From 2fef81d9e4dba88cec76a8f6e906897039e918f5 Mon Sep 17 00:00:00 2001 From: 0xBasset <0xbasset@gmail.com> Date: Fri, 30 May 2025 13:52:50 -0300 Subject: [PATCH 01/12] add sections for safeharbor adoption --- spell/spell-crafter-mainnet-workflow.md | 11 +++++++++++ spell/spell-reviewer-mainnet-checklist.md | 8 ++++++++ 2 files changed, 19 insertions(+) diff --git a/spell/spell-crafter-mainnet-workflow.md b/spell/spell-crafter-mainnet-workflow.md index a43564c9..d87b293a 100644 --- a/spell/spell-crafter-mainnet-workflow.md +++ b/spell/spell-crafter-mainnet-workflow.md @@ -125,6 +125,14 @@ Repo: https://github.com/makerdao/spells-mainnet * [ ] Changes are tested via `testNewOrUpdatedChainlogValues` * [ ] Adjust system values, collateral values inside `config.sol` * [ ] Ensure every spell variable is declared as public/internal + * Bug Bounty Registry Updates + * [ ] Run `make update-bug-bounty` command in the `spells-mainnet` repo to check for bug bounty updates + * [ ] IF the command outputs hex encoded calls: + * [ ] Add ALL output calls to the spell using low-level Solidity calls + * [ ] Each call MUST use the pattern: `(bool succ, bytes memory err) = AGREEMENT.call();` + * [ ] Ensure proper error handling after each call (e.g., `require(succ, "Bug bounty update failed");`) + * [ ] Add comment above the bug bounty section: `// ----- Bug Bounty Registry Updates -----` + * [ ] Include note: `// Note: Updates to bug bounty registry identified by make generate command` * Add specific tests in `DssSpell.t.sol` to have sufficient test coverage for every spell action * [ ] Test new collaterals * [ ] Test new ilk registry values @@ -139,6 +147,9 @@ Repo: https://github.com/makerdao/spells-mainnet * [ ] Sanity checks of the constructor arguments * [ ] Sanity checks of all values added/updated by the spell function * [ ] End-to-end "happy path" interaction with the module + * IF bug bounty updates are present + * [ ] Test that all bug bounty registry calls execute successfully + * [ ] Verify `make update-bug-bounty` returns empty diff in test environment after spell execution * [ ] Tests PASS via `make test` * [ ] Ensure `DssExecLib` address used in current spell (`DssExecLib.address`) matches `dss-exec-lib` [Latest Release Tag](https://github.com/makerdao/dss-exec-lib/releases/latest) * [ ] Push committed content to already opened PR diff --git a/spell/spell-reviewer-mainnet-checklist.md b/spell/spell-reviewer-mainnet-checklist.md index beee060b..26b0fede 100644 --- a/spell/spell-reviewer-mainnet-checklist.md +++ b/spell/spell-reviewer-mainnet-checklist.md @@ -272,6 +272,13 @@ * [ ] Target contract is not upgradable * [ ] Target Contract is included in the ChainLog * [ ] Test Coverage is comprehensive +* IF bug bounty registry updates are present + * [ ] Run `make update-bug-bounty` command independently to verify required updates + * [ ] Ensure ALL hex encoded calls from the command output are present in the spell + * [ ] Verify each call uses the correct pattern: `(bool succ, bytes memory err) = AGREEMENT.call();` + * [ ] Cross-check that each `` exactly matches the script output + * [ ] Confirm proper error handling is implemented for each call + * [ ] Verify the bug bounty section has appropriate comments/documentation * IF spell interacts with ChainLog * [ ] ChainLog version is incremented based on update type * Major -> New Vat (++.0.0) @@ -383,6 +390,7 @@ _Insert your local test logs here_ * [ ] All actions are executed in the transaction trace * [ ] No reverts are present that block execution * [ ] No out-of-gas errors are present + * [ ] Confirm `make update-bug-bounty` returns empty * Archive checks * [ ] `make diff-archive-spell` for current date or `make diff-archive-spell date="YYYY-MM-DD"` * [ ] Ensure date corresponds to target Exec Doc date From 1f5dce04dbd0ee11962df543e8f70a004e02f4a7 Mon Sep 17 00:00:00 2001 From: 0xBasset <0xbasset@gmail.com> Date: Wed, 17 Sep 2025 10:13:42 -0300 Subject: [PATCH 02/12] update sections to reflect latest script --- spell/spell-crafter-mainnet-workflow.md | 15 ++++++++++----- spell/spell-reviewer-mainnet-checklist.md | 11 +++++++---- 2 files changed, 17 insertions(+), 9 deletions(-) diff --git a/spell/spell-crafter-mainnet-workflow.md b/spell/spell-crafter-mainnet-workflow.md index d87b293a..070e062b 100644 --- a/spell/spell-crafter-mainnet-workflow.md +++ b/spell/spell-crafter-mainnet-workflow.md @@ -126,11 +126,16 @@ Repo: https://github.com/makerdao/spells-mainnet * [ ] Adjust system values, collateral values inside `config.sol` * [ ] Ensure every spell variable is declared as public/internal * Bug Bounty Registry Updates - * [ ] Run `make update-bug-bounty` command in the `spells-mainnet` repo to check for bug bounty