fix(contracts-rfq): FastBridge V2 prove race condition

[ChiTimesChi]

Description

This PR adds the concept of "dispute penalty time":

• Whenever a bridge request is getting disputed, the prover that submitted the proof for it loses their prover privileges for a predetermined disputePenaltyTime.
  • This happens automatically does not require any additional actions from the Guard.
  • The edge case where the prover has already been removed by the time of dispute is handled gracefully.
• The dispute penalty time can be updated by the contract's governor.
• Additionally, the prover that provided the proof for a bridge transaction is now exposed as part of BridgeTxDetails
• Same as before, the contract's role admin is able to add and remove provers by using new exposed methods instead of grantRole().

Summary by CodeRabbit

Release Notes

• New Features

  • Enhanced prover management with new functions to add and remove provers.
  • Introduced new events for tracking prover activities and dispute penalties.
  • Added functionality for setting and querying prover timeouts.

• Bug Fixes

  • Improved error handling for prover management scenarios.

• Documentation

  • Updated interfaces to reflect new functions and events related to prover management.

• Tests

  • Expanded test coverage for prover management functionalities and timeout scenarios.

[coderabbitai]

Walkthrough

The changes in this pull request introduce significant enhancements to the AdminV2 and FastBridgeV2 contracts, focusing on prover management and transaction handling. A new struct ProverInfo is added to manage prover data, while several functions for adding, removing, and querying provers are introduced. The FastBridgeV2 contract sees modifications in transaction details, particularly with the handling of prover IDs and proof timestamps. Additionally, interfaces and error handling are updated to support these new functionalities, ensuring robust management of prover states and transaction processes.

Changes

File Path	Change Summary
packages/contracts-rfq/contracts/AdminV2.sol	Added ProverInfo struct, removed PROVER_ROLE, added constants for timeouts, and multiple functions for managing provers.
packages/contracts-rfq/contracts/FastBridgeV2.sol	Updated proveV2 function to allow any user with a valid prover ID, added proverID to dispute, changed proofBlockTimestamp type.
packages/contracts-rfq/contracts/interfaces/IAdminV2.sol	Added events and functions for managing provers, including addProver, removeProver, and various getter functions.
packages/contracts-rfq/contracts/interfaces/IAdminV2Errors.sol	Added error declarations for improved prover management error handling.
packages/contracts-rfq/contracts/interfaces/IFastBridgeV2.sol	Updated BridgeTxDetails struct and added BridgeParamsV2 struct for enhanced transaction handling.
packages/contracts-rfq/foundry.toml	Added gas_limit configuration parameter.
packages/contracts-rfq/test/FastBridgeV2.Management.t.sol	Removed IAdminV2Errors interface, added new prover management functions and constants, updated tests accordingly.
packages/contracts-rfq/test/FastBridgeV2.Src.Base.t.sol	Added DISPUTE_PENALTY_TIME constant, updated role management in configureFastBridge.
packages/contracts-rfq/test/FastBridgeV2.Src.t.sol	Added event for prover timeout, updated functions to include proverID checks.
packages/contracts-rfq/test/FastBridgeV2.t.sol	Updated to include IAdminV2Errors interface for enhanced error management.
packages/contracts-rfq/test/integration/FastBridgeV2.MulticallTarget.t.sol	Changed role management from grantRole to addProver.
packages/contracts-rfq/test/integration/TokenZapV1.t.sol	Updated role management from grantRole to addProver.

