Merge branch 'main' into experimental/v1.4.1-yul-test

.env.sample

@@ -8,4 +8,12 @@ ETHERSCAN_API_KEY=""
 ERC4337_TEST_BUNDLER_URL=
 ERC4337_TEST_NODE_URL=
 ERC4337_TEST_SINGLETON_ADDRESS=
-ERC4337_TEST_SAFE_FACTORY_ADDRESS=
+ERC4337_TEST_SAFE_FACTORY_ADDRESS=
+# (Optional) Tells the test runner which Safe Singleton Contract to use for testing: Safe or SafeL2. Defaults to Safe.
+SAFE_CONTRACT_UNDER_TEST="Safe"
+# Used for compiling with different solidity testing
+SOLIDITY_VERSION= # Example: '0.8.19'
+# For running coverage tests, `details` section of solidity settings are required, else could be removed.
+SOLIDITY_SETTINGS= # Example: '{"viaIR":true,"optimizer":{"enabled":true, "details": {"yul": true, "yulDetails": { "optimizerSteps": ""}}}}'
+# Sets hardhat chain id. In general, you don't need this, it's only used for testing the SafeToL2Setup contract.
+HARDHAT_CHAIN_ID=31337

.github/workflows/certora.yml

@@ -13,20 +13,19 @@ on:
 jobs:
     verify:
         runs-on: ubuntu-latest
+        strategy:
+            matrix:
+                rule: ["owner", "safe", "module", "nativeTokenRefund", "signatures"]
 
         steps:
-            - uses: actions/checkout@v3
+            - uses: actions/checkout@v4
 
             - name: Install python
               uses: actions/setup-python@v4
               with: { python-version: 3.11 }
 
-            - name: Install java
-              uses: actions/setup-java@v3
-              with: { java-version: "17", java-package: jre, distribution: semeru }
-
-            - name: Install certora cli-beta
-              run: pip install -Iv certora-cli-beta==4.2.0
+            - name: Install certora cli
+              run: pip install -r certora/requirements.txt
 
             - name: Install solc
               run: |
@@ -41,13 +40,6 @@ jobs:
                   make munged
                   cd ..
                   echo "key length" ${#CERTORAKEY}
-                  ./certora/scripts/${{ matrix.rule }}
+                  certoraRun certora/conf/${{ matrix.rule }}.conf --wait_for_results=all
               env:
                   CERTORAKEY: ${{ secrets.CERTORA_KEY }}
-
-        strategy:
-            fail-fast: false
-            max-parallel: 16
-            matrix:
-                rule:
-                    - verifySafe.sh

.github/workflows/ci.yml

@@ -1,81 +1,84 @@
-name: safe-contracts
-on: [ push, pull_request ]
+name: safe-smart-account
+on: [push, pull_request]
+env:
+    NODE_VERSION: 20.16.0
 
