-          tmp=$(mktemp)
-          jq '.version="${{ steps.bump_version.outputs.next-version }}"' package.json > "$tmp" && mv "$tmp" package.json
+          TMP=$(mktemp)
+          jq '.version="${NEW_VERSION}"' package.json > "$TMP" && mv "$TMP" package.json
           git config user.name github-actions
           git config user.email [email protected]
-          echo 'Updating version from ${{ env.LATEST_TAG }} to ${{ steps.bump_version.outputs.next-version }}'
-          git add src/*
-          git add dist/*
-          git add package.json
-          git commit -m 'actions: new contracts version ${{ steps.bump_version.outputs.next-version }}'
+          echo "Updating version from $LATEST_TAG to $NEW_VERSION"
+          # git add src/*
+          # git add dist/*
+          # git add package.json
+          git add -A  # Stage all changes, including deletions
 
-          # Sanitize the commit message by removing single quotes
-          COMMIT_MSG=$(echo "$MESSAGE" | sed "s/'//g")
+          git commit -m "actions: new contracts version $NEW_VERSION"
 
-          git tag -a v${{ steps.bump_version.outputs.next-version }} -m "$MESSAGE"
-          git push origin tag v${{ steps.bump_version.outputs.next-version }}
+          # Annotate and push the new tag
+          git tag -a "v$NEW_VERSION" -m "$MESSAGE"
+          git push origin tag "v$NEW_VERSION"
           if [[ "$BRANCH_NAME" == "main" ]]; then
             git push -u origin $BRANCH_NAME
           fi

.github/workflows/unreviewedPRReminder.yml

@@ -16,33 +16,45 @@ jobs:
         env: # set the GH_TOKEN environment variable here
           GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
         run: |
-          set -x
+
+
           # Use GitHub API and jq to parse the data
           PRS=$(gh api repos/lifinance/contracts/pulls -q '.[] | {number: .number, created_at: .created_at, labels: (.labels | map(.name)), draft: .draft}')
-          echo "PRS: $PRS"
+          echo "PRs found: $PRS"
           OLD_PRS=""
           while read -r PR; do
+            echo "------------------------------------------------------------------"
             PR_CREATED_AT=$(echo "$PR" | jq -r '.created_at')
             PR_NUMBER=$(echo "$PR" | jq -r '.number')
             PR_LABELS=$(echo "$PR" | jq -c '.labels')
             PR_ISDRAFT=$(echo "$PR" | jq -r '.draft')
 
+            echo "Now checking PR: $PR_NUMBER"
+            echo "PR is in DRAFT status: $PR_ISDRAFT"
+            echo "The following labels are assigned to this PR: $PR_LABELS"
+
+
             # Continue loop if the PR is draft
             if [[ "$PR_ISDRAFT" == "true" ]]; then
+              echo "skipping this PR cause it is in draft mode"
               continue
             fi
 
             # Continue loop if the PR has the label "WIP"
             if echo "$PR_LABELS" | grep -q "WIP"; then
+              echo "skipping this PR cause it is labeled with 'WIP'"
               continue
             fi
-            # Continue loop if the PR has the label "WaitForBackend"
-            if echo "$PR_LABELS" | grep -q "WaitForBackend"; then
+
+            # Continue loop if the PR has the label "waitForAudit"
+            if echo "$PR_LABELS" | grep -q "waitForAudit"; then
+              echo "skipping this PR cause it is labeled with 'waitForAudit'"
               continue
             fi
 
-            # Continue loop if the PR has the label "WaitForBackend"
-            if echo "$PR_LABELS" | grep -q "WaitForBackend"; then
+            # Continue loop if the PR has the label "waitForBackend"
+            if echo "$PR_LABELS" | grep -q "waitForBackend"; then
+              echo "skipping this PR cause it is labeled with 'waitForBackend'"
               continue
             fi