Possibly related PRs

• prove w/ tx id [SLT-181] #3169: Modifications to the prove function in FastBridgeV2 related to prover information handling.
• store relayer on relay [SLT-182] #3170: Updates in FastBridgeV2 for storing detailed relay information, aligning with prover management enhancements.
• fix(contracts-core): set very high gas limit for intensive tests [SLT-259] #3186: Changes regarding gas limits and testing configurations that may relate to overall functionality improvements.
• feat(contracts-rfq): relayer exclusivity [SLT-187] #3202: Introduction of new parameters for bridge transactions, connecting to prover management enhancements.
• feat(contracts-rfq): arbitrary calls without additional native value [SLT-233] #3215: Enhancements in bridge functionality related to prover information.
• feat(contracts-rfq): arbitrary call with value [SLT-233] [SLT-318] #3246: Addition of callValue and callParams to bridge transactions, related to prover management updates.
• fix dispute emit & revamp deposit xfer [SLT-295] [SLT-326] #3293: Updates to the FastBridgeV2 contract's dispute and refund functionalities connecting to prover management.
• feat(contracts-rfq): save destination chain ID for requested bridges [SLT-423] #3356: Changes in timestamp handling related to transaction details, connecting to prover management.
• refactor(contracts-rfq): fix compiler warnings in tests #3357: Focus on improving variable naming and clarity, aligning with the main PR's goals.
• refactor(contracts-rfq): docs cleanup [SLT-493] #3405: Documentation cleanup improving clarity around contract functionality related to prover management.
• refactor(contracts-rfq): reorganise imports #3409: Reorganization of imports reflecting ongoing codebase improvements supporting prover management.
• refactor(contracts-rfq): mark new methods as V2 #3410: Marking new methods as V2, aligning with FastBridgeV2 functionality enhancements.

Suggested reviewers

• parodime
• trajan0x

🐰 In the land of code, where changes bloom,
Provers now managed, dispelling the gloom.
With functions anew and constants in place,
We hop towards progress, quickening our pace.
So gather your bytes, let transactions take flight,
For the future is bright, and our code feels just right! 🌟

---

Thank you for using CodeRabbit. We offer it for free to the OSS community and would appreciate your support in helping us grow. If you find it useful, would you consider giving us a shout-out on your favorite social media?

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

🪧 Tips

Chat

There are 3 ways to chat with CodeRabbit:

• Review comments: Directly reply to a review comment made by CodeRabbit. Example:
  • I pushed a fix in commit <commit_id>, please review it.
  • Generate unit testing code for this file.
  • Open a follow-up GitHub issue for this discussion.
• Files and specific lines of code (under the "Files changed" tab): Tag @coderabbitai in a new review comment at the desired location with your query. Examples:
  • @coderabbitai generate unit testing code for this file.
  • @coderabbitai modularize this function.
• PR comments: Tag @coderabbitai in a new PR comment to ask questions about the PR branch. For the best results, please provide a very specific query, as very limited context is provided in this mode. Examples:
  • @coderabbitai gather interesting stats about this repository and render them as a table. Additionally, render a pie chart showing the language distribution in the codebase.
  • @coderabbitai read src/utils.ts and generate unit testing code.
  • @coderabbitai read the files in the src/scheduler package and generate a class diagram using mermaid and a README in the markdown format.
  • @coderabbitai help me debug CodeRabbit configuration file.

Note: Be mindful of the bot's finite context window. It's strongly recommended to break down tasks such as reading entire modules into smaller chunks. For a focused discussion, use review comments to chat about specific files and their changes, instead of using the PR comments.

CodeRabbit Commands (Invoked using PR comments)

• @coderabbitai pause to pause the reviews on a PR.
• @coderabbitai resume to resume the paused reviews.
• @coderabbitai review to trigger an incremental review. This is useful when automatic reviews are disabled for the repository.
• @coderabbitai full review to do a full review from scratch and review all the files again.
• @coderabbitai summary to regenerate the summary of the PR.
• @coderabbitai resolve resolve all the CodeRabbit review comments.
• @coderabbitai configuration to show the current CodeRabbit configuration for the repository.
• @coderabbitai help to get help.

Other keywords and placeholders

• Add @coderabbitai ignore anywhere in the PR description to prevent this PR from being reviewed.
• Add @coderabbitai summary to generate the high-level summary at a specific location in the PR description.
• Add @coderabbitai anywhere in the PR title to generate the title automatically.

Documentation and Community

• Visit our Documentation for detailed information on how to use CodeRabbit.
• Join our Discord Community to get help, request features, and share feedback.
• Follow us on X/Twitter for updates and announcements.

[cloudflare-workers-and-pages]

Deploying sanguine-fe with    Cloudflare Pages

Latest commit:	6fdaec3
Status:	✅  Deploy successful!
Preview URL:	https://e318b026.sanguine-fe.pages.dev
Branch Preview URL:	https://fix-fbv2-prove-race.sanguine-fe.pages.dev

View logs

[codecov]

Codecov Report

All modified and coverable lines are covered by tests ✅

Please upload report for BASE (master@9fe5765). Learn more about missing BASE report.
Report is 26 commits behind head on master.

