SOME ONE IS STEALING MY CRYPTO#1
Open
caraabearzz wants to merge 2102 commits into
Open
Conversation
* fix(evm): sync gas params when updating executor spec * fix: make clippy happy --------- Co-authored-by: Mablr <59505383+mablr@users.noreply.github.com>
chore: bump forge-std version used for tests Co-authored-by: zerosnacks <95942363+zerosnacks@users.noreply.github.com>
Co-authored-by: Mablr <59505383+mablr@users.noreply.github.com>
…14391) * feat(anvil): add `debug_traceBlockByHash` and `debug_traceBlockByNumber` RPC endpoints Implement the two missing geth debug_ block tracing endpoints that trace all transactions in a block at once, returning per-tx results. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com> * fix: fmt --------- Co-authored-by: Claude Opus 4.6 (1M context) <noreply@anthropic.com> Co-authored-by: Mablr <59505383+mablr@users.noreply.github.com>
* chore: remove tempo fork support Tempo is now fully upstream in the main Foundry repo, so the separate network handling is no longer needed. * Apply suggestion from @zerosnacks Update Foundryup version * warn when foundryup --network is ignored * Update foundryup/foundryup Co-authored-by: zerosnacks <95942363+zerosnacks@users.noreply.github.com> * Update foundryup/foundryup Co-authored-by: zerosnacks <95942363+zerosnacks@users.noreply.github.com> --------- Co-authored-by: zerosnacks <95942363+zerosnacks@users.noreply.github.com>
* fix(lint): add missing visit methods to LateLintVisitor * fix(lint): dispatch deprecated nested late lint hooks * fix(lint): use by-value nested late lint hooks * test(lint): cover late visitor hooks --------- Co-authored-by: figtracer <me@figtracer.com>
remove network: tempo from template
…espace (#14414) * feat(anvil): RPC methods for tempo's `TipFeeManager` in`anvil_*` namespace * feat(anvil): add tests + mint TIP20 tokens to admin before adding FeeAMM liquidity --------- Co-authored-by: zerosnacks <95942363+zerosnacks@users.noreply.github.com>
* refactor(cli): unify `NetworkVariant` with `NetworkConfigs` * chore: clean-ups + tests * fix: after fig's review * fix: skip serialization if `network` is `None`
pin to foundry-wallets release
) * fix(config): respect custom Etherscan URL in cast/forge commands Amp-Thread-ID: https://ampcode.com/threads/T-019db9f9-01dd-729a-9f7a-ed150aabf130 Co-authored-by: Amp <amp@ampcode.com> Co-authored-by: Gustavo Figueiredo <me@figtracer.com> * fix lint * fix clippy * chore: update Cargo.lock Co-authored-by: Amp <amp@ampcode.com> Amp-Thread-ID: https://ampcode.com/threads/T-019db9f9-01dd-729a-9f7a-ed150aabf130 * fix: update Cargo.lock from upstream base Amp-Thread-ID: https://ampcode.com/threads/T-019db9f9-01dd-729a-9f7a-ed150aabf130 Co-authored-by: Amp <amp@ampcode.com> --------- Co-authored-by: Amp <amp@ampcode.com> Co-authored-by: Gustavo Figueiredo <me@figtracer.com>
* feat(common): add MPP WebSocket transport * docs * use alloy's wsbakcend::from_socket * use main repo * remove patches * bump rustls-webpki * fix: only use `MppWsConnect` when MPP key is available * fix: install default rustls crypto provider * fix: clean imports * fix: MPP known host check * fix: MPP only if known endpoint && key available --------- Co-authored-by: Mablr <59505383+mablr@users.noreply.github.com>
* fix(script): preserve exit reason in failed revert decode * test(script): cover exit reason output in script failures * fix(script): initialize exit_reason in ScriptResult default --------- Co-authored-by: Mablr <59505383+mablr@users.noreply.github.com>
Co-authored-by: Amp <amp@ampcode.com>
