DO NOT MERGE: zksync deploy branch #4761
Conversation
### Description - feat: oct 25 deployment batch - apechain, arbitrumnova, b3, fantom, gravity, harmony, kaia, morph, orderly, snaxchain - deployed as normal - zeronetwork, zksync - deployed from special zksync branch containing txfusion's changes + latest `main` pulled in - #4761 ### Drive-by changes - igp updates ### Related issues n/a ### Backward compatibility yes ### Testing manual using local CLI from this branch, no tx fusion changes required for hyperlane send or self-relay to work
Codecov ReportAll modified and coverable lines are covered by tests ✅
Additional details and impacted files@@ Coverage Diff @@
## main #4761 +/- ##
=======================================
Coverage 74.58% 74.58%
=======================================
Files 103 103
Lines 1515 1515
Branches 195 195
=======================================
Hits 1130 1130
Misses 364 364
Partials 21 21
|
![github-advanced-security[bot]](https://avatars.githubusercontent.com/in/57789?s=60&v=4){kind=small}
| @@ -0,0 +1,9 @@ | |||
| // SPDX-License-Identifier: MIT OR Apache-2.0 | |||
| pragma solidity >=0.8.0; | |||
Check notice
Code scanning / Olympix Integrated Security
Using an unbounded pragma for Solidity version may be unsafe if future versions introduce breaking changes. For more information, visit: http://detectors.olympixdevsectools.com/article/web3-vulnerability/unbounded-pragma
| @@ -0,0 +1,130 @@ | |||
| // SPDX-License-Identifier: MIT OR Apache-2.0 | |||
| pragma solidity >=0.8.0; | |||
Check notice
Code scanning / Olympix Integrated Security
Using an unbounded pragma for Solidity version may be unsafe if future versions introduce breaking changes. For more information, visit: http://detectors.olympixdevsectools.com/article/web3-vulnerability/unbounded-pragma
| AbstractMerkleRootMultisigIsm, | ||
| AbstractStorageMultisigIsm | ||
| { | ||
| uint8 public constant moduleType = |
Check notice
Code scanning / Olympix Integrated Security
Some state variables are not being fuzzed in test functions, potentially leaving vulnerabilities unexplored. For more information, visit: http://detectors.olympixdevsectools.com/article/web3-vulnerability/unfuzzed-variables
| AbstractMessageIdMultisigIsm, | ||
| AbstractStorageMultisigIsm | ||
| { | ||
| uint8 public constant moduleType = |
Check notice
Code scanning / Olympix Integrated Security
Some state variables are not being fuzzed in test functions, potentially leaving vulnerabilities unexplored. For more information, visit: http://detectors.olympixdevsectools.com/article/web3-vulnerability/unfuzzed-variables
| uint8(IInterchainSecurityModule.Types.MESSAGE_ID_MULTISIG); | ||
|
|
||
| constructor( | ||
| address[] memory _validators, |
Check notice
Code scanning / Olympix Integrated Security
Parameters passed to a constructor that are not validated for correct values may lead to contract creation in an undesired state. For more information, visit: http://detectors.olympixdevsectools.com/article/web3-vulnerability/no-parameter-validation-in-constructor
|
|
||
| constructor( | ||
| address[] memory _validators, | ||
| uint8 _threshold |
Check notice
Code scanning / Olympix Integrated Security
Parameters passed to a constructor that are not validated for correct values may lead to contract creation in an undesired state. For more information, visit: http://detectors.olympixdevsectools.com/article/web3-vulnerability/no-parameter-validation-in-constructor
| } | ||
|
|
||
| contract StorageMerkleRootMultisigIsmFactory is StorageMultisigIsmFactory { | ||
| address internal immutable _implementation; |
Check notice
Code scanning / Olympix Integrated Security
Some state variables are not being fuzzed in test functions, potentially leaving vulnerabilities unexplored. For more information, visit: http://detectors.olympixdevsectools.com/article/web3-vulnerability/unfuzzed-variables
| } | ||
|
|
||
| contract StorageMessageIdMultisigIsmFactory is StorageMultisigIsmFactory { | ||
