From 93984032b8c0fb19d6922e42809fd0892da3c72f Mon Sep 17 00:00:00 2001 From: Punk 6529 <108035228+punk6529@users.noreply.github.com> Date: Wed, 10 Jun 2026 18:44:09 +0000 Subject: [PATCH 1/2] Remove dead mint accounting state --- docs/known-blockers.md | 3 ++ docs/status.md | 8 +-- ops/AUTONOMOUS_RUN.md | 92 ++++++++++++++++++++++++++++++--- ops/ROADMAP.md | 21 ++++---- ops/SLITHER_BASELINE.md | 21 +++++--- smart-contracts/IStreamCore.sol | 10 ---- smart-contracts/StreamCore.sol | 24 --------- test/README.md | 6 +++ test/StreamMintAccounting.t.sol | 55 ++++++++++++++++++++ 9 files changed, 179 insertions(+), 61 deletions(-) create mode 100644 test/StreamMintAccounting.t.sol diff --git a/docs/known-blockers.md b/docs/known-blockers.md index c8607210..9d874949 100644 --- a/docs/known-blockers.md +++ b/docs/known-blockers.md @@ -57,6 +57,9 @@ contributors who start from the README. Remaining metadata blockers include golden-file metadata tests, collection freeze manifests, immutable dependency version records, registry identity pinning, ERC-4906 signaling, burn semantics, escaping, and size limits. +- Dead public/allowlist mint-count mappings and retrieval APIs were removed + from `StreamCore`; the retained airdrop counter now has explicit regression + tests for zero initial state, authorized increments, and failed-mint rollback. - Slither high/medium findings are captured in `ops/SLITHER_BASELINE.md` and need triage before audit readiness. - Auction custody, auction bid/outbid payment, auction settlement-credit, diff --git a/docs/status.md b/docs/status.md index b6450cba..e0d8440c 100644 --- a/docs/status.md +++ b/docs/status.md @@ -12,8 +12,9 @@ The current Gate A smoke baseline proves: fixed-price pull-payment credits, curator reward claim credits, and randomness lifecycle behavior. Current emergency-withdrawal target-state tests also cover explicit emergency recipients, `StreamMinter` surplus - withdrawal, `NextGenRandomizerRNG` reserve boundaries, and dependency-script - segment-safe content hashing. + withdrawal, `NextGenRandomizerRNG` reserve boundaries, dependency-script + segment-safe content hashing, and retained airdrop mint-accounting behavior + after removal of dead public/allowlist counters. - Randomizer tests now cover request lifecycle views, callback validation, raw-output hash storage, failed post-processing state, bounded deterministic post-processing retry, and the conservative provider-migration policy that @@ -28,7 +29,8 @@ The current tests are regression tripwires, not a correctness proof. Known blockers remain tracked in `ops/ROADMAP.md`, including broader pull-payment accounting and cross-contract invariants, fuller randomizer reserve lifecycle accounting, callback-after-burn policy, canonical randomizer lifecycle -ownership, remaining static-analysis triage, signer lifecycle operations, +ownership, remaining static-analysis triage beyond the now-fixed +`uninitialized-state` mint-accounting rows, signer lifecycle operations, dependency version/freeze manifest work, deployment discipline, and the broader P0/P1 test suite. diff --git a/ops/AUTONOMOUS_RUN.md b/ops/AUTONOMOUS_RUN.md index 6d1a698a..9d2f48c5 100644 --- a/ops/AUTONOMOUS_RUN.md +++ b/ops/AUTONOMOUS_RUN.md @@ -33,11 +33,11 @@ tests, security hardening, deployment discipline, and release/audit readiness. | Field | Value | | --- | --- | | Remote | `https://github.com/6529-Collections/6529Stream.git` | -| Active PR branch | `codex/dependency-script-safe-encoding` | -| Last merged PR | `https://github.com/6529-Collections/6529Stream/pull/70` | +| Active PR branch | `codex/remove-dead-mint-accounting` | +| Last merged PR | `https://github.com/6529-Collections/6529Stream/pull/71` | | Roadmap file | `ops/ROADMAP.md` | | State file | `ops/AUTONOMOUS_RUN.md` | -| Last updated | `2026-06-10 18:27 UTC` | +| Last updated | `2026-06-10 18:43 UTC` | ## Packaging Notes @@ -84,7 +84,8 @@ The queue will evolve as PRs merge and bot feedback arrives. | 27 | Add failed randomness post-processing state | Gate C | Implement P0-RAND-004 failed-state path for deterministic post-processing reverts, with VRF/arRNG tests, docs, and roadmap state updates | Merged in PR #68 | | 28 | Add bounded randomness post-processing retry | Gate C | Implement P0-RAND-006 stored-seed manual retry for deterministic failed post-processing, with VRF/arRNG tests, docs, and roadmap state updates | Merged in PR #69 | | 29 | Store raw random output hashes | Gate C | Implement P0-RAND-007 raw-output hash storage policy, domain-separated