chore(deployments): add Sepolia deployment artifacts#4001
Open
lionakhnazarov wants to merge 14 commits into
Open
chore(deployments): add Sepolia deployment artifacts#4001lionakhnazarov wants to merge 14 commits into
lionakhnazarov wants to merge 14 commits into
Conversation
This was referenced May 25, 2026
lionakhnazarov
force-pushed
the
stack/testnet4-03-deployment-artifacts
branch
from
72b052e to
5b40e26
Compare
lionakhnazarov
force-pushed
the
stack/testnet4-02-solidity-logic
branch
from
cef3185 to
e1bca45
Compare
|
Important Review skippedAuto reviews are disabled on base/target branches other than the default branch. Please check the settings in the CodeRabbit UI or the ⚙️ Run configurationConfiguration used: defaults Review profile: CHILL Plan: Pro Plus Run ID: You can disable this status message by setting the Use the checkbox below for a quick retry:
✨ Finishing Touches🧪 Generate unit tests (beta)
Comment |
piotr-roslaniec
force-pushed
the
stack/testnet4-03-deployment-artifacts
branch
from
9ade31f to
5b40e26
Compare
1 task
lionakhnazarov
added a commit
that referenced
this pull request
Jun 4, 2026
…4014) ## Context Follow-up to PR #4001. Carries the gitignore-only hygiene commits that previously rode on top of #4001's Sepolia artifacts so #4001 can stay scoped to the deployment-snapshot work it advertises. Subsequent commits on this branch will apply the deploy/config fixes raised in review of #4001 (etherscan mainnet guard, HardhatUserConfig typing, Sepolia named-accounts documentation, etc.) so logic deltas land here rather than in the artifacts PR. ## What Changed - gitignore \`gasReporterOutput.json\` in both \`solidity/ecdsa\` and \`solidity/random-beacon\` (regenerated each test run). - gitignore Yarn Berry runtime state (\`.yarn/install-state.gz\`, \`.yarn/cache/\`, \`.yarn/build-state.yml\`) in \`solidity/random-beacon\` to match the ecdsa package. ## Test Plan - [ ] \`yarn install\` in both packages does not surface new untracked files under the gitignored paths.
…apshots Adds refreshed deployment JSON artifacts and gas outputs for ecdsa/random-beacon and removes stale random-beacon export snapshot to keep generated outputs in sync. Co-authored-by: Cursor <cursoragent@cursor.com>
hardhat-gas-reporter regenerates this file on every test run, producing noisy diffs whenever gas costs shift. Both packages already ignore `cache/` and `build/`; align by ignoring the gas-reporter output too and untracking the existing files.
The .yarn/install-state.gz file is regenerated by every `yarn install` and adds ~1.2 MB of binary churn to the repo. Mirror the ecdsa package convention by ignoring Yarn Berry runtime state and untracking the file.
…ation The committed export/deploy/*.js files mirror @keep-network/random-beacon's published export/deploy output. Without a regeneration command pinned in the repo, the JS bundle can drift from the sibling .ts source. Add a README spelling out origin (random-beacon's `yarn prepack`), copy step, and why the directory exists at all (resolution-order workaround for the gitignored sibling export/).
…pplication
ifaceHasFunction() already checks the ABI before the call, so the
subsequent msg.includes("No method named") branch in the catch was
unreachable defensive code coupled to ethers' error wording. Removing
both the catch wrapper in 07_approve_wallet_registry.ts and the matching
block in random-beacon's 05_approve_random_beacon_in_token_staking.ts
(plus the bundled JS mirror under ecdsa/external/random-beacon-export/).
Any genuine revert from approveApplication will now propagate, which
is the correct behavior for a deploy step.
…nfig
Switch @nomicfoundation/hardhat-verify from a conditional require() to a
static import so its type augmentation reaches HardhatUserConfig. Restore
the `: HardhatUserConfig` annotation on the config object so structural
errors in networks.*, external.*, solidity.compilers[] etc. surface at
compile time again.
DISABLE_HARDHAT_VERIFY still gates the `etherscan: { apiKey }` config
block and any verify calls inside deploy scripts; the plugin's task
registration alone is a no-op when unused.
verifyOnEtherscanOrContinue swallowed every error with no network guard, so a mainnet bytecode-mismatch (a genuine signal that the deployed bytecode does not match the artifact) would be silently logged and the deploy would continue as if verification had succeeded. The wrapper in 03_deploy_wallet_registry.ts around hre.tenderly.verify had the same shape. Both call sites now propagate the error when hre.network.name === "mainnet" and only swallow on testnets / local networks where explorer flakiness is expected. Operators who want to skip mainnet verification intentionally can still set DISABLE_HARDHAT_VERIFY=true at the deploy- script level. Add unit tests covering both branches (sepolia / hardhat / development swallow, mainnet rethrow) so future tweaks to the helper preserve the mainnet guard.
The Sepolia hardhat config sets external.deployments.sepolia to [] so the npm @threshold-network/solidity-contracts artifacts (which carry tx hashes some RPCs cannot resolve) are not loaded. The committed deployments/sepolia/ snapshot is now the sole source of upstream contracts (T, TokenStaking, RandomBeacon, RandomBeaconGovernance, ReimbursementPool). Add a script that runs first (00_log_*) listing every pre-resolved deployment, and asserts on Sepolia that the expected upstream contracts are present. Missing snapshots now fail with a clear error pointing at the missing names instead of an opaque "deployments.get returned undefined" several steps into the deploy.
