Remove dead mint accounting state

docs/known-blockers.md

@@ -57,6 +57,9 @@ contributors who start from the README.
   Remaining metadata blockers include golden-file metadata tests, collection
   freeze manifests, immutable dependency version records, registry identity
   pinning, ERC-4906 signaling, burn semantics, escaping, and size limits.
+- Dead public/allowlist mint-count mappings and retrieval APIs were removed
+  from `StreamCore`; the retained airdrop counter now has explicit regression
+  tests for zero initial state, authorized increments, and failed-mint rollback.
 - Slither high/medium findings are captured in `ops/SLITHER_BASELINE.md` and
   need triage before audit readiness.
 - Auction custody, auction bid/outbid payment, auction settlement-credit,

docs/status.md

@@ -12,8 +12,9 @@ The current Gate A smoke baseline proves:
   fixed-price pull-payment credits, curator reward claim credits, and
   randomness lifecycle behavior. Current emergency-withdrawal target-state
   tests also cover explicit emergency recipients, `StreamMinter` surplus
-  withdrawal, `NextGenRandomizerRNG` reserve boundaries, and dependency-script
-  segment-safe content hashing.
+  withdrawal, `NextGenRandomizerRNG` reserve boundaries, dependency-script
+  segment-safe content hashing, and retained airdrop mint-accounting behavior
+  after removal of dead public/allowlist counters.
 - Randomizer tests now cover request lifecycle views, callback validation,
   raw-output hash storage, failed post-processing state, bounded deterministic
   post-processing retry, and the conservative provider-migration policy that
@@ -28,7 +29,8 @@ The current tests are regression tripwires, not a correctness proof. Known
 blockers remain tracked in `ops/ROADMAP.md`, including broader pull-payment
 accounting and cross-contract invariants, fuller randomizer reserve lifecycle
 accounting, callback-after-burn policy, canonical randomizer lifecycle
-ownership, remaining static-analysis triage, signer lifecycle operations,
+ownership, remaining static-analysis triage beyond the now-fixed
+`uninitialized-state` mint-accounting rows, signer lifecycle operations,
 dependency version/freeze manifest work, deployment discipline, and the broader
 P0/P1 test suite.
 

ops/AUTONOMOUS_RUN.md

@@ -33,11 +33,11 @@ tests, security hardening, deployment discipline, and release/audit readiness.
 | Field | Value |
 | --- | --- |
 | Remote | `https://github.com/6529-Collections/6529Stream.git` |
-| Active PR branch | `codex/dependency-script-safe-encoding` |
-| Last merged PR | `https://github.com/6529-Collections/6529Stream/pull/70` |
+| Active PR branch | `codex/remove-dead-mint-accounting` |
+| Last merged PR | `https://github.com/6529-Collections/6529Stream/pull/71` |
 | Roadmap file | `ops/ROADMAP.md` |
 | State file | `ops/AUTONOMOUS_RUN.md` |
-| Last updated | `2026-06-10 18:27 UTC` |
+| Last updated | `2026-06-10 18:45 UTC` |
 
 ## Packaging Notes
 
@@ -84,7 +84,8 @@ The queue will evolve as PRs merge and bot feedback arrives.
 | 27 | Add failed randomness post-processing state | Gate C | Implement P0-RAND-004 failed-state path for deterministic post-processing reverts, with VRF/arRNG tests, docs, and roadmap state updates | Merged in PR #68 |
 | 28 | Add bounded randomness post-processing retry | Gate C | Implement P0-RAND-006 stored-seed manual retry for deterministic failed post-processing, with VRF/arRNG tests, docs, and roadmap state updates | Merged in PR #69 |
 | 29 | Store raw random output hashes | Gate C | Implement P0-RAND-007 raw-output hash storage policy, domain-separated seed derivation, event/view exposure, tests, docs, and roadmap state updates | Merged in PR #70 |
-| 30 | Fix dependency script packed encoding | Gate C/Gate D | Implement P0-META-001 typed dependency chunk/content hashes, preserve rendered-script compatibility, add metadata encoding tests, and update Slither/roadmap traceability | Open in PR #71; follow-up local validation complete, post-follow-up CI pending |
+| 30 | Fix dependency script packed encoding | Gate C/Gate D | Implement P0-META-001 typed dependency chunk/content hashes, preserve rendered-script compatibility, add metadata encoding tests, and update Slither/roadmap traceability | Merged in PR #71 |
+| 31 | Remove dead mint-accounting state | Gate C | Implement P0-CORE-001 by removing never-written public/allowlist mint counters, keeping retained airdrop-counter tests, and updating Slither/roadmap traceability | Open in PR #72; CodeRabbit requested |
 