seed derivation, event/view exposure, tests, docs, and roadmap state updates | Merged in PR #70 | -| 30 | Fix dependency script packed encoding | Gate C/Gate D | Implement P0-META-001 typed dependency chunk/content hashes, preserve rendered-script compatibility, add metadata encoding tests, and update Slither/roadmap traceability | Open in PR #71; follow-up local validation complete, post-follow-up CI pending | +| 30 | Fix dependency script packed encoding | Gate C/Gate D | Implement P0-META-001 typed dependency chunk/content hashes, preserve rendered-script compatibility, add metadata encoding tests, and update Slither/roadmap traceability | Merged in PR #71 | +| 31 | Remove dead mint-accounting state | Gate C | Implement P0-CORE-001 by removing never-written public/allowlist mint counters, keeping retained airdrop-counter tests, and updating Slither/roadmap traceability | Local validation complete; ready to open PR | ## Current PR Worklog @@ -2527,11 +2528,11 @@ Outcome: ### PR #71: Fix dependency script packed encoding (Queue Item 30) -Status: Open; CodeRabbit clean with non-blocking observations addressed in -follow-up; local follow-up validation complete, post-follow-up CI pending. +Status: Merged. Branch: `codex/dependency-script-safe-encoding`. Pull request: `https://github.com/6529-Collections/6529Stream/pull/71`. -Latest head before PR-state update: `457ca920cb55c9d4b75efcede714ccc1ef700a5b`. +Latest head before merge: `1668c6ee9c45aca9193a48ae9b56eb81b5c02583`. +Merge commit: `20bd9d9d1fa36b7142f3a81b9ab0c86060c9f943`. Related issue: - `https://github.com/6529-Collections/6529Stream/issues/9` @@ -2621,6 +2622,9 @@ Validation so far: passed: 174 tests, 0 failed. - Follow-up Slither confirmation remained unchanged: `{"slither_exit":-1,"total":685,"high":8,"medium":28,"low":63,"informational":580,"optimization":6,"encode_packed_collision":0,"uninitialized_local":10,"calls_loop":8}`. +- GitHub CI passed on final head in run `27297432586`. +- CodeRabbit final clean comment: `4673227541`. +- Issue #9 closed completed. Review requests: @@ -2630,6 +2634,75 @@ Review requests: - Claude is intentionally skipped per current user instruction; use CodeRabbit unless risk or future user instruction changes. +### PR candidate: Remove dead mint-accounting state (Queue Item 31) + +Status: Local validation complete; ready to open PR. +Branch: `codex/remove-dead-mint-accounting`. +Related issue: + +- `https://github.com/6529-Collections/6529Stream/issues/13` + +Goal: + +- Complete `P0-CORE-001` by resolving the two first-party Slither + `uninitialized-state` rows in `StreamCore`. +- Remove the never-written public-sale and allowlist mint-count mappings rather + than expose always-zero views with no accepted drop quota or allowlist + semantics. +- Preserve and test the retained airdrop counter as the only current + per-address mint-accounting surface in `StreamCore`. + +Candidate files: + +- `smart-contracts/StreamCore.sol` +- `smart-contracts/IStreamCore.sol` +- `test/StreamMintAccounting.t.sol` +- `docs/known-blockers.md` +- `docs/status.md` +- `test/README.md` +- `ops/ROADMAP.md` +- `ops/SLITHER_BASELINE.md` +- `ops/AUTONOMOUS_RUN.md` + +Implementation notes: + +- Removed `tokensMintedPerAddress` and + `tokensMintedAllowlistAddress` from `StreamCore`. +- Removed `retrieveTokensMintedPublicPerAddress` and + `retrieveTokensMintedALPerAddress` from `StreamCore` and `IStreamCore`. +- Added `test/StreamMintAccounting.t.sol` to prove the retained airdrop counter + starts at zero, increments on authorized minter calls, and remains unchanged + after an unauthorized mint attempt. +- Updated `ops/SLITHER_BASELINE.md` and `ops/ROADMAP.md` to mark + `uninitialized-state` as `0 current / 2 fixed`. + +Validation so far: + +- PR #71 merge checked locally by fast-forwarding `main` to + `20bd9d9d1fa36b7142f3a81b9ab0c86060c9f943`. +- `forge fmt --check smart-contracts\StreamCore.sol + smart-contracts\IStreamCore.sol test\StreamMintAccounting.t.sol` passed. +- Focused `forge test --match-contract StreamMintAccountingTest -vvv` passed: + 2 tests, 0 failed. +- `make check` passed: 176 tests, 0 failed. +- `powershell -ExecutionPolicy Bypass -File scripts\check.ps1` passed: + 176 tests, 0 failed. +- `git diff --check` passed. +- Markdown heading scan passed for the roadmap, Slither baseline, autonomous + run state, status docs, known blockers, and test README. +- Traceability grep passed for `P0-CORE-001`, `StreamMintAccounting`, + `uninitialized-state`, `uninitialized_state`, Slither count `680`, branch + `codex/remove-dead-mint-accounting`, and PR #71 merge commit + `20bd9d9d1fa36b7142f3a81b9ab0c86060c9f943`. +- Slither confirmation returned + `{"slither_exit":-1,"total":680,"high":6,"medium":28,"low":63,"informational":577,"optimization":6,"uninitialized_state":0,"uninitialized_local":10,"weak_prng":2,"encode_packed_collision":0}`. + +Review requests: + +- CodeRabbit will be requested after the PR is opened. +- Claude is intentionally skipped per current user instruction; use CodeRabbit + unless risk or future user instruction changes. + ## Decision Log | Time UTC | Decision | Rationale | @@ -2844,6 +2917,11 @@ Review requests: | 2026-06-10 18:20 | Open PR #71 | Dependency-script encoding hash fix published with full local validation evidence; CodeRabbit review will be requested on the PR-state head | | 2026-06-10 18:21 | Request CodeRabbit PR #71 review | CodeRabbit review requested in issue comment `4673145958`; Claude intentionally skipped per current user instruction | | 2026-06-10 18:27 | Address CodeRabbit PR #71 non-blocking observations | Added NatSpec for the new hash views, added zero-chunk dependency hash coverage, refreshed focused/full/Windows/Slither validation, and kept Slither counts unchanged | +| 2026-06-10 18:33 | Merge PR #71 | Dependency-script encoding hashes merged as `20bd9d9d1fa36b7142f3a81b9ab0c86060c9f943`; CI passed on final head `1668c6ee9c45aca9193a48ae9b56eb81b5c02583`, CodeRabbit final clean comment `4673227541`, and issue #9 closed completed | +| 2026-06-10 18:35 | Select Queue Item 31 | Next focused P0 Slither blocker is `P0-CORE-001`, because `StreamCore` exposes two never-written public/allowlist mint counters that Slither reports as high-impact uninitialized state | +| 2026-06-10 18:38 | Implement Queue Item 31 local draft | Removed the dead public/allowlist mint-count mappings and views, preserved the retained airdrop counter, and added focused retained-counter regressions | +| 2026-06-10 18:39 | Validate Queue Item 31 Slither delta | Slither now reports `uninitialized_state=0`, total findings `680`, and High findings `6`; the remaining High rows are weak helper randomness, vendored math, and accepted test-only forced-ETH helpers | +| 2026-06-10 18:43 | Finish local Queue Item 31 validation | Focused accounting tests, full `make check`, Windows wrapper, formatting, whitespace, heading scan, traceability grep, and Slither confirmation all pass with 176 total tests | ## Resume Instructions diff --git a/ops/ROADMAP.md b/ops/ROADMAP.md index 18a09646..7b995eff 100644 --- a/ops/ROADMAP.md +++ b/ops/ROADMAP.md @@ -18,7 +18,7 @@ order. characterization test skeleton. It does not prove protocol correctness. - Known remaining P0 blockers include broader payment accounting and cross-contract invariants, fuller randomizer reserve lifecycle accounting, - metadata state work, untriaged static analysis findings, missing invariants, + metadata state work, remaining static analysis findings, missing invariants, broader production governance, and missing deployment discipline. Drop authorization now uses EIP-712 with EOA and ERC-1271 support; auction custody, settlement state, outbid refunds, auction-local settlement credits, @@ -32,7 +32,8 @@ order. coverage. P0-RAND-001 through P0-RAND-007 randomizer lifecycle, callback, migration, failed-state, retry, and raw-output-hash work now have target-state coverage for VRF and arRNG adapters. P0-META-001 dependency - script segment-safe encoding now has typed chunk/content hash coverage. + script segment-safe encoding now has typed chunk/content hash coverage, and + P0-CORE-001 removed dead always-zero public/allowlist mint-accounting state. - Public docs must describe actual on-chain behavior, not intended product behavior. @@ -40,7 +41,7 @@ order. | Field | Value | | --- | --- | -| Last verified | `2026-06-10 18:18 UTC` local Windows PR candidate validation; CI TBD | +| Last verified | `2026-06-10 18:43 UTC` local Windows PR candidate validation; CI TBD | | OS tested | Windows / Linux | | Foundry version | `v1.7.1` | | Solidity compiler version | `0.8.19` | @@ -53,9 +54,9 @@ order. | Area | Current status | Evidence | Required before public beta | | --- | --- | --- | --- | | Build | Passes with warnings when `forge` is invoked through the installed binary path | `forge build` | Build passes in CI and locally with warnings burned down or documented | -| Unit/integration tests | Tests cover admin guards, target-scoped function-admin permission regressions, domain-scoped pause controls, EIP-712/ERC-1271 