* feat(lint): add incorrect ERC20 interface lint * test(lint): cover direct-name IERC20 case * fix(lint): revert IncorrectERC20Interface test to use empty IERC20 base Expanding IERC20 with full function signatures caused solc compilation failures (Error 4822: Overriding function return types differ) because IERC20Incorrect inherits from IERC20 and overrides with incompatible return types. Revert to the empty-base pattern used by IncorrectERC721Interface. Amp-Thread-ID: https://ampcode.com/threads/T-019dbb72-89c7-740d-b6cf-b87a1509d3e3 Co-authored-by: Amp <amp@ampcode.com> * test: clarify incorrect ERC20 interface fixtures * test: align ERC20 fixture with ERC721 --------- Co-authored-by: zerosnacks <95942363+zerosnacks@users.noreply.github.com> Co-authored-by: Amp <amp@ampcode.com>
* fix(cheatcodes): reject nested debug trace recording * test(cheatcodes): restore RecordDebugTrace formatting
* deps: bump tempo to TIP-1016 (rev 2e6e9d1) Patches revm to bluealloy/revm@a1a1824 and op-revm to foundry-rs/op-revm@66388e6 for the InitialAndFloorGas handler change. Patches reth-core to paradigmxyz/reth-core@6b12498 for the Bytecode::new_analyzed unsafe change. Adds gas_limit() and state_gas_used() to AnvilStorageProvider to satisfy the updated PrecompileStorageProvider trait. Co-authored-by: 0xrusowsky <90208954+0xrusowsky@users.noreply.github.com> Co-authored-by: grandizzy <38490174+grandizzy@users.noreply.github.com> Amp-Thread-ID: https://ampcode.com/threads/T-019d97c8-3033-770a-bd6c-714c2a8393d5 * fix: resolve CI failures from patched revm - Replace deprecated OpCode::new_unchecked with new_or_unknown - Add gas_refunded field to PrecompileOutput struct literals - Allow foundry-rs/op-revm and paradigmxyz/reth-core git sources in deny.toml Co-Authored-By: 0xrusowsky <90208954+0xrusowsky@users.noreply.github.com> Co-Authored-By: grandizzy <38490174+grandizzy@users.noreply.github.com> Amp-Thread-ID: https://ampcode.com/threads/T-019d97c8-3033-770a-bd6c-714c2a8393d5 * fix: align revm/op-revm/tempo revs with tip1016 branch Updates patch revisions to match tempo/tip1016 HEAD: - revm: a1a1824 → ea8d1f5 - op-revm: 66388e6 → 780b812 - tempo: 2e6e9d1 → 4092dfe Fixes CreateInputs::new reservoir parameter for the new revm. Co-Authored-By: 0xrusowsky <90208954+0xrusowsky@users.noreply.github.com> Co-Authored-By: grandizzy <38490174+grandizzy@users.noreply.github.com> Amp-Thread-ID: https://ampcode.com/threads/T-019d97c8-3033-770a-bd6c-714c2a8393d5 * fix: pin tempo to tip1016 HEAD (807b57c) Tempo's [patch.crates-io] now includes all revm sub-crates, preventing the invariant workflow's patch propagation from clobbering foundry's patches. Co-Authored-By: 0xrusowsky <90208954+0xrusowsky@users.noreply.github.com> Co-Authored-By: grandizzy <38490174+grandizzy@users.noreply.github.com> Amp-Thread-ID: https://ampcode.com/threads/T-019d97c8-3033-770a-bd6c-714c2a8393d5 * bump to later commit in https://github.com/tempoxyz/tempo/pull/2684/commits * chore: bump revm 37→38, tempo crates to tip1016 head - revm 37.0.0 → 38.0.0 (crates.io release, no more git patches) - revm-inspectors 0.38.1 → 0.39.0 - alloy-evm 0.32.0 → 0.33.1 - tempo crates rev f873f0e → c095527 (tip1016 head) - foundry-fork-db, op-revm, foundry-rs/optimism bumped via branches - fix OpCode::new_or_unknown → new_unchecked (API change in revm 38) - add missing Evm::cfg_env impl (new trait method in alloy-evm 0.33.1) Co-Authored-By: 0xrusowsky <90208954+0xrusowsky@users.noreply.github.com> * bump alloy-evm dep to 0.33.2 * chore: bump revm v38 using upstream OP * fix: deny.toml * fix(deps): merge conflict rustls * style: drop cmnt Co-authored-by: zerosnacks <95942363+zerosnacks@users.noreply.github.com> * fix: restore cargo-shear --------- Co-authored-by: Derek Cofausper <256792747+decofe@users.noreply.github.com> Co-authored-by: grandizzy <38490174+grandizzy@users.noreply.github.com> Co-authored-by: zerosnacks <zerosnacks@protonmail.com> Co-authored-by: Federico Gimenez <federico.gimenez@gmail.com> Co-authored-by: zerosnacks <95942363+zerosnacks@users.noreply.github.com>
