10000 Sonic USDC.e by MishaShWoof · Pull Request #153 · woof-software/comet · GitHub

More Web Proxy on the site http://driver.im/

Sonic USDC.e #153

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Open

MishaShWoof wants to merge 80 commits into main from woof-software/deploy-sonic-usdc-market

Collaborator

MishaShWoof commented

No description provided.

MishaShWoof and others added 30 commits

August 9, 2024 23:45


          feat: create comet with extended asset list

bba7d99


          feat: move new cometExt to its own contract

fc16ae0


          fix: clean up

6b62ee6


          fix: gas optimization

d06a3f6


          fix: more gas optimization

d2873ad


          fix: linter fix

5e867a0


          fix: natspec

8ab1786


          fix: more natspec

171eb7a


          Update index.ts

53f1513


          fix: remove unused iterface

8df38e6


          feat: add prepare and enact for simulation

70e8a73


          fix: fix to workflow

4c0a8f4


          Update enact-migration.yaml

c29f4b9


          fix: reverse

cf08c19


          feat: add prepare and enact workflow

71fee7b


          feat: update enact migration script

57d04f7


          feat: update enact migration script

f0c33a1


          feat: update enact migration script

df2d152


          feat: update enact migration script

92937aa


          fix: remove verification from simulatative migration

b72092c


          Merge branch 'main' of github.com:woof-software/comet into woof-softw…

ea15450

…are/collateral-extension


          feat: fixes after audit

dfe98c9


          fix: working tests

4f2ba04


          fix: no network issue resolved

e641f95


          Merge branch 'main' into woof-software/collateral-extension

986efa2


          fix: audit fixes

5c75787

fix

4e41a94


          Merge branch 'woof-software/fix-to-no-network' of github.com:woof-sof…

547e934

…tware/comet into woof-software/collateral-extension


          feat: working scenarios


          feat: migrations and working scenarios

4ba3b92

MishaShWoof and others added 27 commits

February 6, 2025 13:35


          fix: forge fix

344e8c0


          fix: forge test

091c0bc


          fix: forge test

6cd2191


          fix: scenarios

02a96fa


          Trigger actions

0707d18


          fix: remove repeatable deployments issue

ff81ff3


          fix: base usds contract support and scroll prepare fix

a82a1b0


          update Seacrest commit hash to support scroll network

6788ac6


          feat: update node version to 18 in enact script

f0db6dd


          feat: re-use 24 collaterals comet factory and asset list factory


          feat: fix prepare

acd8af0


          Merge branch 'woof-software/collateral-extension' of github.com:woof-…

dd2ffde

…software/comet into woof-software/deploy-sonic-usdc-market

wip

9e6ec49


          wip: sonic

f32a10e


          feat: sonic

21747ad


          feat: set all enacts to true

b4e3a29


          squash commit

5313f6e


          Merge branch 'woof-software/collateral-extension' of github.com:woof-…

6bc0569

…software/comet into woof-software/deploy-sonic-usdc-market


          Merge branch 'squash-sonic' of github.com:woof-software/comet into wo…

8fd82f5

…of-software/deploy-sonic-usdc-market

fix

41eef24


          Merge branch 'main' of github.com:woof-software/comet into woof-softw…

83e7e1d

…are/deploy-sonic-usdc-market


          sync main

b74ca05


          fix: workflow & clean up

76d9c79


          fix: change bridge receiver

343efc0


          Modified deployment roots from GitHub Actions

7f428ff


          Merge branch 'main' of github.com:woof-software/comet into woof-softw…

b61bfb5

…are/deploy-sonic-usdc-market


          fix: merge fix

572cd72

github-advanced-security bot found potential problems

View reviewed changes

contracts/bridges/sonic/Delegator.sol Outdated

Comment on lines 31 to 35

+                  function initialize(address _timelock, address _bridge) external {
+                      require(timelock == address(0), "already initialized");
+                      timelock = _timelock;
+                      bridge = _bridge;
+                  }

Check failure

Code scanning / Semgrep OSS

Semgrep Finding: compound.solidity.lack-of-revert-alreadyinitialized Error

Function initialize() doesn't have AlreadyInitialized revert

contracts/bridges/sonic/Delegator.sol Fixed Show fixed Hide fixed

contracts/bridges/sonic/Delegator.sol Fixed Show fixed Hide fixed

contracts/bridges/sonic/Delegator.sol

+                  /// @param to The address to send the claimed tokens to
+                  /// @dev This function can only be called by the contract itself
+                  function setClaimData(uint256 id, address token, uint256 amount, address l2Token, address to) external {
+                      require(msg.sender == address(this), "only delegator");

Check notice

Code scanning / Semgrep OSS

Semgrep Finding: rules.solidity.performance.use-custom-error-not-require Note

Consider using custom errors as they are more gas efficient while allowing developers
to describe the error in detail using NatSpec.

contracts/bridges/sonic/Delegator.sol

+                  /// @param values The values to send with each call
+                  /// @dev This function can only be called by the timelock contract
+                  function call(address[] calldata targets, bytes[] calldata callDatas, uint256[] calldata values) external payable {
+                      require(msg.sender == timelock, "only timelock");