drop authorization, auction custody and payment credits, fixed-price pull-payment credits, curator reward credits, current emergency-withdrawal boundaries, randomizer lifecycle/callback validation, randomness/pending metadata behavior, raw-output hash storage, and dependency-script encoding hashes; broader P0/P1 tests are missing | `forge test -vvv` | P0 regression and integration suite exists | +| Unit/integration tests | Tests cover admin guards, target-scoped function-admin permission regressions, domain-scoped pause controls, EIP-712/ERC-1271 drop authorization, auction custody and payment credits, fixed-price pull-payment credits, curator reward credits, current emergency-withdrawal boundaries, randomizer lifecycle/callback validation, randomness/pending metadata behavior, raw-output hash storage, dependency-script encoding hashes, and retained airdrop mint-accounting behavior; broader P0/P1 tests are missing | `forge test -vvv` | P0 regression and integration suite exists | | Formatting | Fails broadly | `forge fmt --check smart-contracts` | Passing, or vendored exclusions documented | -| Static analysis | Runs with a tracked but unaccepted baseline: 685 total findings, including 8 High and 28 Medium | `slither . --config-file slither.config.json --foundry-compile-all` and `ops/SLITHER_BASELINE.md` | High/medium findings fixed, accepted, or documented | +| Static analysis | Runs with a tracked but unaccepted baseline: 680 total findings, including 6 High and 28 Medium | `slither . --config-file slither.config.json --foundry-compile-all` and `ops/SLITHER_BASELINE.md` | High/medium findings fixed, accepted, or documented | | Deployment | Missing | no meaningful `script/`/manifest process | Anvil deployment and fork rehearsal pass | | Docs | Partial README and roadmap only | manual inspection | Architecture, security, deployment, and protocol docs merged | | Release artifacts | Missing | no ABI/address/manifest release process | ABIs, manifests, checksums, and verified addresses published | @@ -1937,16 +1938,16 @@ Current capture: - Compiler: Solidity `0.8.19`. - Command: `slither . --config-file slither.config.json --foundry-compile-all --json `. - Status: baseline captured, not accepted as a CI gate. -- Result: 685 findings, including 8 High and 28 Medium. +- Result: 680 findings, including 6 High and 28 Medium. Impact summary: | Impact | Count | | --- | ---: | -| High | 8 | +| High | 6 | | Medium | 28 | | Low | 63 | -| Informational | 580 | +| Informational | 577 | | Optimization | 6 | High/medium detector summary: @@ -1958,7 +1959,7 @@ High/medium detector summary: | `incorrect-exp` | High | 1 | vendored `Math.mulDiv` | Needs Issue | [#11](https://github.com/6529-Collections/6529Stream/issues/11) | Confirm likely false positive against pinned upstream or replace vendored library | | `reentrancy-eth` | High | 0 current / 1 fixed | auction bidding | Fixed | [#12](https://github.com/6529-Collections/6529Stream/issues/12) | Replaced bid-path push refunds with bidder pull credits and state-before-withdrawal flow | | `suicidal` | High | 3 | test-only forced-ETH helpers | Accepted | Accepted test-only | Intentionally retained for forced-ETH accounting tests under Solidity 0.8.19 | -| `uninitialized-state` | High | 2 | mint-accounting mappings | Open | [#13](https://github.com/6529-Collections/6529Stream/issues/13) | Initialize, remove, or complete design | +| `uninitialized-state` | High | 0 current / 2 fixed | mint-accounting mappings | Fixed | [#13](https://github.com/6529-Collections/6529Stream/issues/13) | Removed never-written public/allowlist mint-count mappings and kept retained airdrop-counter regression coverage | | `weak-prng` | High | 2 | word pool randomness helpers | Open | [#14](https://github.com/6529-Collections/6529Stream/issues/14) | ADR 0005 requires removal, test/demo scoping, or production-disablement before Gate C | | `divide-before-multiply` | Medium | 9 | vendored math/base64 helpers | Needs Issue | [#11](https://github.com/6529-Collections/6529Stream/issues/11) | Confirm likely false positive against pinned upstream or replace vendored library | | `incorrect-equality` | Medium | 1 | test-only malleable-signature helper | Accepted | Accepted test-only | Keep scoped to test-only EIP-712 negative coverage | @@ -2005,7 +2006,7 @@ Status values: `Missing`, `Planned`, `In Progress`, `Passing`, `Blocked`. | ERC-4906 metadata signaling | `supportsInterface(0x49064906)` succeeds and `MetadataUpdate` / `BatchMetadataUpdate` emit only when token