 ## Current PR Worklog
 
@@ -2527,11 +2528,11 @@ Outcome:
 
 ### PR #71: Fix dependency script packed encoding (Queue Item 30)
 
-Status: Open; CodeRabbit clean with non-blocking observations addressed in
-follow-up; local follow-up validation complete, post-follow-up CI pending.
+Status: Merged.
 Branch: `codex/dependency-script-safe-encoding`.
 Pull request: `https://github.com/6529-Collections/6529Stream/pull/71`.
-Latest head before PR-state update: `457ca920cb55c9d4b75efcede714ccc1ef700a5b`.
+Latest head before merge: `1668c6ee9c45aca9193a48ae9b56eb81b5c02583`.
+Merge commit: `20bd9d9d1fa36b7142f3a81b9ab0c86060c9f943`.
 Related issue:
 
 - `https://github.com/6529-Collections/6529Stream/issues/9`
@@ -2621,6 +2622,9 @@ Validation so far:
   passed: 174 tests, 0 failed.
 - Follow-up Slither confirmation remained unchanged:
   `{"slither_exit":-1,"total":685,"high":8,"medium":28,"low":63,"informational":580,"optimization":6,"encode_packed_collision":0,"uninitialized_local":10,"calls_loop":8}`.
+- GitHub CI passed on final head in run `27297432586`.
+- CodeRabbit final clean comment: `4673227541`.
+- Issue #9 closed completed.
 
 Review requests:
 
@@ -2630,6 +2634,77 @@ Review requests:
 - Claude is intentionally skipped per current user instruction; use CodeRabbit
   unless risk or future user instruction changes.
 
+### PR #72: Remove dead mint-accounting state (Queue Item 31)
+
+Status: Open; CodeRabbit requested, CI pending.
+Branch: `codex/remove-dead-mint-accounting`.
+Pull request: `https://github.com/6529-Collections/6529Stream/pull/72`.
+Latest head before PR-state update: `93984032b8c0fb19d6922e42809fd0892da3c72f`.
+Related issue:
+
+- `https://github.com/6529-Collections/6529Stream/issues/13`
+
+Goal:
+
+- Complete `P0-CORE-001` by resolving the two first-party Slither
+  `uninitialized-state` rows in `StreamCore`.
+- Remove the never-written public-sale and allowlist mint-count mappings rather
+  than expose always-zero views with no accepted drop quota or allowlist
+  semantics.
+- Preserve and test the retained airdrop counter as the only current
+  per-address mint-accounting surface in `StreamCore`.
+
+Candidate files:
+
+- `smart-contracts/StreamCore.sol`
+- `smart-contracts/IStreamCore.sol`
+- `test/StreamMintAccounting.t.sol`
+- `docs/known-blockers.md`
+- `docs/status.md`
+- `test/README.md`
+- `ops/ROADMAP.md`
+- `ops/SLITHER_BASELINE.md`
+- `ops/AUTONOMOUS_RUN.md`
+
+Implementation notes:
+
+- Removed `tokensMintedPerAddress` and
+  `tokensMintedAllowlistAddress` from `StreamCore`.
+- Removed `retrieveTokensMintedPublicPerAddress` and
+  `retrieveTokensMintedALPerAddress` from `StreamCore` and `IStreamCore`.
+- Added `test/StreamMintAccounting.t.sol` to prove the retained airdrop counter
+  starts at zero, increments on authorized minter calls, and remains unchanged
+  after an unauthorized mint attempt.
+- Updated `ops/SLITHER_BASELINE.md` and `ops/ROADMAP.md` to mark
+  `uninitialized-state` as `0 current / 2 fixed`.
+
+Validation so far:
+
+- PR #71 merge checked locally by fast-forwarding `main` to
+  `20bd9d9d1fa36b7142f3a81b9ab0c86060c9f943`.
+- `forge fmt --check smart-contracts\StreamCore.sol
+  smart-contracts\IStreamCore.sol test\StreamMintAccounting.t.sol` passed.
+- Focused `forge test --match-contract StreamMintAccountingTest -vvv` passed:
+  2 tests, 0 failed.
+- `make check` passed: 176 tests, 0 failed.
+- `powershell -ExecutionPolicy Bypass -File scripts\check.ps1` passed:
+  176 tests, 0 failed.
+- `git diff --check` passed.
+- Markdown heading scan passed for the roadmap, Slither baseline, autonomous
+  run state, status docs, known blockers, and test README.
+- Traceability grep passed for `P0-CORE-001`, `StreamMintAccounting`,
+  `uninitialized-state`, `uninitialized_state`, Slither count `680`, branch
+  `codex/remove-dead-mint-accounting`, and PR #71 merge commit
+  `20bd9d9d1fa36b7142f3a81b9ab0c86060c9f943`.
+- Slither confirmation returned
+  `{"slither_exit":-1,"total":680,"high":6,"medium":28,"low":63,"informational":577,"optimization":6,"uninitialized_state":0,"uninitialized_local":10,"weak_prng":2,"encode_packed_collision":0}`.
+
+Review requests:
+
+- CodeRabbit requested in issue comment `4673355477`.
+- Claude is intentionally skipped per current user instruction; use CodeRabbit
+  unless risk or future user instruction changes.
+
 ## Decision Log
 