Additional details and impacted files

@@             Coverage Diff              @@
##             master       #3435   +/-   ##
============================================
  Coverage          ?   98.78296%           
============================================
  Files             ?           9           
  Lines             ?         493           
  Branches          ?           0           
============================================
  Hits              ?         487           
  Misses            ?           6           
  Partials          ?           0           

Flag	Coverage Δ
solidity	98.78296% <100.00000%> (?)

Flags with carried forward coverage won't be shown. Click here to find out more.

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

[coderabbitai]

Actionable comments posted: 6

🧹 Outside diff range and nitpick comments (6)

packages/contracts-rfq/contracts/interfaces/IFastBridgeV2.sol (1)

Line range hint 23-37: Use uint256 instead of int256 for quoteExclusivitySeconds.

The quoteExclusivitySeconds field represents a duration and should not have negative values. Using uint256 ensures that only non-negative values are accepted, preventing potential errors due to negative durations.

Apply this diff to correct the type:

 struct BridgeParamsV2 {
     address quoteRelayer;
-    int256 quoteExclusivitySeconds;
+    uint256 quoteExclusivitySeconds;
     bytes quoteId;
     uint256 zapNative;
     bytes zapData;
 }

packages/contracts-rfq/contracts/AdminV2.sol (1)

21-29: Optimize storage by packing struct variables efficiently.

In the ProverInfo struct, consider reordering the variables to optimize storage. Placing smaller types together can reduce the storage slots used.

Apply this diff to reorder the struct fields:

 struct ProverInfo {
-    uint16 id;
-    uint240 activeFromTimestamp;
+    uint240 activeFromTimestamp;
+    uint16 id;
 }

This change can help in reducing gas costs associated with storage operations.

packages/contracts-rfq/test/FastBridgeV2.Management.t.sol (1)

16-18: Recommend adding comments explaining new constants.

The constants MIN_PROVER_TIMEOUT and DEFAULT_PROVER_TIMEOUT have been introduced. Adding comments explaining their purpose enhances code readability and maintainability.

Apply this diff to add comments:

+// Minimum timeout duration for a prover
 uint256 public constant MIN_PROVER_TIMEOUT = 1 minutes;
+// Default timeout duration for a prover
 uint256 public constant DEFAULT_PROVER_TIMEOUT = 30 minutes;

packages/contracts-rfq/contracts/interfaces/IAdminV2Errors.sol (1)

7-10: Consolidate error declarations for clarity.

Consider grouping related error declarations together and adding comments for better readability.

Apply this diff to group prover-related errors:

 error CancelDelayBelowMin();
 error FeeRateAboveMax();
+// Prover-related errors
 error ProverAlreadyActive();
 error ProverCapacityExceeded();
 error ProverNotActive();
 error ProverTimeoutBelowMin();

packages/contracts-rfq/contracts/interfaces/IAdminV2.sol (2)

14-18: Consider adding validation requirements in function documentation

The admin functions for adding/removing provers should document any address validation requirements (e.g., non-zero address checks).

---

38-44: Consider documenting return value behavior for edge cases

The view function documentation should specify the return values for edge cases (e.g., when prover address is zero or invalid).

📜 Review details

Configuration used: .coderabbit.yaml
Review profile: CHILL

📥 Commits

Reviewing files that changed from the base of the PR and between 9fe5765 and 2f300e6.

📒 Files selected for processing (12)

• packages/contracts-rfq/contracts/AdminV2.sol (5 hunks)
• packages/contracts-rfq/contracts/FastBridgeV2.sol (4 hunks)
• packages/contracts-rfq/contracts/interfaces/IAdminV2.sol (2 hunks)
• packages/contracts-rfq/contracts/interfaces/IAdminV2Errors.sol (1 hunks)
• packages/contracts-rfq/contracts/interfaces/IFastBridgeV2.sol (1 hunks)
• packages/contracts-rfq/foundry.toml (1 hunks)
• packages/contracts-rfq/test/FastBridgeV2.Management.t.sol (7 hunks)
• packages/contracts-rfq/test/FastBridgeV2.Src.Base.t.sol (2 hunks)
• packages/contracts-rfq/test/FastBridgeV2.Src.t.sol (24 hunks)
• packages/contracts-rfq/test/FastBridgeV2.t.sol (2 hunks)
• packages/contracts-rfq/test/integration/FastBridgeV2.MulticallTarget.t.sol (1 hunks)
• packages/contracts-rfq/test/integration/TokenZapV1.t.sol (1 hunks)

