feat(solidity): bridge fee quote contract

[zakir-code]

Summary by CodeRabbit

• New Features

  • Introduced BridgeFeeOracle and BridgeFeeQuote smart contracts for managing oracle activity and fee quotes in a blockchain bridge context.
  • Added functionalities for initializing contracts, managing oracle statuses, and retrieving quotes.
  • Implemented interfaces for seamless integration of fee management features.

• Bug Fixes

  • Enhanced error handling and state management for oracles and quotes.

• Tests

  • Established a comprehensive testing framework for the BridgeFeeQuote contract, ensuring robust functionality and reliability.

[coderabbitai]

Walkthrough

This pull request introduces three new smart contracts: BridgeFeeOracle, BridgeFeeQuote, and IBridgeFee, along with a test contract BridgeFeeQuoteTest and a TypeScript test suite. The BridgeFeeOracle contract manages oracle statuses and provides functionalities for blacklisting and setting default oracles. The BridgeFeeQuote contract handles fee quotes, enabling registration of chains and tokens, and quote management. The IBridgeFee interface defines the structure and functions for interacting with these contracts. The changes establish a comprehensive framework for managing oracles and fee quotes in a blockchain bridge context.

Changes

File Path	Change Summary
solidity/contracts/bridge/BridgeFeeOracle.sol	Added BridgeFeeOracle contract with functionalities for oracle management and upgradeability.
solidity/contracts/bridge/BridgeFeeQuote.sol	Added BridgeFeeQuote contract for managing fee quotes and related functionalities.
solidity/contracts/bridge/IBridgeFee.sol	Introduced IBridgeFeeQuote and IBridgeFeeOracle interfaces with relevant functions.
solidity/contracts/test/BridgeFeeQuoteTest.sol	Created BridgeFeeQuoteTest contract for managing oracle states and their statuses.
solidity/test/bridge_fee_quote.ts	Added a test suite for BridgeFeeQuote, covering various functionalities and helper methods.

Possibly related PRs

• test(solidity): submit bridge call #451: The PR involves testing functionalities related to submitting bridge calls, which may interact with the BridgeFeeOracle contract's management of oracles in a cross-chain context.

"In the land of code where the oracles play,
New contracts emerge, brightening the day.
With fees and quotes, oh what a sight,
Managing oracles, everything feels right!
In tests we trust, with each little hop,
A bridge to the future, we never will stop!" 🐇✨

---

Thank you for using CodeRabbit. We offer it for free to the OSS community and would appreciate your support in helping us grow. If you find it useful, would you consider giving us a shout-out on your favorite social media?

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

🪧 Tips

Chat

There are 3 ways to chat with CodeRabbit:

• Review comments: Directly reply to a review comment made by CodeRabbit. Example:
  • I pushed a fix in commit <commit_id>, please review it.
  • Generate unit testing code for this file.
  • Open a follow-up GitHub issue for this discussion.
• Files and specific lines of code (under the "Files changed" tab): Tag @coderabbitai in a new review comment at the desired location with your query. Examples:
  • @coderabbitai generate unit testing code for this file.
  • @coderabbitai modularize this function.
• PR comments: Tag @coderabbitai in a new PR comment to ask questions about the PR branch. For the best results, please provide a very specific query, as very limited context is provided in this mode. Examples:
  • @coderabbitai gather interesting stats about this repository and render them as a table. Additionally, render a pie chart showing the language distribution in the codebase.
  • @coderabbitai read src/utils.ts and generate unit testing code.
  • @coderabbitai read the files in the src/scheduler package and generate a class diagram using mermaid and a README in the markdown format.
  • @coderabbitai help me debug CodeRabbit configuration file.

Note: Be mindful of the bot's finite context window. It's strongly recommended to break down tasks such as reading entire modules into smaller chunks. For a focused discussion, use review comments to chat about specific files and their changes, instead of using the PR comments.

CodeRabbit Commands (Invoked using PR comments)

• @coderabbitai pause to pause the reviews on a PR.
• @coderabbitai resume to resume the paused reviews.
• @coderabbitai review to trigger an incremental review. This is useful when automatic reviews are disabled for the repository.
• @coderabbitai full review to do a full review from scratch and review all the files again.
• @coderabbitai summary to regenerate the summary of the PR.
• @coderabbitai resolve resolve all the CodeRabbit review comments.
• @coderabbitai configuration to show the current CodeRabbit configuration for the repository.
• @coderabbitai help to get help.

Other keywords and placeholders

• Add @coderabbitai ignore anywhere in the PR description to prevent this PR from being reviewed.
• Add @coderabbitai summary to generate the high-level summary at a specific location in the PR description.
• Add @coderabbitai anywhere in the PR title to generate the title automatically.

CodeRabbit Configuration File (.coderabbit.yaml)

• You can programmatically configure CodeRabbit by adding a .coderabbit.yaml file to the root of your repository.
• Please see the configuration documentation for more information.
• If your editor has YAML language server enabled, you can add the path at the top of this file to enable auto-completion and validation: # yaml-language-server: $schema=https://coderabbit.ai/integrations/schema.v2.json

Documentation and Community

• Visit our Documentation for detailed information on how to use CodeRabbit.
• Join our Discord Community to get help, request features, and share feedback.
• Follow us on X/Twitter for updates and announcements.

[coderabbitai]

Actionable comments posted: 16

🧹 Outside diff range and nitpick comments (7)

solidity/contracts/test/BridgeFeeQuoteTest.sol (2)

1-4: Consider specifying a more appropriate license and addressing the linter disable comment.

1. The UNLICENSED SPDX identifier is typically used for private or proprietary code. If this contract is intended to be open source, consider using a more appropriate open-source license.