JSON metadata changes | `test/StreamMetadataEvents.t.sol` | Missing | [`P1-META-004`](https://github.com/6529-Collections/6529Stream/issues/49) | Gate D | TBD | | Dependency script packed encoding | Dependency script retrieval uses safe typed concatenation/hash encoding and cannot collide across script segments | `test/StreamMetadataEncoding.t.sol` | Passing: typed chunk/content hashes include dependency key, chunk count, chunk index, chunk byte length, and chunk content hash; ambiguous chunk splits that render the same JavaScript produce distinct content hashes while preserving rendered-script compatibility; zero-chunk dependency hashes are deterministic | [`P0-META-001`](https://github.com/6529-Collections/6529Stream/issues/9), [`P1-META-003`](https://github.com/6529-Collections/6529Stream/issues/48) | Gate C/Gate D | TBD | | Deployment redeployment rehearsal | Deployment manifests, ABI hashes, admin ceremony, signer setup, deprecation checks, and emergency redeployment rehearsal follow ADR 0007 | `test/StreamDeploymentManifest.t.sol` and `script/RehearseDeployment.s.sol` | Missing | [`P2-UPGRADE-ADR`](https://github.com/6529-Collections/6529Stream/issues/53) | Gate E/Gate G | TBD | -| Mint-accounting state | Mint counters initialize and update according to the accepted drop/mint accounting design | `test/StreamMintAccounting.t.sol` | Missing | [`P0-CORE-001`](https://github.com/6529-Collections/6529Stream/issues/13) | Gate C | TBD | +| Mint-accounting state | Dead counters are removed or retained counters initialize and update according to the accepted drop/mint accounting design | `test/StreamMintAccounting.t.sol` | Passing: removed never-written public/allowlist mint-count mappings and retrieval APIs; retained airdrop counter starts at zero, increments on authorized minter calls, and remains unchanged on unauthorized mint attempts | [`P0-CORE-001`](https://github.com/6529-Collections/6529Stream/issues/13) | Gate C | TBD | | Uninitialized local findings | First-party default-local behavior is explicit, removed, or covered by targeted regressions | `test/StreamInitialization.t.sol` | Missing | [`P0-INIT-001`](https://github.com/6529-Collections/6529Stream/issues/15) | Gate C | TBD | | Curator double claim | Valid claim succeeds once and second claim fails | `test/StreamCuratorsPool.t.sol` | Passing for P0-PAY-005: valid claims create credits and duplicate claims fail without increasing credit | [`P0-PAY-005`](https://github.com/6529-Collections/6529Stream/issues/29) | Gate C/Gate D | TBD | | Merkle leaf ambiguity | Duplicate or ambiguous leaves cannot double claim | `test/StreamCuratorsPool.t.sol` | In Progress: reward leaves use `abi.encode`-based hashing for reward address, collection ID, and amount; root epoch/domain expansion remains future curator metadata work | [`P0-PAY-005`](https://github.com/6529-Collections/6529Stream/issues/29), `P1-CURATOR-*` | Gate D | TBD | diff --git a/ops/SLITHER_BASELINE.md b/ops/SLITHER_BASELINE.md index 0458260c..50aca964 100644 --- a/ops/SLITHER_BASELINE.md +++ b/ops/SLITHER_BASELINE.md @@ -8,7 +8,7 @@ input, not an accepted security baseline. | Field | Value | | --- | --- | | Status | Open baseline; not accepted as a CI gate | -| Last generated | `2026-06-10 18:18 UTC` | +| Last generated | `2026-06-10 18:39 UTC` | | Slither | `0.11.5` | | Solidity compiler | `0.8.19` | | solc-select | `1.2.0` | @@ -23,12 +23,12 @@ baseline. | Impact | Count | | --- | ---: | -| High | 8 | +| High | 6 | | Medium | 28 | | Low | 63 | -| Informational | 580 | +| Informational | 577 | | Optimization | 6 | -| Total | 685 | +| Total | 680 | ## Detector Counts @@ -37,7 +37,7 @@ baseline. | `encode-packed-collision` | High | 0 | | `incorrect-exp` | High | 1 | | `suicidal` | High | 3 | -| `uninitialized-state` | High | 2 | +| `uninitialized-state` | High | 0 | | `weak-prng` | High | 2 | | `divide-before-multiply` | Medium | 9 | | `incorrect-equality` | Medium | 1 | @@ -59,6 +59,13 @@ Dependency-script encoding delta from the previous tracked capture: - `uninitialized-local` is now 10 current findings; the `StreamDrops.mintDrop` and `StreamCore.retrieveDependencyScript` rows are fixed, while the broader `P0-INIT-001` workstream remains open. +- Mint-accounting state delta from the previous tracked capture: + - High findings decreased from 8 to 6 because the two dead + `uninitialized-state` mint-accounting mappings were removed. + - Informational findings decreased from 580 to 577 because the removed + storage and retrieval surface no longer appears in