🧰 Additional context used

📓 Learnings (2)

packages/contracts-rfq/test/FastBridgeV2.Src.Base.t.sol (1)

Learnt from: ChiTimesChi
PR: synapsecns/sanguine#3284
File: packages/contracts-rfq/test/FastBridgeV2.t.sol:53-56
Timestamp: 2024-11-12T03:37:02.230Z
Learning: Modifying test utility contracts in the `test` directory is unnecessary and would only pollute the code.

packages/contracts-rfq/contracts/FastBridgeV2.sol (1)

Learnt from: ChiTimesChi
PR: synapsecns/sanguine#3284
File: packages/contracts-rfq/contracts/FastBridgeV2.sol:100-118
Timestamp: 2024-11-12T03:37:08.148Z
Learning: When reviewing code in `packages/contracts-rfq/contracts/FastBridgeV2.sol` (Solidity), focus on changes introduced in the PR and avoid commenting on existing functions like `refund` if they are not modified by the PR, as such comments are considered out of scope.

🔇 Additional comments (13)

packages/contracts-rfq/test/integration/TokenZapV1.t.sol (1)

48-48: LGTM! The change correctly uses the new prover management API.

The update from grantRole() to addProver() aligns with the new prover management system introduced in FastBridge V2.

packages/contracts-rfq/contracts/interfaces/IFastBridgeV2.sol (1)

18-19: Verify the sufficiency of uint40 for proofBlockTimestamp and potential risks.

The proofBlockTimestamp type has been changed from uint56 to uint40, which reduces the maximum representable timestamp. Ensure that uint40 is sufficient to store timestamps for the expected lifespan of the contract to prevent any overflow issues in the future.

Run the following script to calculate the maximum date representable by uint40:

This will help confirm that the uint40 type is adequate for the application's needs.

✅ Verification successful

uint40 is sufficient for timestamp storage until year 36812

The uint40 type can store timestamps until February 20, 36812, which provides an extremely generous time buffer of over 34,000 years from now. This is more than sufficient for any practical blockchain application, making the reduction from uint56 a safe optimization that won't cause overflow issues in the foreseeable future.

🏁 Scripts executed

The following scripts were executed for the analysis:

Script:

#!/bin/bash
# Description: Calculate the maximum date that can be stored in a uint40 (in years from Unix epoch)

# uint40 max value
MAX_UINT40=$((2**40 - 1))

# Calculate the maximum date
date -d "@$MAX_UINT40" +"%Y-%m-%d %H:%M:%S"

Length of output: 93

packages/contracts-rfq/contracts/AdminV2.sol (2)

93-109: Check for potential reentrancy in addProver function.

The addProver function updates state variables and emits events. Ensure that there are no external calls before state changes are completed to prevent reentrancy attacks.

---

198-212: Ensure safe arithmetic operations in _applyTimeoutPenalty.

When calculating newActiveFromTimestamp, make sure that the addition of proverTimeout to block.timestamp cannot overflow.

Since Solidity 0.8.x handles integer overflows with built-in checks, confirm that proverTimeout is within acceptable bounds to prevent any unexpected behavior.

packages/contracts-rfq/test/FastBridgeV2.Management.t.sol (1)

188-191: Handle edge cases in test_addProver_revertAlreadyActive.

Ensure that attempting to add an already active prover gracefully reverts with the appropriate error message.

Run tests to confirm that the correct error (ProverAlreadyActive) is thrown when expected.

packages/contracts-rfq/contracts/FastBridgeV2.sol (1)

356-367: Verify prover authentication in proveV2 function.

The proveV2 function now relies on getActiveProverID(msg.sender) instead of role-based access control. Ensure that this change does not introduce security vulnerabilities and that only valid, active provers can call this function.