Group minor and patch version updates per ecosystem into single PRs to reduce PR noise. Major version bumps still get individual PRs for careful review. Before: up to 15 PRs/week (5 per ecosystem) After: up to 6 PRs/week (1 grouped + 1 major per ecosystem, worst case) Amp-Thread-ID: https://ampcode.com/threads/T-019dbe78-a376-7248-a549-6ddbe2c960d4 Co-authored-by: George Niculae <george@gxn3ql7y5j.tail388b2e.ts.net> Co-authored-by: Amp <amp@ampcode.com>
Co-authored-by: Copilot <copilot@github.com>
Bumps the actions-weekly group with 4 updates: [peter-evans/create-pull-request](https://github.com/peter-evans/create-pull-request), [github/codeql-action](https://github.com/github/codeql-action), [taiki-e/install-action](https://github.com/taiki-e/install-action) and [taiki-e/cache-cargo-install-action](https://github.com/taiki-e/cache-cargo-install-action). Updates `peter-evans/create-pull-request` from 8.1.0 to 8.1.1 - [Release notes](https://github.com/peter-evans/create-pull-request/releases) - [Commits](peter-evans/create-pull-request@c0f553f...5f6978f) Updates `github/codeql-action` from 4.35.1 to 4.35.2 - [Release notes](https://github.com/github/codeql-action/releases) - [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md) - [Commits](github/codeql-action@c10b806...95e58e9) Updates `taiki-e/install-action` from 2.75.16 to 2.75.17 - [Release notes](https://github.com/taiki-e/install-action/releases) - [Changelog](https://github.com/taiki-e/install-action/blob/main/CHANGELOG.md) - [Commits](taiki-e/install-action@a2352fc...58e8625) Updates `taiki-e/cache-cargo-install-action` from 3.0.5 to 3.0.6 - [Release notes](https://github.com/taiki-e/cache-cargo-install-action/releases) - [Changelog](https://github.com/taiki-e/cache-cargo-install-action/blob/main/CHANGELOG.md) - [Commits](taiki-e/cache-cargo-install-action@a8b9ecf...f9eed3e) --- updated-dependencies: - dependency-name: peter-evans/create-pull-request dependency-version: 8.1.1 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: actions-weekly - dependency-name: github/codeql-action dependency-version: 4.35.2 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: actions-weekly - dependency-name: taiki-e/install-action dependency-version: 2.75.17 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: actions-weekly - dependency-name: taiki-e/cache-cargo-install-action dependency-version: 3.0.6 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: actions-weekly ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
) The deployment cost for CounterWithFallback changed from 132471 to 132459 after #14420 started properly syncing gas parameters when updating the executor spec via set_spec_id. Amp-Thread-ID: https://ampcode.com/threads/T-019dbea7-a331-7269-80a8-b935a7bdaa49 Co-authored-by: Amp <amp@ampcode.com>
* feat: log broken invariant as soon as it is found * fix * nest failure counts inside metrics
….23.0, foundry-fork-db to 0.26.0 (#14443) * chore: bump foundry-compilers to 0.20.0 Amp-Thread-ID: https://ampcode.com/threads/T-019dbf04-adac-755f-b685-5fa64d792acb Co-authored-by: Amp <amp@ampcode.com> * chore: bump foundry-compilers to 0.20.0, foundry-block-explorers to 0.23.0 Amp-Thread-ID: https://ampcode.com/threads/T-019dbf01-f2de-711e-8edf-581a979f9f0d Co-authored-by: Amp <amp@ampcode.com> * chore: bump foundry-fork-db to 0.26.0 Amp-Thread-ID: https://ampcode.com/threads/T-019dbf01-f2de-711e-8edf-581a979f9f0d Co-authored-by: Amp <amp@ampcode.com> * chore: enable zstd feature for foundry-fork-db Co-authored-by: Amp <amp@ampcode.com> Amp-Thread-ID: https://ampcode.com/threads/T-019dbf01-f2de-711e-8edf-581a979f9f0d --------- Co-authored-by: Amp <amp@ampcode.com>