 | Time UTC | Decision | Rationale |
@@ -2844,6 +2919,12 @@ Review requests:
 | 2026-06-10 18:20 | Open PR #71 | Dependency-script encoding hash fix published with full local validation evidence; CodeRabbit review will be requested on the PR-state head |
 | 2026-06-10 18:21 | Request CodeRabbit PR #71 review | CodeRabbit review requested in issue comment `4673145958`; Claude intentionally skipped per current user instruction |
 | 2026-06-10 18:27 | Address CodeRabbit PR #71 non-blocking observations | Added NatSpec for the new hash views, added zero-chunk dependency hash coverage, refreshed focused/full/Windows/Slither validation, and kept Slither counts unchanged |
+| 2026-06-10 18:33 | Merge PR #71 | Dependency-script encoding hashes merged as `20bd9d9d1fa36b7142f3a81b9ab0c86060c9f943`; CI passed on final head `1668c6ee9c45aca9193a48ae9b56eb81b5c02583`, CodeRabbit final clean comment `4673227541`, and issue #9 closed completed |
+| 2026-06-10 18:35 | Select Queue Item 31 | Next focused P0 Slither blocker is `P0-CORE-001`, because `StreamCore` exposes two never-written public/allowlist mint counters that Slither reports as high-impact uninitialized state |
+| 2026-06-10 18:38 | Implement Queue Item 31 local draft | Removed the dead public/allowlist mint-count mappings and views, preserved the retained airdrop counter, and added focused retained-counter regressions |
+| 2026-06-10 18:39 | Validate Queue Item 31 Slither delta | Slither now reports `uninitialized_state=0`, total findings `680`, and High findings `6`; the remaining High rows are weak helper randomness, vendored math, and accepted test-only forced-ETH helpers |
+| 2026-06-10 18:43 | Finish local Queue Item 31 validation | Focused accounting tests, full `make check`, Windows wrapper, formatting, whitespace, heading scan, traceability grep, and Slither confirmation all pass with 176 total tests |
+| 2026-06-10 18:45 | Open PR #72 and request CodeRabbit | PR #72 packages `P0-CORE-001`; CodeRabbit review requested in issue comment `4673355477`, and Claude is skipped per current user instruction |
 
 ## Resume Instructions
 

ops/ROADMAP.md

@@ -18,7 +18,7 @@ order.
   characterization test skeleton. It does not prove protocol correctness.
 - Known remaining P0 blockers include broader payment accounting and
   cross-contract invariants, fuller randomizer reserve lifecycle accounting,
-  metadata state work, untriaged static analysis findings, missing invariants,
+  metadata state work, remaining static analysis findings, missing invariants,
   broader production governance, and missing deployment discipline.
   Drop authorization now uses EIP-712 with EOA and ERC-1271 support; auction
   custody, settlement state, outbid refunds, auction-local settlement credits,
@@ -32,15 +32,16 @@ order.
   coverage. P0-RAND-001 through P0-RAND-007 randomizer lifecycle, callback,
   migration, failed-state, retry, and raw-output-hash work now have
   target-state coverage for VRF and arRNG adapters. P0-META-001 dependency
-  script segment-safe encoding now has typed chunk/content hash coverage.
+  script segment-safe encoding now has typed chunk/content hash coverage, and
+  P0-CORE-001 removed dead always-zero public/allowlist mint-accounting state.
 - Public docs must describe actual on-chain behavior, not intended product
   behavior.
 