Run the following script to check for any functions where inactive provers might bypass authentication:

Confirm that all functions interacting with provers correctly validate their active status.

packages/contracts-rfq/foundry.toml (1)

10-10: Consider using a more realistic gas limit

The current gas limit (2^63 - 1) is extremely high and could mask potential gas-related issues during testing. Consider using a value closer to real network limits (e.g., Ethereum mainnet's ~30M) to catch potential out-of-gas scenarios early.

packages/contracts-rfq/contracts/interfaces/IAdminV2.sol (2)

10-12: LGTM! Events provide good transparency

The events properly track prover lifecycle changes, enhancing transparency and auditability.

---

24-27: LGTM! Clear documentation of prover timeout mechanism

The documentation clearly explains the purpose and behavior of the prover timeout mechanism.

packages/contracts-rfq/test/FastBridgeV2.Src.Base.t.sol (2)

14-14: LGTM! Well-chosen test constant

The PROVER_TIMEOUT value (4.2 minutes) differs from default values, which helps verify correct configuration in tests.

---

30-38: LGTM! Proper test configuration

The configuration properly sets up the new prover management system and timeout mechanism. The changes align with the interface updates in IAdminV2.

packages/contracts-rfq/test/FastBridgeV2.t.sol (2)

12-12: LGTM: Import aligns with new prover management features

The addition of IAdminV2Errors import supports testing the new prover management functionality and error handling.

---

22-22: LGTM: Contract inheritance properly extended

The addition of IAdminV2Errors to the inheritance list enables testing of prover-related error cases, which is essential for validating the new prover timeout penalty mechanism.

[parodime]

only nit i have is PROVER_TIMEOUT labeling could maybe more straightforward

"DISPUTE_PENALTY_PERIOD" instead maybe?

LGTM otherwise

[ChiTimesChi]

@parodime sounds good, I updated the labeling and the PR description as well

[coderabbitai]

Actionable comments posted: 1

🧹 Outside diff range and nitpick comments (2)

packages/contracts-rfq/test/FastBridgeV2.Src.Base.t.sol (1)

30-38: Ensure consistent test configuration across inherited test contracts

The addition of addProver and setDisputePenaltyTime in the configureFastBridge function modifies the base test setup. If other test contracts inherit from FastBridgeV2SrcBaseTest, ensure they expect these configurations or consider encapsulating these setups within specific test contracts to prevent unintended side effects.

packages/contracts-rfq/contracts/FastBridgeV2.sol (1)

356-358: Consider additional validation for prover ID check.

While the strict equality check proverID == 0 works for the current implementation, consider adding a require statement with a more descriptive error message for better debugging.

-        if (proverID == 0) revert ProverNotActive();
+        require(proverID != 0, "FastBridgeV2: prover not active or has been removed");

🧰 Tools

🪛 GitHub Check: Slither

[warning] 356-371: Dangerous strict equalities
FastBridgeV2.proveV2(bytes32,bytes32,address) (contracts/FastBridgeV2.sol#356-371) uses a dangerous strict equality:
- proverID == 0 (contracts/FastBridgeV2.sol#358)

---

[notice] 356-371: Block timestamp
FastBridgeV2.proveV2(bytes32,bytes32,address) (contracts/FastBridgeV2.sol#356-371) uses timestamp for comparisons
Dangerous comparisons:
- proverID == 0 (contracts/FastBridgeV2.sol#358)

📜 Review details

Configuration used: .coderabbit.yaml
Review profile: CHILL

📥 Commits

Reviewing files that changed from the base of the PR and between 2f300e6 and 6fdaec3.

📒 Files selected for processing (7)

• packages/contracts-rfq/contracts/AdminV2.sol (5 hunks)
• packages/contracts-rfq/contracts/FastBridgeV2.sol (4 hunks)
• packages/contracts-rfq/contracts/interfaces/IAdminV2.sol (2 hunks)
• packages/contracts-rfq/contracts/interfaces/IAdminV2Errors.sol (1 hunks)
• packages/contracts-rfq/test/FastBridgeV2.Management.t.sol (7 hunks)
• packages/contracts-rfq/test/FastBridgeV2.Src.Base.t.sol (2 hunks)
• packages/contracts-rfq/test/FastBridgeV2.Src.t.sol (24 hunks)

🧰 Additional context used

📓 Learnings (2)

packages/contracts-rfq/test/FastBridgeV2.Src.Base.t.sol (2)

Learnt from: ChiTimesChi
PR: synapsecns/sanguine#3284
File: packages/contracts-rfq/contracts/FastBridgeV2.sol:100-118
Timestamp: 2024-11-12T03:37:08.148Z
Learning: When reviewing code in `packages/contracts-rfq/contracts/FastBridgeV2.sol` (Solidity), focus on changes introduced in the PR and avoid commenting on existing functions like `refund` if they are not modified by the PR, as such comments are considered out of scope.