deprecate unmaintained devcontainer
update link
…#14625) * fix(cheatcodes): innermost as reverter for nested CREATE chain revert `create_end` mirrors `call_end` * fix: comments consistency after merge conflict * fix: fig's remark on CREATE2 * fix: forge fmt * docs(cheatcodes): clarify reverter semantics for nested CREATE chains - vm.rs: add a shared note on expectRevert(address) explaining that the matched reverter is the address of the innermost reverting frame (called address for CALL, would-be deployed address for CREATE/CREATE2), with the same rule per iteration when count > 1. Cross-reference from the other reverter-bearing overloads (incl. expectPartialRevert). - inspector.rs: tighten the create_end comment to spell out that the divergence from call_end is intentional for count > 1 (innermost wins per iteration) and document why outcome.address can be None. - regenerated cheatcodes.json. Co-authored-by: Amp <amp@ampcode.com> Amp-Thread-ID: https://ampcode.com/threads/T-019e0187-eea7-711f-a192-20ff5d36c4e0 * fix: modify `call_end` to match `create_end` logic * Revert "fix: modify `call_end` to match `create_end` logic" This reverts commit 65039fa. * docs(cheatcodes): clarify nested reverter count semantics --------- Co-authored-by: Amp <amp@ampcode.com> Co-authored-by: zerosnacks <95942363+zerosnacks@users.noreply.github.com> Co-authored-by: Matthias Seitz <matthias.seitz@outlook.de>
* feat(edge-cov): log comparison operands * feat(edge-cov): gate expanded cmp operands * feat(fuzz): carry evm cmp logs through results * feat(fuzz): feed evm cmp operands into dictionary * feat(fuzz): classify evm cmp sites * feat(fuzz): bias abi mutations to dictionary values * test(fuzz): cover evm cmp dictionary candidates * fix(fuzz): satisfy cmp log clippy checks * fix(fuzz): refine evm cmp dictionary typing * perf(fuzz): reduce evm cmp log overhead * fix(fuzz): derive evm cmp logging from corpus mode * feat(fuzz): replace evm cmp dictionary with input-to-state corpus mutation Drops the global EVM cmp operand dictionary path and instead records per-call cmp operand pairs on each corpus entry, then patches matching bytes in calldata (LibAFL-style I2S) as a new mutation strategy. Amp-Thread-ID: https://ampcode.com/threads/T-019e25fc-1c2e-756a-ad61-4ed5acfc3319 Co-authored-by: Amp <amp@ampcode.com> * chore(fuzz): drop dictionary-era leftovers around evm cmp log Removes the cmp-site classification (CmpKind enum, signed/width fields), reverts collect_typed_cmp_values back to its sancov-only (u8, B256) signature, drops the unused replace_param_value_from_state helper, and removes the now-unused shared_state arg on single_fuzz. Amp-Thread-ID: https://ampcode.com/threads/T-019e25fc-1c2e-756a-ad61-4ed5acfc3319 Co-authored-by: Amp <amp@ampcode.com> --------- Co-authored-by: grandizzy <38490174+grandizzy@users.noreply.github.com> Co-authored-by: Amp <amp@ampcode.com>
Co-authored-by: Matthias Seitz <matthias.seitz@outlook.de>
* fix(lint): cover delegatecall-loop followups * fix(lint): address delegatecall-loop review feedback
* feat(cast): add `cast keychain doctor` to diagnose access-key signing failures
Walks the entire access-key signing path step-by-step and reports exactly
which step would fail in plain English, as a green checklist. The first
hard failure turns red and the doctor short-circuits; soft failures
(spending limit reached, scope denied, fee-token balance zero) print a
yellow warning and continue.
