Initial project setup: Add contracts, API definitions, tests, and documentation

- Add Foundry project configuration (foundry.toml, foundry.lock) - Add Solidity contracts (TokenFactory138, BridgeVault138, ComplianceRegistry, etc.) - Add API definitions (OpenAPI, GraphQL, gRPC, AsyncAPI) - Add comprehensive test suite (unit, integration, fuzz, invariants) - Add API services (REST, GraphQL, orchestrator, packet service) - Add documentation (ISO20022 mapping, runbooks, adapter guides) - Add development tools (RBC tool, Swagger UI, mock server) - Update OpenZeppelin submodules to v5.0.0
2025-12-12 10:59:41 -08:00
parent 26b5aaf932
commit 651ff4f7eb
281 changed files with 24813 additions and 2 deletions
--- a/script/helpers/Config.sol
+++ b/script/helpers/Config.sol
@@ -0,0 +1,25 @@
+// SPDX-License-Identifier: MIT
+pragma solidity ^0.8.20;
+
+library Config {
+    struct DeploymentConfig {
+        address governanceAdmin;
+        address tokenDeployer;
+        address policyOperator;
+        address complianceOperator;
+        address debtAuthority;
+        address enforcementOperator;
+        address bridgeOperator;
+    }
+
+    struct TokenDeploymentConfig {
+        string name;
+        string symbol;
+        uint8 decimals;
+        address issuer;
+        uint8 defaultLienMode; // 1 = hard, 2 = encumbered
+        bool bridgeOnly;
+        address bridge;
+    }
+}
+
--- a/script/helpers/EnvValidation.sol
+++ b/script/helpers/EnvValidation.sol
@@ -0,0 +1,104 @@
+// SPDX-License-Identifier: MIT
+pragma solidity ^0.8.20;
+
+import "forge-std/Script.sol";
+
+/**
+ * @title EnvValidation
+ * @notice Library for validating environment variables in deployment scripts
+ * @dev Provides helper functions to validate private keys, addresses, and RPC URLs
+ */
+library EnvValidation {
+    error InvalidPrivateKey();
+    error InvalidAddress(string name);
+    error InvalidRPCURL();
+    error MissingEnvironmentVariable(string name);
+
+    /**
+     * @notice Validates that a private key is set and has correct format
+     * @dev Checks that PRIVATE_KEY env var is set and is a valid hex string (64 chars without 0x)
+     * @param key The private key string from environment
+     */
+    function validatePrivateKey(string memory key) internal pure {
+        bytes memory keyBytes = bytes(key);
+        
+        // Check minimum length (64 hex chars = 32 bytes)
+        if (keyBytes.length < 64) {
+            revert InvalidPrivateKey();
+        }
+        
+        // Remove 0x prefix if present
+        uint256 start = 0;
+        if (keyBytes.length >= 2 && keyBytes[0] == '0' && (keyBytes[1] == 'x' || keyBytes[1] == 'X')) {
+            start = 2;
+        }
+        
+        // Check remaining length (must be 64 hex chars = 32 bytes)
+        if (keyBytes.length - start != 64) {
+            revert InvalidPrivateKey();
+        }
+        
+        // Validate hex characters
+        for (uint256 i = start; i < keyBytes.length; i++) {
+            bytes1 char = keyBytes[i];
+            if (!((char >= 0x30 && char <= 0x39) || // 0-9
+                  (char >= 0x41 && char <= 0x46) || // A-F
+                  (char >= 0x61 && char <= 0x66))) { // a-f
+                revert InvalidPrivateKey();
+            }
+        }
+    }
+
+    /**
+     * @notice Validates that an address is not zero
+     * @param addr The address to validate
+     * @param name Name of the variable for error messages
+     */
+    function validateAddress(address addr, string memory name) internal pure {
+        if (addr == address(0)) {
+            revert InvalidAddress(name);
+        }
+    }
+
+
+    /**
+     * @notice Validates that an RPC URL is set and has correct format
+     * @param url The RPC URL string
+     */
+    function validateRPCURL(string memory url) internal pure {
+        bytes memory urlBytes = bytes(url);
+        
+        if (urlBytes.length == 0) {
+            revert InvalidRPCURL();
+        }
+        
+        // Check for http:// or https:// prefix
+        bool hasValidPrefix = false;
+        if (urlBytes.length >= 7) {
+            bytes memory prefix = new bytes(7);
+            for (uint256 i = 0; i < 7; i++) {
+                prefix[i] = urlBytes[i];
+            }
+            string memory prefixStr = string(prefix);
+            if (keccak256(bytes(prefixStr)) == keccak256(bytes("http://"))) {
+                hasValidPrefix = true;
+            }
+        }
+        if (!hasValidPrefix && urlBytes.length >= 8) {
+            bytes memory prefix = new bytes(8);
+            for (uint256 i = 0; i < 8; i++) {
+                prefix[i] = urlBytes[i];
+            }
+            string memory prefixStr = string(prefix);
+            if (keccak256(bytes(prefixStr)) == keccak256(bytes("https://"))) {
+                hasValidPrefix = true;
+            }
+        }
+        
+        if (!hasValidPrefix) {
+            revert InvalidRPCURL();
+        }
+    }
+
+}
+
--- a/script/helpers/Roles.sol
+++ b/script/helpers/Roles.sol
@@ -0,0 +1,14 @@
+// SPDX-License-Identifier: MIT
+pragma solidity ^0.8.20;
+
+library Roles {
+    bytes32 public constant GOVERNANCE_ADMIN_ROLE = keccak256("GOVERNANCE_ADMIN_ROLE");
+    bytes32 public constant TOKEN_DEPLOYER_ROLE = keccak256("TOKEN_DEPLOYER_ROLE");
+    bytes32 public constant POLICY_OPERATOR_ROLE = keccak256("POLICY_OPERATOR_ROLE");
+    bytes32 public constant ISSUER_ROLE = keccak256("ISSUER_ROLE");
+    bytes32 public constant ENFORCEMENT_ROLE = keccak256("ENFORCEMENT_ROLE");
+    bytes32 public constant COMPLIANCE_ROLE = keccak256("COMPLIANCE_ROLE");
+    bytes32 public constant DEBT_AUTHORITY_ROLE = keccak256("DEBT_AUTHORITY_ROLE");
+    bytes32 public constant BRIDGE_OPERATOR_ROLE = keccak256("BRIDGE_OPERATOR_ROLE");
+}
+