Learnt from: ChiTimesChi
PR: synapsecns/sanguine#3284
File: packages/contracts-rfq/test/FastBridgeV2.t.sol:53-56
Timestamp: 2024-11-12T03:37:02.230Z
Learning: Modifying test utility contracts in the `test` directory is unnecessary and would only pollute the code.

packages/contracts-rfq/contracts/FastBridgeV2.sol (1)

Learnt from: ChiTimesChi
PR: synapsecns/sanguine#3284
File: packages/contracts-rfq/contracts/FastBridgeV2.sol:100-118
Timestamp: 2024-11-12T03:37:08.148Z
Learning: When reviewing code in `packages/contracts-rfq/contracts/FastBridgeV2.sol` (Solidity), focus on changes introduced in the PR and avoid commenting on existing functions like `refund` if they are not modified by the PR, as such comments are considered out of scope.

🪛 GitHub Check: Slither

packages/contracts-rfq/contracts/FastBridgeV2.sol

[warning] 356-371: Dangerous strict equalities
FastBridgeV2.proveV2(bytes32,bytes32,address) (contracts/FastBridgeV2.sol#356-371) uses a dangerous strict equality:
- proverID == 0 (contracts/FastBridgeV2.sol#358)

---

[notice] 356-371: Block timestamp
FastBridgeV2.proveV2(bytes32,bytes32,address) (contracts/FastBridgeV2.sol#356-371) uses timestamp for comparisons
Dangerous comparisons:
- proverID == 0 (contracts/FastBridgeV2.sol#358)

packages/contracts-rfq/contracts/AdminV2.sol

[warning] 112-118: Dangerous strict equalities
AdminV2.removeProver(address) (contracts/AdminV2.sol#112-118) uses a dangerous strict equality:
- getActiveProverID(prover) == 0 (contracts/AdminV2.sol#113)

---

[notice] 112-118: Block timestamp
AdminV2.removeProver(address) (contracts/AdminV2.sol#112-118) uses timestamp for comparisons
Dangerous comparisons:
- getActiveProverID(prover) == 0 (contracts/AdminV2.sol#113)

---

[warning] 189-196: Dangerous strict equalities
AdminV2.getActiveProverID(address) (contracts/AdminV2.sol#189-196) uses a dangerous strict equality:
- activeFromTimestamp == 0 || activeFromTimestamp > block.timestamp (contracts/AdminV2.sol#194)

---

[warning] 200-212: Dead-code
AdminV2._applyDisputePenaltyTime(uint16) (contracts/AdminV2.sol#200-212) is never used and should be removed

🔇 Additional comments (10)

packages/contracts-rfq/contracts/AdminV2.sol (1)

200-212: 🛠️ Refactor suggestion

Consider removing the unused function _applyDisputePenaltyTime

The internal function _applyDisputePenaltyTime is never called within the contract. Keeping unused code can lead to confusion and increases maintenance overhead. Consider removing this function if it is not intended for future use.

🧰 Tools

🪛 GitHub Check: Slither

[warning] 200-212: Dead-code
AdminV2._applyDisputePenaltyTime(uint16) (contracts/AdminV2.sol#200-212) is never used and should be removed

packages/contracts-rfq/test/FastBridgeV2.Src.t.sol (2)

376-387: Add a test case to verify prover reactivation after penalty time

The test_prove_revert_disputePenaltyTime function checks that a prover cannot prove during the penalty period. It would be beneficial to add a test confirming that the prover becomes active again and can successfully prove after DISPUTE_PENALTY_TIME has elapsed. This ensures the contract handles prover reactivation correctly.