Checks (ordered):
1. Local key registry — `~/.tempo/wallet/keys.toml` lookup
2. RPC reachability — `eth_chainId`
3. Chain ID match — local entry chain matches RPC
4. On-chain key state — `AccountKeychain.getKey`
5. Not revoked — `info.isRevoked`
6. Expiry — `info.expiry` vs now
7. Spending limits — `getRemainingLimitWithPeriod` (T3) or
`getRemainingLimit` (pre-T3)
8. Allowed calls — `getAllowedCalls` + TIP-1011 matching for
an optional `--to`/`--selector`/`--recipient`
9. Fee-token balance — `balanceOf(rootAccount)`
CLI:
cast keychain doctor [KEY_ADDRESS]
[--root-account <addr>] [--to <addr>] [--selector <sel>]
[--recipient <addr>] [--fee-token <addr>] --rpc-url <url>
Reuses `TempoProviderExt`, `tempo::read_tempo_keys_file`, and the existing
formatting/parsing helpers in `keychain.rs`. New `match_allowed_call` is
extracted so TIP-1011 matching is unit-tested independently of any RPC.
Refs OSS-160.
Amp-Thread-ID: https://ampcode.com/threads/T-019e266e-46d9-77fe-b2a6-07895c3ca5de
Co-authored-by: Amp <amp@ampcode.com>
* fix(cast): rustfmt + clippy uninlined-format-args; note doctor follow-ups
Apply nightly cargo fmt reflows. Inline a single `format!` arg to satisfy
`clippy::uninlined-format-args` (-D warnings).
Add an in-source TODO listing the access-key signing path bits the doctor
cannot diagnose today, with links to the in-flight upstream stacks that
will close them: foundry#14743 / foundry-core#67 / foundry-browser-wallet#67
(`KeyAuthorization` signing), and notes for TIP-1009 expiring nonce and
`fee_payer_signature` sponsorship.
Amp-Thread-ID: https://ampcode.com/threads/T-019e266e-46d9-77fe-b2a6-07895c3ca5de
Co-authored-by: Amp <amp@ampcode.com>
* fix(cast): complete keychain doctor diagnostics
* fix(cast): expose keychain doctor fee-token flag
* fix(cast): harden keychain doctor for agents
* address zerosnacks' comments
* fix(cast): satisfy keychain clippy lint
Amp-Thread-ID: https://ampcode.com/threads/T-019e4006-bb51-74af-878b-7f1aed6d45c5
Co-authored-by: Amp <amp@ampcode.com>
* fix(cast): remove redundant keychain status scope
---------
Co-authored-by: Amp <amp@ampcode.com>
Co-authored-by: zerosnacks <95942363+zerosnacks@users.noreply.github.com>
* feat(lint): add weak-prng lint
* fix(lint): satisfy weak-prng clippy
* fix(lint): address weak-prng review nits
* fix(lint): address weak-prng review feedback
* fix(lint): address weak-prng follow-up feedback
* fix(lint): address weak-prng review comments
* fix(lint): tighten weak-prng time-bucket exemption
Restrict the time-bucket false-positive exemption so it only suppresses
warnings for 'block.timestamp % <constant>=1 day, whole-day multiple>'.
- Make is_timestamp_time_bucket asymmetric (LHS only); reversed forms
like '1 days % block.timestamp' now warn.
- Drop is_time_subdenomination and fold the subdenomination multiplier
into const_eval_u64 so sub-day buckets ('1 minutes', '10 minutes')
are no longer silently exempt (matching the existing '% 60' / '% 600'
behavior).
- Update docs and add positive tests.
Amp-Thread-ID: https://ampcode.com/threads/T-019e44f9-5a09-75bf-aa1c-11a8b10c822e
Co-authored-by: Amp <amp@ampcode.com>
* style(lint): rustfmt weak-prng imports
Amp-Thread-ID: https://ampcode.com/threads/T-019e44f9-5a09-75bf-aa1c-11a8b10c822e
Co-authored-by: Amp <amp@ampcode.com>
---------
Co-authored-by: zerosnacks <95942363+zerosnacks@users.noreply.github.com>
Co-authored-by: Amp <amp@ampcode.com>
* feat(lint): add shared analysis helpers for Solidity lints * refactor(lint): trim analysis helpers to used set and migrate consumers * preserve original receiver_contract_id matching * comments --------- Co-authored-by: zerosnacks <95942363+zerosnacks@users.noreply.github.com>
* feat(cast): migrate `cast vaddr` e2e tests from CI shell script Replaces the shell-based `cast vaddr` checks removed from the Tempo CI script with nextest tests under `vaddr_e2e::`. Accounts are derived from `handle.dev_wallets()` rather than hardcoded constants. * fix: make clippy happy * fix: apply fig's suggestions * fix: typo
* perf(fuzz): remove locks from invariant dictionaries * test(fuzz): relax invariant output snapshots * Address invariant fuzz review comments * Drain preflight fuzz dictionary values --------- Co-authored-by: 0xalpharush <87383155+0xalpharush@users.noreply.github.com> Co-authored-by: grandizzy <38490174+grandizzy@users.noreply.github.com> Co-authored-by: Mablr <59505383+mablr@users.noreply.github.com>
Co-authored-by: Matthias Seitz <matthias.seitz@outlook.de>
…al_bool` warning (#14851)
* fix(anvil): honor epoch slots for safe/finalized tags * fix(anvil): restore gas, trace, nonce, and env behavior --------- Co-authored-by: Mablr <59505383+mablr@users.noreply.github.com>
…14855) go-ethereum rejects transactions where r or s are zero with "invalid transaction v, r, s values".