…nnet skipIfAlreadyDeployed is false on every non-mainnet network so hardhat-deploy can replace EcdsaDkgValidator when bytecode changes (e.g. groupSize 100 → 3). The risk: WalletRegistry stores the validator address in its constructor args, so a fresh validator deploy without a matching WalletRegistry redeploy leaves WR pointing at the previous on-chain validator. Log a clear WARN line with the previous address whenever we replace an existing deployment, so the operator sees the divergence before the deploy proceeds. The full-redeploy script does redeploy WR, but ad-hoc runs (or partial re-runs) won't, and this is the loudest place to surface that.
…solve_reimbursement_pool
The previous silent return on hardhat/development networks pushed the
failure surface to downstream scripts that call deployments.get("TokenStaking")
and produced a less informative error. Both yarn test and yarn deploy:test
already set USE_EXTERNAL_DEPLOY=true so the threshold-network /
random-beacon external deploys provide these contracts on local networks.
The only case the silent return covered was `yarn deploy` against
hardhat without USE_EXTERNAL_DEPLOY, which would have failed downstream
anyway.
Throw now with a message that names the network and points the operator
at the expected source (USE_EXTERNAL_DEPLOY for local, deployments/sepolia
for Sepolia, ./external/mainnet for mainnet).
…mainnet Sepolia legitimately collapses deployer, governance, chaosnetOwner, and esdm to the same account index because the testnet stack is operated from a single funded key. The risk: pattern-copying this to mainnet would compromise the separation between the deploy key and governance (on mainnet, governance / chaosnetOwner / esdm share the Threshold Council multisig, but the deployer key must remain a distinct, non-Council address). Document the single-key Sepolia model directly above the namedAccounts config so readers understand the divergence, and add a mainnet-only guard in 00_log_external_deployments.ts that refuses the deploy if the deployer address collides with any of the governance roles.
…uired
Default values on test-fixture options silently route new or refactored
test files down whichever code path was the most recent default; the
previous flip (TokenStaking → Allowlist) is exactly the failure mode the
fixture should help catch, not hide. Remove the default and require
every caller to be explicit about which authorization path it exercises.
Updates the nine implicit `walletRegistryFixture()` call sites to
`walletRegistryFixture({ useAllowlist: true })` preserving their
existing behavior. The single explicit `{ useAllowlist: false }` caller
in WalletRegistry.Upgrade.test.ts is unchanged.
Auto-fixed string-quote style (template literals without interpolation back to plain double-quoted strings) and replaced two for-of loops in 00_log_external_deployments.ts with .forEach() / .filter() to satisfy the no-restricted-syntax rule. The etherscanVerification test that iterated over network names is split into two separate it() blocks because no-restricted-syntax + no-await-in-loop forbid the for-of / await pattern in tests. No behavior change.
…4014) ## Context Follow-up to PR #4001. Carries the gitignore-only hygiene commits that previously rode on top of #4001's Sepolia artifacts so #4001 can stay scoped to the deployment-snapshot work it advertises. Subsequent commits on this branch will apply the deploy/config fixes raised in review of #4001 (etherscan mainnet guard, HardhatUserConfig typing, Sepolia named-accounts documentation, etc.) so logic deltas land here rather than in the artifacts PR. ## What Changed - gitignore \`gasReporterOutput.json\` in both \`solidity/ecdsa\` and \`solidity/random-beacon\` (regenerated each test run). - gitignore Yarn Berry runtime state (\`.yarn/install-state.gz\`, \`.yarn/cache/\`, \`.yarn/build-state.yml\`) in \`solidity/random-beacon\` to match the ecdsa package. ## Test Plan - [ ] \`yarn install\` in both packages does not surface new untracked files under the gitignored paths.
lionakhnazarov
force-pushed
the
stack/testnet4-03-deployment-artifacts
branch
from
3b156d8 to
979333c
Compare
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
3 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Stack Context
This is PR 3/4 in the reorganization stack.
Base: #4000 (
stack/testnet4-02-solidity-logic)Next: #4002
What Changed
1) Added generated Sepolia deployment snapshots (ECDSA)
solidity/ecdsa/deployments/sepolia/.chainIdsolidity/ecdsa/deployments/sepolia/.migrations.jsonsolidity/ecdsa/deployments/sepolia/*.json(Allowlist, BLS, Beacon*, Ecdsa*, RandomBeacon*, ReimbursementPool, T, TokenStaking, WalletRegistry*)2) Added generated Sepolia deployment snapshots (Random Beacon)
solidity/random-beacon/deployments/sepolia/.chainIdsolidity/random-beacon/deployments/sepolia/*.json(BLS, Beacon*, RandomBeacon*, ReimbursementPool, T, TokenStaking)3) Repo hygiene
solidity/random-beacon/export.json.yarn/install-state.gz) insolidity/random-beaconto match the ecdsa package.gasReporterOutput.jsonin bothsolidity/ecdsaandsolidity/random-beacon(regenerated on every test run, not a source artifact).Why This Slice Exists
This PR intentionally isolates generated/deployment snapshot churn so logic review stays focused in adjacent PRs.
Out of Scope
Test Plan