lower-impact detectors. + - `uninitialized-state` is now zero current findings; the fixed rows are + kept below as audit traceability. - `arbitrary-send-eth` and `reentrancy-eth` remain at zero findings. - Slither still exits non-zero because the remaining tracked baseline findings require fixes, accepted-risk rationale, or false-positive proof before audit @@ -92,8 +99,8 @@ GitHub work item that owns that resolution. | `incorrect-exp` | 1 | `Math` | `mulDiv(uint256,uint256,uint256)` | vendored | `smart-contracts/Math.sol#L55-L134` | High | Medium | Needs Issue | Likely false positive; confirm against pinned upstream OpenZeppelin or replace retained library with package-managed upstream before acceptance | Library provenance or math regression | [`P0-LIB-001`](https://github.com/6529-Collections/6529Stream/issues/11) | Gate F | TBD | | `suicidal` | 3 | Forced-ETH test helpers | `force(address)` | test-only | `test/StreamAuctionPayments.t.sol`, `test/StreamCuratorsPool.t.sol`, `test/StreamFixedPricePayments.t.sol` | High | Medium | Accepted | Accepted as intentional Solidity 0.8.19 `selfdestruct` helpers used only to test forced-ETH surplus accounting | Forced-ETH tests in the owning files | Accepted test-only | Gate A | TBD | | `reentrancy-eth` | 1 | `StreamAuctions` | `participateToAuction(uint256)` | first-party | Fixed in `P0-AUCT-002` | High | Medium | Fixed | Replaced synchronous outbid refund `call` with bidder credit accounting; highest-bid state and auction escrow accounting update before any external withdrawal path | `test/StreamAuctionPayments.t.sol` | [`P0-AUCT-002`](https://github.com/6529-Collections/6529Stream/issues/12) | Gate C | TBD | -| `uninitialized-state` | 1 | `StreamCore` | `state variable tokensMintedPerAddress` | first-party | `smart-contracts/StreamCore.sol#L74` | High | High | Open | Initialize, remove, or complete mint-accounting design | Mint-accounting regression | [`P0-CORE-001`](https://github.com/6529-Collections/6529Stream/issues/13) | Gate C | TBD | -| `uninitialized-state` | 1 | `StreamCore` | `state variable tokensMintedAllowlistAddress` | first-party | `smart-contracts/StreamCore.sol#L77` | High | High | Open | Initialize, remove, or complete mint-accounting design | Mint-accounting regression | [`P0-CORE-001`](https://github.com/6529-Collections/6529Stream/issues/13) | Gate C | TBD | +| `uninitialized-state` | 1 | `StreamCore` | `state variable tokensMintedPerAddress` | first-party | Removed in `P0-CORE-001` | High | High | Fixed | Removed the never-written public-sale mint-count mapping and retrieval API instead of exposing an always-zero counter with no accepted quota semantics | Retained airdrop-counter regression in `test/StreamMintAccounting.t.sol` | [`P0-CORE-001`](https://github.com/6529-Collections/6529Stream/issues/13) | Gate C | TBD | +| `uninitialized-state` | 1 | `StreamCore` | `state variable tokensMintedAllowlistAddress` | first-party | Removed in `P0-CORE-001` | High | High | Fixed | Removed the never-written allowlist mint-count mapping and retrieval API because the current drop path has no allowlist phase semantics | Retained airdrop-counter regression in `test/StreamMintAccounting.t.sol` | [`P0-CORE-001`](https://github.com/6529-Collections/6529Stream/issues/13) | Gate C | TBD | | `weak-prng` | 1 | `randomPool` | `randomNumber()` | first-party | `smart-contracts/XRandoms.sol#L32-L35` | High | Medium | Open | ADR 0005 requires removal, test/demo scoping, or production-disablement before Gate C | Randomness provider regression and production-scope test | [`P0-RAND-ADR`](https://github.com/6529-Collections/6529Stream/issues/14) | Gate C | TBD | | `weak-prng` | 1 | `randomPool` | `randomWord()` | first-party | `smart-contracts/XRandoms.sol#L37-L40` | High | Medium | Open | ADR 0005 requires removal, test/demo scoping, or production-disablement before Gate C | Randomness provider regression and production-scope test | [`P0-RAND-ADR`](https://github.com/6529-Collections/6529Stream/issues/14) | Gate C | TBD | | `divide-before-multiply` | 1 | `Base64` | `encode(bytes)` | vendored | `smart-contracts/Base64.sol#L20-L91` | Medium | Medium | Needs Issue | Likely false positive; confirm against pinned upstream OpenZeppelin or replace retained library with package-managed upstream before acceptance | Library provenance or precision regression | [`P0-LIB-001`](https://github.com/6529-Collections/6529Stream/issues/11) | Gate F | TBD | diff --git a/smart-contracts/IStreamCore.sol b/smart-contracts/IStreamCore.sol index 508c04c2..db6f77e6 