 ### Verification Metadata
 
 | Field | Value |
 | --- | --- |
-| Last verified | `2026-06-10 18:18 UTC` local Windows PR candidate validation; CI TBD |
+| Last verified | `2026-06-10 18:43 UTC` local Windows PR candidate validation; CI TBD |
 | OS tested | Windows / Linux |
 | Foundry version | `v1.7.1` |
 | Solidity compiler version | `0.8.19` |
@@ -53,9 +54,9 @@ order.
 | Area | Current status | Evidence | Required before public beta |
 | --- | --- | --- | --- |
 | Build | Passes with warnings when `forge` is invoked through the installed binary path | `forge build` | Build passes in CI and locally with warnings burned down or documented |
-| Unit/integration tests | Tests cover admin guards, target-scoped function-admin permission regressions, domain-scoped pause controls, EIP-712/ERC-1271 drop authorization, auction custody and payment credits, fixed-price pull-payment credits, curator reward credits, current emergency-withdrawal boundaries, randomizer lifecycle/callback validation, randomness/pending metadata behavior, raw-output hash storage, and dependency-script encoding hashes; broader P0/P1 tests are missing | `forge test -vvv` | P0 regression and integration suite exists |
+| Unit/integration tests | Tests cover admin guards, target-scoped function-admin permission regressions, domain-scoped pause controls, EIP-712/ERC-1271 drop authorization, auction custody and payment credits, fixed-price pull-payment credits, curator reward credits, current emergency-withdrawal boundaries, randomizer lifecycle/callback validation, randomness/pending metadata behavior, raw-output hash storage, dependency-script encoding hashes, and retained airdrop mint-accounting behavior; broader P0/P1 tests are missing | `forge test -vvv` | P0 regression and integration suite exists |
 | Formatting | Fails broadly | `forge fmt --check smart-contracts` | Passing, or vendored exclusions documented |
-| Static analysis | Runs with a tracked but unaccepted baseline: 685 total findings, including 8 High and 28 Medium | `slither . --config-file slither.config.json --foundry-compile-all` and `ops/SLITHER_BASELINE.md` | High/medium findings fixed, accepted, or documented |
+| Static analysis | Runs with a tracked but unaccepted baseline: 680 total findings, including 6 High and 28 Medium | `slither . --config-file slither.config.json --foundry-compile-all` and `ops/SLITHER_BASELINE.md` | High/medium findings fixed, accepted, or documented |
 | Deployment | Missing | no meaningful `script/`/manifest process | Anvil deployment and fork rehearsal pass |
 | Docs | Partial README and roadmap only | manual inspection | Architecture, security, deployment, and protocol docs merged |
 | Release artifacts | Missing | no ABI/address/manifest release process | ABIs, manifests, checksums, and verified addresses published |
@@ -1937,16 +1938,16 @@ Current capture:
 - Compiler: Solidity `0.8.19`.
 - Command: `slither . --config-file slither.config.json --foundry-compile-all --json <temp-file>`.
 - Status: baseline captured, not accepted as a CI gate.
-- Result: 685 findings, including 8 High and 28 Medium.
+- Result: 680 findings, including 6 High and 28 Medium.
 
 Impact summary:
 
 | Impact | Count |
 | --- | ---: |
-| High | 8 |
+| High | 6 |
 | Medium | 28 |
 | Low | 63 |
-| Informational | 580 |
+| Informational | 577 |
 | Optimization | 6 |
 