Co-authored-by: Mablr <59505383+mablr@users.noreply.github.com>
…14770) * feat(cli): add --introspect for machine-readable command discovery * tighten --introspect contract: provenance flags, pre-parse hardening, smoke tests, spec cleanup * hoist command_id walk into CommandInfo method * move check_introspect/check_markdown_help before setup() * fix(cli): address introspect review (decouple capabilities_declared, robust pre-parse scan, scope docs) * fix(cli): address introspect review round 2 * fix(cli): expose root/default invocation args in --introspect * typo
* fix(cast): resolve tempo expiry in helper commands * cast: move tempo expiry helper
Co-authored-by: Mablr <59505383+mablr@users.noreply.github.com> Co-authored-by: steven <corderosteven6@gmail.com> Co-authored-by: stevencartavia <112043913+stevencartavia@users.noreply.github.com>
* feat(lint): add locked-ether lint
* docs
* clippy
* docs(lint): drop invalid delegatecall{value: x} from locked-ether examples
Amp-Thread-ID: https://ampcode.com/threads/T-019e1fc6-903a-70bb-bd52-7271752b538f
Co-authored-by: Amp <amp@ampcode.com>
* clarify comment
* bail locked-ether on inline assembly to avoid false negatives
* fix: ui bless
* fix: lint scope
* locked-ether reachability and entry filtering
* fix(lint): tighten locked-ether receiver type, modifier revert, and overload resolution checks
* resolve against call-site contract's linearization
* narrow overload candidates by argument types
* don't count self-sends as exits
* infer receiver type through fields, indexing, returns, ternaries
* cover diamond super, send/value receivers, opaque dispatch
* resolve member-call return types in locked-ether type inference
* scope locked-ether to effective dispatch surface and split ctor/runtime inflows
* fix(lint): locked-ether — skip always-reverting funcs as exits and scope ctor inflow to leaf
* fix(lint): locked-ether — virtual-dispatch overrides, path-sensitive revert, self-cast unwrap
* fix(lint): handle locked-ether helper dispatch edge cases
---------
Co-authored-by: Amp <amp@ampcode.com>
Co-authored-by: Mablr <59505383+mablr@users.noreply.github.com>
Co-authored-by: zerosnacks <95942363+zerosnacks@users.noreply.github.com>
Co-authored-by: Matthias Seitz <matthias.seitz@outlook.de>
…e` mode (#14493) * fix(cheatcodes): propagate `vm.{fee,txGasPrice,blobhashes}` through `--isolate` Under `--isolate` / `--gas-report`, Foundry wraps each top-level test call in a synthetic inner transaction (`InspectorStackRefMut::transact_inner`) that zeroes `block.basefee` and `tx.gas_price` for fee accounting, and strips EIP-4844 blob fields so revm doesn't reject the inner tx. The side effect is that BASEFEE / GASPRICE / BLOBHASH read by called contracts return 0, so cheatcode mutations like `vm.fee`, `vm.txGasPrice` and `vm.blobhashes` are invisible to inner calls. Approach: introduce opcode-level overrides in `Cheatcodes`: * `EnvOverrides { basefee, gas_price, blob_hashes, ... }` is updated by the cheatcode handlers and applied in `step_end` by replacing the top of the interpreter stack right after BASEFEE/GASPRICE/BLOBHASH execute. * `Cheatcodes::in_isolation_context` is toggled by `InspectorStackRefMut::transact_inner` around the inner `transact_raw` call. When `true`, the cheatcode handlers update only the override (preserving `tx.gas_price = 0` so a pranked zero-balance caller can still call without pre-funding `gas * gasPrice` — the original #7277 bug). Outside isolation they also mutate the real env to keep the historical behavior other code paths rely on. * In `transact_inner`, an EIP-4844 cached tx is downgraded