100644 --- a/smart-contracts/IStreamCore.sol +++ b/smart-contracts/IStreamCore.sol @@ -23,16 +23,6 @@ interface IStreamCore { function viewMaxAllowance(uint256 _collectionID) external view returns (uint256); - function retrieveTokensMintedALPerAddress(uint256 _collectionID, address _address) - external - view - returns (uint256); - - function retrieveTokensMintedPublicPerAddress(uint256 _collectionID, address _address) - external - view - returns (uint256); - function viewColIDforTokenID(uint256 _tokenid) external view returns (uint256); function viewCollectionRandomizerContract(uint256 _collectionID) external view returns (address); diff --git a/smart-contracts/StreamCore.sol b/smart-contracts/StreamCore.sol index 08c9638c..88030901 100644 --- a/smart-contracts/StreamCore.sol +++ b/smart-contracts/StreamCore.sol @@ -79,12 +79,6 @@ contract StreamCore is ERC721Enumerable, ERC2981, Ownable { // stores the token hash generated by randomizer contracts mapping(uint256 => bytes32) private tokenToHash; - // amount of minted tokens per address per collection during public sale - mapping(uint256 => mapping(address => uint256)) private tokensMintedPerAddress; - - // amount of minted tokens per address per collection during allowlist - mapping(uint256 => mapping(address => uint256)) private tokensMintedAllowlistAddress; - // amount of tokens airdropped per address per collection mapping(uint256 => mapping(address => uint256)) private tokensAirdropPerAddress; @@ -595,24 +589,6 @@ contract StreamCore is ERC721Enumerable, ERC2981, Ownable { return (collectionAdditionalData[_collectionID].maxCollectionPurchases); } - // function to return tokens minted per address during allowlist - function retrieveTokensMintedALPerAddress(uint256 _collectionID, address _address) - external - view - returns (uint256) - { - return (tokensMintedAllowlistAddress[_collectionID][_address]); - } - - // function to return tokens minted per address during public - function retrieveTokensMintedPublicPerAddress(uint256 _collectionID, address _address) - external - view - returns (uint256) - { - return (tokensMintedPerAddress[_collectionID][_address]); - } - // function to retrieve the airdropped tokens per address function retrieveTokensAirdroppedPerAddress(uint256 _collectionID, address _address) public diff --git a/test/README.md b/test/README.md index 1777e70c..8663b6ff 100644 --- a/test/README.md +++ b/test/README.md @@ -126,3 +126,9 @@ dependency JavaScript produce distinct typed content hashes, chunk hashes includ the chunk index and byte length, zero-chunk dependency hashes are deterministic, and the existing rendered generative script output remains compatibility-preserving. + +Mint-accounting state now has P0-CORE-001 target-state coverage in +`StreamMintAccounting.t.sol`: never-written public/allowlist mint counters were +removed from `StreamCore`, while the retained airdrop counter starts at zero, +increments on authorized minter calls, and remains unchanged after an +unauthorized mint attempt. diff --git a/test/StreamMintAccounting.t.sol b/test/StreamMintAccounting.t.sol new file mode 100644 index 00000000..524f54d6 --- /dev/null +++ b/test/StreamMintAccounting.t.sol @@ -0,0 +1,55 @@ +// SPDX-License-Identifier: MIT +pragma solidity ^0.8.19; + +import "./helpers/Assertions.sol"; +import "./helpers/CharacterizationTestBase.sol"; +import "./helpers/StreamFixture.sol"; + +contract StreamMintAccountingTest is CharacterizationTestBase, StreamFixture { + using Assertions for bool; + using Assertions for uint256; + + function testRetainedAirdropMintCounterStartsAtZeroAndIncrements() public { + DeployedStream memory deployed = deployStream(address(0xBEEF), address(0xCAFE)); + address recipient = address(0xA11CE); + uint256 collectionId = 1; + + deployed.core.retrieveTokensAirdroppedPerAddress(collectionId, recipient) + .assertEq(0, "unexpected initial airdrop count"); + + vm.prank(address(deployed.minter)); + deployed.core.mint(10_000_000_000, recipient, "token-a", 111, collectionId); + + deployed.core.retrieveTokensAirdroppedPerAddress(collectionId, recipient) + .assertEq(1, "first mint not counted"); + + vm.prank(address(deployed.minter)); + deployed.core.mint(10_000_000_001, recipient, "token-b", 222, collectionId); + + deployed.core.retrieveTokensAirdroppedPerAddress(collectionId, recipient) + .assertEq(2, "second mint not counted"); + } + + function testUnauthorizedMintDoesNotIncrementRetainedAirdropCounter() public { + DeployedStream memory deployed = deployStream(address(0xBEEF), address(0xCAFE)); + address