 jobs:
-  tests:
-    runs-on: ubuntu-latest
-    steps:
-      - uses: actions/checkout@v2
-      - uses: actions/setup-node@v2
-        with:
-          node-version: 16.7.0
-      - uses: actions/cache@v2
-        with:
-          path: "**/node_modules"
-          key: ${{ runner.os }}-modules-${{ hashFiles('**/yarn.lock') }}
-      - run: yarn --frozen-lockfile
-      - run: yarn build
-      - run: yarn coverage
-      - name: Coveralls
-        uses: coverallsapp/github-action@master
-        with:
-          github-token: ${{ secrets.GITHUB_TOKEN }}
-  lint:
-    runs-on: ubuntu-latest
-    steps:
-      - uses: actions/checkout@v2
-      - uses: actions/setup-node@v2
-        with:
-          node-version: 16.7.0
-      - uses: actions/cache@v2
-        with:
-          path: "**/node_modules"
-          key: ${{ runner.os }}-modules-${{ hashFiles('**/yarn.lock') }}
-      - run: yarn --frozen-lockfile
-      - run: yarn lint:sol
-  tests-other:
-    runs-on: ubuntu-latest
-    strategy:
-      fail-fast: false
-      matrix:
-        contract-name: ["SafeL2"]
-    env:
-      SAFE_CONTRACT_UNDER_TEST: ${{ matrix.contract-name }}
-    steps:
-      - uses: actions/checkout@v2
-      - uses: actions/setup-node@v2
-        with:
-          node-version: 16.7.0
-      - uses: actions/cache@v2
-        with:
-          path: "**/node_modules"
-          key: ${{ runner.os }}-modules-${{ hashFiles('**/yarn.lock') }}
-      - run: yarn --frozen-lockfile
-      - run: yarn build
-      - run: yarn coverage
-      - name: Coveralls
-        uses: coverallsapp/github-action@master
-        with:
-          github-token: ${{ secrets.GITHUB_TOKEN }}
-  benchmarks:
-    runs-on: ubuntu-latest
-    strategy:
-      fail-fast: false
-      matrix:
-        solidity: ["0.7.6", "0.8.2"]
-        include:
-        - solidity: "0.8.2"
-          settings: '{"viaIR":true,"optimizer":{"enabled":true,"runs":10000}}'
-    env:
-      SOLIDITY_VERSION: ${{ matrix.solidity }}
-      SOLIDITY_SETTINGS: ${{ matrix.settings }}
-    steps:
-      - uses: actions/checkout@v2
-      - uses: actions/setup-node@v2
-        with:
-          node-version: 16.7.0
-      - uses: actions/cache@v2
-        with:
-          path: "**/node_modules"
-          key: ${{ runner.os }}-modules-${{ hashFiles('**/yarn.lock') }}
-      - run: (yarn --frozen-lockfile && yarn build && yarn hardhat codesize --contractname Safe && yarn benchmark) || echo "Benchmark failed"
+    lint-solidity:
+        runs-on: ubuntu-latest
+        steps:
+            - uses: actions/checkout@v4
+            - uses: actions/setup-node@v4
+              with:
+                  node-version: ${{ env.NODE_VERSION }}
+                  cache: "npm"
+            - run: npm ci
+            - run: npm run lint:sol:prettier
+            - run: npm run lint:sol
+
+    lint-typescript:
+        runs-on: ubuntu-latest
+        steps:
+            - uses: actions/checkout@v4
+            - uses: actions/setup-node@v4
+              with:
+                  node-version: ${{ env.NODE_VERSION }}
+                  cache: "npm"
+            - run: npm ci
+            - run: npm run lint:ts:prettier
+            - run: npm run lint:ts
+
+    tests:
+        runs-on: ubuntu-latest
+        strategy:
+            fail-fast: false
+            matrix:
+                contract-name: ["Safe", "SafeL2"]
+        env:
+            SAFE_CONTRACT_UNDER_TEST: ${{ matrix.contract-name }}
+        steps:
+            - uses: actions/checkout@v4
+            - uses: actions/setup-node@v4
+              with:
+                  node-version: ${{ env.NODE_VERSION }}
+                  cache: "npm"
+            - run: npm ci
+            - run: npm run build
+            - run: npm run coverage
+            - name: Send coverage to Coveralls (parallel)
+              uses: coverallsapp/github-action@v2
+              with:
+                  parallel: true
+                  flag-name: run-$
+                  github-token: ${{ secrets.GITHUB_TOKEN }}
+
+    finish:
+        runs-on: ubuntu-latest
+        needs: tests
+        if: ${{ always() }}
+        steps:
+            - name: Coveralls Finished
+              uses: coverallsapp/github-action@v2
+              with:
+                  parallel-finished: true
+                  carryforward: "run-Safe,run-SafeL2"
+
+    benchmarks:
+        runs-on: ubuntu-latest
+        strategy:
+            fail-fast: false
+            matrix:
+                solidity: ["0.7.6", "0.8.24"]
+                include:
+                    - solidity: "0.8.24"
+                      settings: '{"viaIR":false,"optimizer":{"enabled":true,"runs":1000000}}'
+        env:
+            SOLIDITY_VERSION: ${{ matrix.solidity }}
+            SOLIDITY_SETTINGS: ${{ matrix.settings }}
+        steps:
+            - uses: actions/checkout@v4
+            - uses: actions/setup-node@v4
+              with:
+                  node-version: ${{ env.NODE_VERSION }}
+                  cache: "npm"
+            - run: npm ci && npm run build && npx hardhat codesize --contractname Safe && npm run benchmark