Check notice

Code scanning / Semgrep OSS

Semgrep Finding: rules.solidity.performance.use-custom-error-not-require Note

Consider using custom errors as they are more gas efficient while allowing developers
to describe the error in detail using NatSpec.

contracts/bridges/sonic/Delegator.sol

+                  function call(address[] calldata targets, bytes[] calldata callDatas, uint256[] calldata values) external payable {
+                      require(msg.sender == timelock, "only timelock");
+                      require(targets.length == callDatas.length && targets.length == values.length, "targets and data length mismatch");
+                      for (uint i = 0; i < targets.length; i++) {

Check notice

Code scanning / Semgrep OSS

Semgrep Finding: rules.solidity.performance.unnecessary-checked-arithmetic-in-loop Note

A lot of times there is no risk that the loop counter can overflow.
Using Solidity's unchecked block saves the overflow checks.

contracts/bridges/sonic/Delegator.sol

+                  function call(address[] calldata targets, bytes[] calldata callDatas, uint256[] calldata values) external payable {
+                      require(msg.sender == timelock, "only timelock");
+                      require(targets.length == callDatas.length && targets.length == values.length, "targets and data length mismatch");
+                      for (uint i = 0; i < targets.length; i++) {

Check notice

Code scanning / Semgrep OSS

Semgrep Finding: rules.solidity.performance.use-prefix-increment-not-postfix Note

Consider using the prefix increment expression whenever the return value is not needed.
The prefix increment expression is cheaper in terms of gas.

contracts/bridges/sonic/Delegator.sol

+                      require(msg.sender == timelock, "only timelock");
+                      require(targets.length == callDatas.length && targets.length == values.length, "targets and data length mismatch");
+                      for (uint i = 0; i < targets.length; i++) {
+                          (bool success, bytes memory returnData) = targets[i].call{value: values[i]}(callDatas[i]);

Check failure

Code scanning / Semgrep OSS

Semgrep Finding: rules.solidity.security.arbitrary-low-level-call Error

An attacker may perform call() to an arbitrary address with controlled calldata

contracts/bridges/sonic/Delegator.sol

+                          (bool success, bytes memory returnData) = targets[i].call{value: values[i]}(callDatas[i]);
+                          if (!success) {
+                              // revert with the original error message from the call
+                              if (returnData.length > 0) {

Check notice

Code scanning / Semgrep OSS

Semgrep Finding: rules.solidity.performance.array-length-outside-loop Note

Caching the array length outside a loop saves reading it on each iteration, as long as the array's length is not changed during the loop.

contracts/bridges/sonic/Delegator.sol Fixed Show fixed Hide fixed


          fix: review

e55ac48

github-advanced-security bot found potential problems

View reviewed changes

contracts/bridges/sonic/Delegator.sol

+                  /// @notice Emitted when contract is initialized
+                  event  Initialized(address indexed timelock, address indexed bridge);
+                  /// @notice Emitted when the claim data is set
+                  event ClaimDataSet(uint256 id, address token, uint256 amount, address l2Token, address to);

Check warning

Code scanning / Semgrep OSS

Semgrep Finding: compound.solidity.lack-of-indexed-parameter Warning

Event parameters with type 'address' should be indexed

contracts/bridges/sonic/Delegator.sol

+                  /// @notice Emitted when the claim data is set
+                  event ClaimDataSet(uint256 id, address token, uint256 amount, address l2Token, address to);
+                  /// @notice Emitted when the claim is executed
+                  event ClaimExecuted(uint256 id, address token, uint256 amount, address l2Token, address to);

Check warning

Code scanning / Semgrep OSS

Semgrep Finding: compound.solidity.lack-of-indexed-parameter Warning

Event parameters with type 'address' should be indexed

contracts/bridges/sonic/Delegator.sol

+                  /// @notice Emitted when the claim is executed
+                  event ClaimExecuted(uint256 id, address token, uint256 amount, address l2Token, address to);
+                  /// @notice Emitted when a call is executed
+                  event CallExecuted(address target, bytes data, uint256 value);

Check warning

Code scanning / Semgrep OSS

Semgrep Finding: compound.solidity.lack-of-indexed-parameter Warning

Event parameters with type 'address' should be indexed

contracts/bridges/sonic/Delegator.sol

+                  /// @param _timelock Address of the timelock contract that this contract will receive messages from
+                  /// @param _bridge Address of the bridge contract that this contract will send funds to
+                  function initialize(address _timelock, address _bridge) external {
+                      require(timelock == address(0), "already initialized");

Check notice

Code scanning / Semgrep OSS

Semgrep Finding: rules.solidity.performance.use-custom-error-not-require Note

Consider using custom errors as they are more gas efficient while allowing developers
to describe the error in detail using NatSpec.

contracts/bridges/sonic/Delegator.sol

+                                      revert(add(32, returnData), returndata_size)
+                                  }
+                              } else {
+                                  revert("Delegator: call failed");

Check notice

Code scanning / Semgrep OSS

Semgrep Finding: rules.solidity.performance.use-custom-error-not-require Note

Consider using custom errors as they are more gas efficient while allowing developers
to describe the error in detail using NatSpec.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

0