2. The solhint-disable custom-errors comment is disabling a linter rule. It's generally better to address linter warnings rather than disabling them. Consider implementing custom errors instead of disabling the linter rule.

---

1-31: Overall, the contract is well-structured but could benefit from some refinements.

The BridgeFeeQuoteTest contract provides a simple implementation for managing oracle statuses. It's generally well-structured and serves its purpose as a test contract. However, consider the following improvements:

1. Choose a more appropriate license if this is intended to be open-source.
2. Address the linter disable comment by implementing custom errors.
3. Add access control to the setOracle function if this contract evolves beyond testing.
4. Remove or document the unused string parameters in hasOracle and isOracleOnline.
5. Add comments explaining the purpose of each function and any non-obvious implementation details.

These changes will improve the contract's clarity, maintainability, and readiness for potential future use beyond testing.

solidity/test/bridge_fee_quote.ts (3)

28-29: Clarify the use of signers as tokens

Using signer addresses (token1.address, token2.address) as token addresses may be confusing. Consider using mock token contracts or renaming variables for clarity.

Example:

- [owner, token1, token2] = await ethers.getSigners();
+ [owner, signer1, signer2] = await ethers.getSigners();
+ const mockTokenFactory = await ethers.getContractFactory("MockToken");
+ const token1 = await mockTokenFactory.deploy();
+ const token2 = await mockTokenFactory.deploy();

---

172-176: Avoid reusing signer addresses as token addresses

In this loop, signer addresses are used as token addresses. It's better to deploy mock token contracts to represent different tokens.

Consider modifying the loop to deploy mock tokens:

 let tokens: AddressLike[] = [];
 for (let i = 0; i < number; i++) {
-  tokens.push(singers[i + 10].address);
+  const mockToken = await mockTokenFactory.deploy();
+  tokens.push(mockToken.address);
 }

---

166-166: Improve test description for clarity

The test description "test 1 ~ 5 quote gas limit" is unclear. A more descriptive title enhances readability.

Update the test description:

- it("test 1 ~ 5 quote gas limit", async function () {
+ it("should handle multiple quotes efficiently", async function () {

solidity/contracts/bridge/BridgeFeeQuote.sol (1)

309-323: Remove unused function hasActiveQuote or implement its usage

The function hasActiveQuote is defined but not used within the contract. If it's not required, consider removing it to simplify the codebase. If it will be used in the future, add a comment explaining its intended purpose.

solidity/contracts/bridge/BridgeFeeOracle.sol (1)

8-8: Ensure consistency between interface names and file names

The imported interface IBridgeFeeOracle is located in a file named IBridgeFee.sol. For better maintainability and to avoid confusion, consider renaming the file to IBridgeFeeOracle.sol to match the interface name.

📜 Review details

Configuration used: CodeRabbit UI
Review profile: CHILL

📥 Commits

Files that changed from the base of the PR and between 7fd9cc7 and 9243298.

📒 Files selected for processing (5)

• solidity/contracts/bridge/BridgeFeeOracle.sol (1 hunks)
• solidity/contracts/bridge/BridgeFeeQuote.sol (1 hunks)
• solidity/contracts/bridge/IBridgeFee.sol (1 hunks)
• solidity/contracts/test/BridgeFeeQuoteTest.sol (1 hunks)
• solidity/test/bridge_fee_quote.ts (1 hunks)

🧰 Additional context used

🔇 Additional comments (6)

solidity/contracts/test/BridgeFeeQuoteTest.sol (4)

7-10: LGTM: OracleState struct is well-defined.

The OracleState struct is simple, clear, and appropriate for its purpose. The use of boolean fields for registered and online statuses is a good choice for representing binary states.

---

12-12: LGTM: oracleStatus mapping is well-defined.

The oracleStatus mapping is appropriately defined as public, allowing efficient lookup of oracle states by address. The naming is clear and consistent with the OracleState struct it uses.

---

18-30: ⚠️ Potential issue

Remove unused parameter and consider adding comments for clarity.

The hasOracle and isOracleOnline functions are correctly implemented to return the respective status from the oracleStatus mapping. However, there's an unused string parameter in both functions. This could indicate a missing implementation detail or a leftover from a previous design.

1. Consider removing the unused string parameter from both functions if it's not needed.
2. If the parameter is intended for future use or has a specific purpose, add a comment explaining its intended use to improve code clarity.

Example refactor for hasOracle (apply similar changes to isOracleOnline):

 function hasOracle(
-    string memory,
     address _externalAddress
 ) external view returns (bool _result) {
     return oracleStatus[_externalAddress].registered;
 }

#!/bin/bash
# Check if there are any other unused parameters in the contract
ast-grep --lang solidity --pattern 'function $FUNC_NAME($PARAMS) $MODIFIERS {
  $$$
}' solidity/contracts/test/BridgeFeeQuoteTest.sol | rg -i 'function.*memory.*{'

---

14-16: LGTM: setOracle function is correctly implemented, but consider access control.

The setOracle function correctly updates the oracleStatus mapping. However, note that there's no access control on this function. While this might be intentional for a test contract, in a production environment, you'd want to restrict who can call this function to prevent unauthorized changes to oracle statuses.

solidity/test/bridge_fee_quote.ts (2)

245-248: Review the message hashing mechanism

The custom hashing with solidityPackedKeccak256 and manual prefixing may not comply with Ethereum's standard message signing. Using wallet.signMessage handles the hashing and prefixing appropriately.

To confirm the correct message is being signed, consider outputting the message and comparing it with expected values.

---

251-254: Verify the correctness of 'v' value in the signature

The handling of the v value might be incorrect. Ensure that the v component of the signature corresponds accurately to the expected values (27 or 28).

Run the following script to confirm the v values:

This script checks the v value in a standard signature for comparison.