 High/medium detector summary:
@@ -1958,7 +1959,7 @@ High/medium detector summary:
 | `incorrect-exp` | High | 1 | vendored `Math.mulDiv` | Needs Issue | [#11](https://github.com/6529-Collections/6529Stream/issues/11) | Confirm likely false positive against pinned upstream or replace vendored library |
 | `reentrancy-eth` | High | 0 current / 1 fixed | auction bidding | Fixed | [#12](https://github.com/6529-Collections/6529Stream/issues/12) | Replaced bid-path push refunds with bidder pull credits and state-before-withdrawal flow |
 | `suicidal` | High | 3 | test-only forced-ETH helpers | Accepted | Accepted test-only | Intentionally retained for forced-ETH accounting tests under Solidity 0.8.19 |
-| `uninitialized-state` | High | 2 | mint-accounting mappings | Open | [#13](https://github.com/6529-Collections/6529Stream/issues/13) | Initialize, remove, or complete design |
+| `uninitialized-state` | High | 0 current / 2 fixed | mint-accounting mappings | Fixed | [#13](https://github.com/6529-Collections/6529Stream/issues/13) | Removed never-written public/allowlist mint-count mappings and kept retained airdrop-counter regression coverage |
 | `weak-prng` | High | 2 | word pool randomness helpers | Open | [#14](https://github.com/6529-Collections/6529Stream/issues/14) | ADR 0005 requires removal, test/demo scoping, or production-disablement before Gate C |
 | `divide-before-multiply` | Medium | 9 | vendored math/base64 helpers | Needs Issue | [#11](https://github.com/6529-Collections/6529Stream/issues/11) | Confirm likely false positive against pinned upstream or replace vendored library |
 | `incorrect-equality` | Medium | 1 | test-only malleable-signature helper | Accepted | Accepted test-only | Keep scoped to test-only EIP-712 negative coverage |
@@ -2005,7 +2006,7 @@ Status values: `Missing`, `Planned`, `In Progress`, `Passing`, `Blocked`.
 | ERC-4906 metadata signaling | `supportsInterface(0x49064906)` succeeds and `MetadataUpdate` / `BatchMetadataUpdate` emit only when token JSON metadata changes | `test/StreamMetadataEvents.t.sol` | Missing | [`P1-META-004`](https://github.com/6529-Collections/6529Stream/issues/49) | Gate D | TBD |
 | Dependency script packed encoding | Dependency script retrieval uses safe typed concatenation/hash encoding and cannot collide across script segments | `test/StreamMetadataEncoding.t.sol` | Passing: typed chunk/content hashes include dependency key, chunk count, chunk index, chunk byte length, and chunk content hash; ambiguous chunk splits that render the same JavaScript produce distinct content hashes while preserving rendered-script compatibility; zero-chunk dependency hashes are deterministic | [`P0-META-001`](https://github.com/6529-Collections/6529Stream/issues/9), [`P1-META-003`](https://github.com/6529-Collections/6529Stream/issues/48) | Gate C/Gate D | TBD |
 | Deployment redeployment rehearsal | Deployment manifests, ABI hashes, admin ceremony, signer setup, deprecation checks, and emergency redeployment rehearsal follow ADR 0007 | `test/StreamDeploymentManifest.t.sol` and `script/RehearseDeployment.s.sol` | Missing | [`P2-UPGRADE-ADR`](https://github.com/6529-Collections/6529Stream/issues/53) | Gate E/Gate G | TBD |
-| Mint-accounting state | Mint counters initialize and update according to the accepted drop/mint accounting design | `test/StreamMintAccounting.t.sol` | Missing | [`P0-CORE-001`](https://github.com/6529-Collections/6529Stream/issues/13) | Gate C | TBD |
+| Mint-accounting state | Dead counters are removed or retained counters initialize and update according to the accepted drop/mint accounting design | `test/StreamMintAccounting.t.sol` | Passing: removed never-written public/allowlist mint-count mappings and retrieval APIs; retained airdrop counter starts at zero, increments on authorized minter calls, and remains unchanged on unauthorized mint attempts | [`P0-CORE-001`](https://github.com/6529-Collections/6529Stream/issues/13) | Gate C | TBD |
 | Uninitialized local findings | First-party default-local behavior is explicit, removed, or covered by targeted regressions | `test/StreamInitialization.t.sol` | Missing | [`P0-INIT-001`](https://github.com/6529-Collections/6529Stream/issues/15) | Gate C | TBD |
 | Curator double claim | Valid claim succeeds once and second claim fails | `test/StreamCuratorsPool.t.sol` | Passing for P0-PAY-005: valid claims create credits and duplicate claims fail without increasing credit | [`P0-PAY-005`](https://github.com/6529-Collections/6529Stream/issues/29) | Gate C/Gate D | TBD |
 | Merkle leaf ambiguity | Duplicate or ambiguous leaves cannot double claim | `test/StreamCuratorsPool.t.sol` | In Progress: reward leaves use `abi.encode`-based hashing for reward address, collection ID, and amount; root epoch/domain expansion remains future curator metadata work | [`P0-PAY-005`](https://github.com/6529-Collections/6529Stream/issues/29), `P1-CURATOR-*` | Gate D | TBD |