to EIP-1559 and its blob hashes cleared so revm validation accepts `gas_price = 0`; the contract-visible BLOBHASH is restored via the override. Hardening: * `apply_env_overrides` is gated on opcode success (`bytecode.action.instruction_result()`) so a faulting BLOBHASH / OOG / underflow doesn't corrupt the failing frame. * `pending_opcode` and `pending_blobhash_index` are reset at the top of every `step` to prevent stale-state leakage when peek fails. * `replace_top_of_stack` debug-asserts on `pop` failure instead of silently growing the stack. Tests: * `testdata/default/cheats/Fee.t.sol`: `IsolatedFeeTest` covers BASEFEE seen inside a called contract. * `testdata/default/cheats/Blobhashes.t.sol`: `IsolatedBlobhashesTest` covers BLOBHASH seen inside a called contract. * `testdata/default/cheats/TxGasPrice.t.sol`: new file covering GASPRICE visibility plus the pranked-zero-balance regression. Co-authored-by: Amp <amp@ampcode.com> Co-authored-by: grandizzy <38490174+grandizzy@users.noreply.github.com> Co-authored-by: Oliver Nordbjerg <onbjerg@users.noreply.github.com> * fix: fmt * fix: docs * fix(cheatcodes): roll back `EnvOverrides` with `snapshotState`/`revertToState` `vm.fee`/`vm.txGasPrice`/`vm.blobhashes` route through `Cheatcodes::env_overrides`, which is rewritten by the BASEFEE/GASPRICE/ BLOBHASH opcodes in `step_end`. The backend snapshot mechanism only captures `db + JournaledState + EvmEnv`, so an override set after `snapshotState` survived `revertToState` and the opcode-level rewrite kept returning the post-snapshot value (in non-isolation mode the real env was rolled back, but the override won at `step_end`; in isolation mode the real env was never written and the override was the only truth). Capture `env_overrides` per snapshot id on the cheatcode inspector and restore (or clear) it from `inner_revert_to_state[_and_delete]`. Also clean up the side-table from the `deleteStateSnapshot[s]` paths. Adds regression coverage in Fee.t.sol for both isolated and non-isolated snapshot/revert flows. Co-authored-by: Amp <amp@ampcode.com> * fix: make `getBlobhashes` respect `env_overrides` after `revertToState` * fix: sync tx fields after revertToState restores env_overrides `evm_clone`/`set_evm` only save/restore cfg+block, not tx. When `vm.blobhashes`/`vm.txGasPrice` mutated both `env_overrides` and the real tx, reverting to a snapshot taken before any override left `tx.blob_versioned_hashes`/`tx.gas_price` stale. The new `sync_tx_after_env_override_restore` helper brings them back into sync after every `revertToState`/`revertToStateAndDelete`. Also adds tests for the `snapshot -> B -> revert` (no prior A) scenario for both `vm.blobhashes` and `vm.txGasPrice`, and updates a stale comment in `EnvOverrides` that claimed `vm.getBlobhashes()` returned the pre-isolation value (fixed in the prior commit). * fix: restore pre-override `gas_price` and `tx_type` on `revertToState` * fix: blob hashes * fix: blob hashes round 2 + rust testing * fix: scope overrides per fork to prevent bleed across `vm.selectFork` * perf: skip `fork_id` lookup in `step`/`step_end` when no `env_overrides` --------- Co-authored-by: grandizzy <38490174+grandizzy@users.noreply.github.com> Co-authored-by: Oliver Nordbjerg <onbjerg@users.noreply.github.com> Co-authored-by: Amp <amp@ampcode.com> Co-authored-by: zerosnacks <95942363+zerosnacks@users.noreply.github.com>
Co-authored-by: stevencartavia <112043913+stevencartavia@users.noreply.github.com>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
20 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Motivation
Solution
PR Checklist