.github/workflows/cla.yml

@@ -5,6 +5,12 @@ on:
   pull_request_target:
     types: [ opened, closed, synchronize ]
 
+permissions:
+  actions: write
+  contents: write
+  pull-requests: write
+  statuses: write
+
 jobs:
   CLAssistant:
     runs-on: ubuntu-latest
@@ -19,7 +25,7 @@ jobs:
           PERSONAL_ACCESS_TOKEN: ${{ secrets.PERSONAL_ACCESS_TOKEN }}
         with:
           path-to-signatures: 'signatures/version1/cla.json'
-          path-to-document: 'https://safe.global/cla/'
+          path-to-document: 'https://safe.global/cla'
           # branch should not be protected
           branch: 'cla-signatures'
           allowlist: rmeissner,Uxio0,*bot # may need to update this expression if we add new bots

.gitignore

@@ -12,6 +12,8 @@ solc
 coverage/
 coverage.json
 yarn-error.log
+typechain-types
+.vscode
 
 # Certora Formal Verification related files
 .certora_internal

.husky/pre-commit

@@ -1,21 +1,21 @@
-#!/bin/sh
-. "$(dirname "$0")/_/husky.sh"
+#!/usr/bin/env sh
+. "$(dirname -- "$0")/_/husky.sh"
 
-# Redirect output to stderr.
-exec 1>&2
-
-# prevent it.only or describe.only commited
+npm run lint:sol:prettier
+npm run lint:ts:prettier
+npm run lint:sol
+npm run lint:ts
+
+# Prevent `it.only` or `describe.only` tests commited
 if [ "$allowonlytests" != "true" ] &&
     test $(git diff --cached | grep -E "\b(it|describe).only\("  | wc -l) != 0
 then
     cat <<\EOF
 Error: Attempt to add it.only or describe.only - which may disable all other tests
- 
+
 If you know what you are doing you can disable this check using:
- 
+
     git config hooks.allowonlytests true
 EOF
     exit 1
 fi
-
-exit 0

.nvmrc

@@ -1 +1 @@
-v16.7.0
+v18.17.1

.prettierrc

@@ -1,8 +1,10 @@
 {
+    "plugins": ["prettier-plugin-solidity"],
     "overrides": [
         {
             "files": "*.sol",
             "options": {
+                "parser": "solidity-parse",
                 "printWidth": 140,
                 "tabWidth": 4,
                 "useTabs": false,

.solcover.js

@@ -1,5 +1,13 @@
 module.exports = {
-    skipFiles: ["test/Token.sol", "test/ERC20Token.sol", "test/TestHandler.sol", "test/ERC1155Token.sol"],
+    skipFiles: [
+        "test/Token.sol",
+        "test/ERC20Token.sol",
+        "test/TestHandler.sol",
+        "test/ERC1155Token.sol",
+        "test/DelegateCaller.sol",
+        "test/Test4337ModuleAndHandler.sol",
+        "test/TestNativeTokenReceiver.sol",
+    ],
     mocha: {
         grep: "@skip-on-coverage", // Find everything with this tag
         invert: true, // Run the grep's inverse set.

.solhint.json

@@ -1,6 +1,6 @@
 {
     "extends": "solhint:recommended",
-    "plugins": ["prettier"],
+    "plugins": [],
     "rules": {
         "compiler-version": "off",
         "func-visibility": [
@@ -9,10 +9,10 @@
                 "ignoreConstructors": true
             }
         ],
-        "prettier/prettier": "error",
         "not-rely-on-time": "off",
         "reason-string": "off",
         "no-empty-blocks": "off",
-        "avoid-low-level-calls": "off"
+        "avoid-low-level-calls": "off",
+        "gas-custom-errors": "off"
     }
 }