| address internal immutable _implementation; |
Check notice
Code scanning / Olympix Integrated Security
Some state variables are not being fuzzed in test functions, potentially leaving vulnerabilities unexplored. For more information, visit: http://detectors.olympixdevsectools.com/article/web3-vulnerability/unfuzzed-variables
Signed-off-by: pbio <10051819+paulbalaji@users.noreply.github.com>
Signed-off-by: pbio <10051819+paulbalaji@users.noreply.github.com>
| address[] public validators; | ||
| uint8 public threshold; | ||
|
|
||
| event ValidatorsAndThresholdSet(address[] validators, uint8 threshold); |
Check warning
Code scanning / Olympix Integrated Security
Test functions fail to assert the emission of expected events, potentially missing critical contract behaviors. For more information, visit: http://detectors.olympixdevsectools.com/article/web3-vulnerability/missing-events-assertion
| uint8 public constant moduleType = | ||
| uint8(IInterchainSecurityModule.Types.MERKLE_ROOT_MULTISIG); | ||
|
|
||
| constructor( |
Check warning
Code scanning / Olympix Integrated Security
Test functions fail to thoroughly test all aspects of contract constructors, potentially missing critical initialization issues. For more information, visit: http://detectors.olympixdevsectools.com/article/web3-vulnerability/incomplete-constructor-tests
| uint8 public constant moduleType = | ||
| uint8(IInterchainSecurityModule.Types.MESSAGE_ID_MULTISIG); | ||
|
|
||
| constructor( |
Check warning
Code scanning / Olympix Integrated Security
Test functions fail to thoroughly test all aspects of contract constructors, potentially missing critical initialization issues. For more information, visit: http://detectors.olympixdevsectools.com/article/web3-vulnerability/incomplete-constructor-tests
| * @notice Emitted when a multisig module is deployed | ||
| * @param module The deployed ISM | ||
| */ | ||
| event ModuleDeployed(address module); |
Check warning
Code scanning / Olympix Integrated Security
Test functions fail to assert the emission of expected events, potentially missing critical contract behaviors. For more information, visit: http://detectors.olympixdevsectools.com/article/web3-vulnerability/missing-events-assertion
| contract StorageMerkleRootMultisigIsmFactory is StorageMultisigIsmFactory { | ||
| address internal immutable _implementation; | ||
|
|
||
| constructor() { |
Check warning
Code scanning / Olympix Integrated Security
Test functions fail to thoroughly test all aspects of contract constructors, potentially missing critical initialization issues. For more information, visit: http://detectors.olympixdevsectools.com/article/web3-vulnerability/incomplete-constructor-tests
| contract StorageMessageIdMultisigIsmFactory is StorageMultisigIsmFactory { | ||
| address internal immutable _implementation; | ||
|
|
||
| constructor() { |
Check warning
Code scanning / Olympix Integrated Security
Test functions fail to thoroughly test all aspects of contract constructors, potentially missing critical initialization issues. For more information, visit: http://detectors.olympixdevsectools.com/article/web3-vulnerability/incomplete-constructor-tests
Signed-off-by: pbio <10051819+paulbalaji@users.noreply.github.com>
### Description - deploy to abstracttestnet, treasuretopaz - standard deployments from this branch - zksync deployments themselves done from #4761 ### Drive-by changes - testnet igp - fix validator announce script, should only be skipping `lumia` ### Related issues <!-- - Fixes #[issue number here] --> ### Backward compatibility <!-- Are these changes backward compatible? Are there any infrastructure implications, e.g. changes that would prohibit deploying older commits using this infra tooling? Yes/No --> ### Testing manual --------- Signed-off-by: pbio <10051819+paulbalaji@users.noreply.github.com>
Signed-off-by: pbio <10051819+paulbalaji@users.noreply.github.com>
Description
Drive-by changes
too many
Related issues
Backward compatibility
Testing
manual