recipient = address(0xA11CE); + uint256 collectionId = 1; + + vm.prank(address(0xB0B)); + (bool success,) = address(deployed.core) + .call( + abi.encodeWithSelector( + deployed.core.mint.selector, + 10_000_000_000, + recipient, + "token-a", + 111, + collectionId + ) + ); + success.assertFalse("unauthorized mint succeeded"); + + deployed.core.retrieveTokensAirdroppedPerAddress(collectionId, recipient) + .assertEq(0, "failed mint changed airdrop count"); + } +} From a0c6830862719861648697d722027b40c2090401 Mon Sep 17 00:00:00 2001 From: Punk 6529 <108035228+punk6529@users.noreply.github.com> Date: Wed, 10 Jun 2026 18:45:36 +0000 Subject: [PATCH 2/2] Record PR 72 state --- ops/AUTONOMOUS_RUN.md | 13 ++++++++----- 1 file changed, 8 insertions(+), 5 deletions(-) diff --git a/ops/AUTONOMOUS_RUN.md b/ops/AUTONOMOUS_RUN.md index 9d2f48c5..faee792a 100644 --- a/ops/AUTONOMOUS_RUN.md +++ b/ops/AUTONOMOUS_RUN.md @@ -37,7 +37,7 @@ tests, security hardening, deployment discipline, and release/audit readiness. | Last merged PR | `https://github.com/6529-Collections/6529Stream/pull/71` | | Roadmap file | `ops/ROADMAP.md` | | State file | `ops/AUTONOMOUS_RUN.md` | -| Last updated | `2026-06-10 18:43 UTC` | +| Last updated | `2026-06-10 18:45 UTC` | ## Packaging Notes @@ -85,7 +85,7 @@ The queue will evolve as PRs merge and bot feedback arrives. | 28 | Add bounded randomness post-processing retry | Gate C | Implement P0-RAND-006 stored-seed manual retry for deterministic failed post-processing, with VRF/arRNG tests, docs, and roadmap state updates | Merged in PR #69 | | 29 | Store raw random output hashes | Gate C | Implement P0-RAND-007 raw-output hash storage policy, domain-separated seed derivation, event/view exposure, tests, docs, and roadmap state updates | Merged in PR #70 | | 30 | Fix dependency script packed encoding | Gate C/Gate D | Implement P0-META-001 typed dependency chunk/content hashes, preserve rendered-script compatibility, add metadata encoding tests, and update Slither/roadmap traceability | Merged in PR #71 | -| 31 | Remove dead mint-accounting state | Gate C | Implement P0-CORE-001 by removing never-written public/allowlist mint counters, keeping retained airdrop-counter tests, and updating Slither/roadmap traceability | Local validation complete; ready to open PR | +| 31 | Remove dead mint-accounting state | Gate C | Implement P0-CORE-001 by removing never-written public/allowlist mint counters, keeping retained airdrop-counter tests, and updating Slither/roadmap traceability | Open in PR #72; CodeRabbit requested | ## Current PR Worklog @@ -2634,10 +2634,12 @@ Review requests: - Claude is intentionally skipped per current user instruction; use CodeRabbit unless risk or future user instruction changes. -### PR candidate: Remove dead mint-accounting state (Queue Item 31) +### PR #72: Remove dead mint-accounting state (Queue Item 31) -Status: Local validation complete; ready to open PR. +Status: Open; CodeRabbit requested, CI pending. Branch: `codex/remove-dead-mint-accounting`. +Pull request: `https://github.com/6529-Collections/6529Stream/pull/72`. +Latest head before PR-state update: `93984032b8c0fb19d6922e42809fd0892da3c72f`. Related issue: - `https://github.com/6529-Collections/6529Stream/issues/13` @@ -2699,7 +2701,7 @@ Validation so far: Review requests: -- CodeRabbit will be requested after the PR is opened. +- CodeRabbit requested in issue comment `4673355477`. - Claude is intentionally skipped per current user instruction; use CodeRabbit unless risk or future user instruction changes. @@ -2922,6 +2924,7 @@ Review requests: | 2026-06-10 18:38 | Implement Queue Item 31 local draft | Removed the dead public/allowlist mint-count mappings and views, preserved the retained airdrop counter, and added focused retained-counter regressions | | 2026-06-10 18:39 | Validate Queue Item 31 Slither delta | Slither now reports `uninitialized_state=0`, total findings `680`, and High findings `6`; the remaining High rows are weak helper randomness, vendored math, and accepted test-only forced-ETH helpers | | 2026-06-10 18:43 | Finish local Queue Item 31 validation | Focused accounting tests, full `make check`, Windows wrapper, formatting, whitespace, heading scan, traceability grep, and Slither confirmation all pass with 176 total tests | +| 2026-06-10 18:45 | Open PR #72 and request CodeRabbit | PR #72 packages `P0-CORE-001`; CodeRabbit review requested in issue comment `4673355477`, and Claude is skipped per current user instruction | ## Resume Instructions