---

517-527: Include a test for prover reactivation after penalty time in test_proveOther_revert_disputePenaltyTime

In test_proveOther_revert_disputePenaltyTime, the test verifies that a prover cannot prove during the penalty period after a dispute. Consider adding a test case to confirm that the prover can prove again once the DISPUTE_PENALTY_TIME has passed, ensuring proper reactivation logic.

packages/contracts-rfq/contracts/interfaces/IAdminV2Errors.sol (1)

7-10: LGTM

The addition of specific error types improves the contract's clarity and error handling. These errors provide precise feedback for different prover-related conditions.

packages/contracts-rfq/contracts/interfaces/IAdminV2.sol (1)

Line range hint 6-52: LGTM

The introduction of new events and functions for prover management enhances the contract's functionality and maintainability. The interface updates align with the changes in AdminV2.sol, facilitating proper interaction with provers and dispute penalty configurations.

packages/contracts-rfq/test/FastBridgeV2.Management.t.sol (3)

9-9: LGTM: Constants for dispute penalty time are well-defined.

The constants provide reasonable defaults:

• MIN_DISPUTE_PENALTY_TIME = 1 minutes: Minimum penalty duration
• DEFAULT_DISPUTE_PENALTY_TIME = 30 minutes: Default penalty duration

Also applies to: 16-17

---

48-56: LGTM: Test helper functions for prover management.

The helper functions properly use vm.prank to test different caller scenarios.

---

103-179: LGTM: Comprehensive test coverage for prover management.

The test suite thoroughly covers:

• Basic prover addition and removal
• Re-adding provers after removal
• Prover info validation
• Edge cases and state transitions

packages/contracts-rfq/contracts/FastBridgeV2.sol (2)

111-114: LGTM: Prover timeout penalty mechanism implementation.

The implementation correctly:

1. Extracts the prover ID from the disputed transaction
2. Applies the timeout penalty to the prover
3. Handles the case where the prover might have been removed

The comment on line 123 effectively documents the edge case handling.

Also applies to: 122-124

---

484-491: LGTM: Improved timestamp handling with clear documentation.

The implementation:

• Uses uint40 for gas optimization
• Correctly handles timestamp rollover
• Includes clear documentation explaining the design decisions

[coderabbitai]

🛠️ Refactor suggestion

Optimize getProvers function to reduce gas consumption

The getProvers function currently iterates over _allProvers twice: once to count active provers and again to populate the array. This can be optimized by using a single iteration and dynamically building the array, which would reduce gas costs.

Apply the following diff to optimize the function:

function getProvers() external view returns (address[] memory provers) {
    uint256 length = _allProvers.length;
-   uint256 activeProversCount = 0;
-   for (uint256 i = 0; i < length; i++) {
-       if (getActiveProverID(_allProvers[i]) != 0) {
-           activeProversCount++;
-       }
-   }
-   provers = new address[](activeProversCount);
-   uint256 activeProversIndex = 0;
+   address[] memory activeProvers = new address[](length);
+   uint256 count = 0;
    for (uint256 i = 0; i < length; i++) {
        address prover = _allProvers[i];
        if (getActiveProverID(prover) != 0) {
-           provers[activeProversIndex++] = prover;
+           activeProvers[count++] = prover;
        }
    }
+   // Resize the array to the actual number of active provers
+   assembly {
+       mstore(activeProvers, count)
+   }
+   provers = activeProvers;
}

📝 Committable suggestion

‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.

Suggested change

	function getProvers() external view returns (address[] memory provers) {
	uint256 length = _allProvers.length;
	// Calculate the number of active provers.
	uint256 activeProversCount = 0;
	for (uint256 i = 0; i < length; i++) {
	if (getActiveProverID(_allProvers[i]) != 0) {
	activeProversCount++;
	}
	}
	// Do the second pass to populate the provers array.
	provers = new address[](activeProversCount);
	uint256 activeProversIndex = 0;
	for (uint256 i = 0; i < length; i++) {
	address prover = _allProvers[i];
	if (getActiveProverID(prover) != 0) {
	provers[activeProversIndex++] = prover;
	}
	}
	}
	function getProvers() external view returns (address[] memory provers) {
	uint256 length = _allProvers.length;
	address[] memory activeProvers = new address[](length);
	uint256 count = 0;
	for (uint256 i = 0; i < length; i++) {
	address prover = _allProvers[i];
	if (getActiveProverID(prover) != 0) {
	activeProvers[count++] = prover;
	}
	}
	// Resize the array to the actual number of active provers
	assembly {
	mstore(activeProvers, count)
	}
	provers = activeProvers;
	}