updates - * [ ] IF the command outputs hex encoded calls: - * [ ] Add ALL output calls to the spell using low-level Solidity calls - * [ ] Each call MUST use the pattern: `(bool succ, bytes memory err) = AGREEMENT.call();` - * [ ] Ensure proper error handling after each call (e.g., `require(succ, "Bug bounty update failed");`) + * [ ] Update safeharbor script + ```bash + cd scripts/safeharbor + npm install + ``` + * [ ] Run `npm run generate` command in the `spells-mainnet` repo to check for bug bounty updates + * [ ] IF the command outputs hex encoded call: + * [ ] Add ALL output call to the spell using low-level Solidity call. + * [ ] The call MUST use the pattern: `(bool succ, bytes memory err) = AGREEMENT.call();` + * [ ] Ensure proper error handling after the call (e.g., `require(succ, "Bug bounty update failed");`) * [ ] Add comment above the bug bounty section: `// ----- Bug Bounty Registry Updates -----` * [ ] Include note: `// Note: Updates to bug bounty registry identified by make generate command` * Add specific tests in `DssSpell.t.sol` to have sufficient test coverage for every spell action diff --git a/spell/spell-reviewer-mainnet-checklist.md b/spell/spell-reviewer-mainnet-checklist.md index 26b0fede..e448ee0e 100644 --- a/spell/spell-reviewer-mainnet-checklist.md +++ b/spell/spell-reviewer-mainnet-checklist.md @@ -273,10 +273,13 @@ * [ ] Target Contract is included in the ChainLog * [ ] Test Coverage is comprehensive * IF bug bounty registry updates are present - * [ ] Run `make update-bug-bounty` command independently to verify required updates - * [ ] Ensure ALL hex encoded calls from the command output are present in the spell - * [ ] Verify each call uses the correct pattern: `(bool succ, bytes memory err) = AGREEMENT.call();` - * [ ] Cross-check that each `` exactly matches the script output + * [ ] Update safeharbor script + ```bash + cd scripts/safeharbor + npm install + ``` + * [ ] Run `npm run verify` command in the `spells-mainnet` repo, passing the calldata in the spell to check for it's validity. + * [ ] Verify the call uses the correct pattern: `(bool succ, bytes memory err) = AGREEMENT.call();` * [ ] Confirm proper error handling is implemented for each call * [ ] Verify the bug bounty section has appropriate comments/documentation * IF spell interacts with ChainLog From f0c79a5c5326f227c269c457dc14ac3a12f3a60f Mon Sep 17 00:00:00 2001 From: 0xBasset <0xbasset@gmail.com> Date: Fri, 19 Sep 2025 11:50:49 -0300 Subject: [PATCH 03/12] adjust to use make commands --- .wordlist.txt | 5 +++++ spell/spell-crafter-mainnet-workflow.md | 9 ++------- spell/spell-reviewer-mainnet-checklist.md | 7 +------ 3 files changed, 8 insertions(+), 13 deletions(-) diff --git a/.wordlist.txt b/.wordlist.txt index 672b7b96..e741aab6 100644 --- a/.wordlist.txt +++ b/.wordlist.txt @@ -129,6 +129,11 @@ precomputed prepended redemptions repos +RPC +RWA +RWAXXX +RWAXYZ +safeharbor setIlkAutoLineDebtCeiling setIlkAutoLineParameters setIlkDebtCeiling diff --git a/spell/spell-crafter-mainnet-workflow.md b/spell/spell-crafter-mainnet-workflow.md index 070e062b..36515a61 100644 --- a/spell/spell-crafter-mainnet-workflow.md +++ b/spell/spell-crafter-mainnet-workflow.md @@ -126,14 +126,9 @@ Repo: https://github.com/makerdao/spells-mainnet * [ ] Adjust system values, collateral values inside `config.sol` * [ ] Ensure every spell variable is declared as public/internal * Bug Bounty Registry Updates - * [ ] Update safeharbor script - ```bash - cd scripts/safeharbor - npm install - ``` - * [ ] Run `npm run generate` command in the `spells-mainnet` repo to check for bug bounty updates + * [ ] Run `make safeharbor-generate` command in the `spells-mainnet` repo to check for bug bounty updates * [ ] IF the command outputs hex encoded call: - * [ ] Add ALL output call to the spell using low-level Solidity call. + * [ ] Add the output hex encoded call to the spell using low-level Solidity call. * [ ] The call MUST use the pattern: `(bool succ, bytes memory err) = AGREEMENT.call();` * [ ] Ensure proper error handling after the call (e.g., `require(succ, "Bug bounty update failed");`) * [ ] Add comment above the bug bounty section: `// ----- Bug Bounty Registry Updates -----` diff --git a/spell/spell-reviewer-mainnet-checklist.md b/spell/spell-reviewer-mainnet-checklist.md index e448ee0e..2635a1af 100644 --- a/spell/spell-reviewer-mainnet-checklist.md +++ b/spell/spell-reviewer-mainnet-checklist.md @@ -273,12 +273,7 @@ * [ ] Target Contract is included in the ChainLog * [ ] Test Coverage is comprehensive * IF bug bounty registry updates are present - * [ ] Update safeharbor script - ```bash - cd scripts/safeharbor - npm install - ``` - * [ ] Run `npm run verify` command in the `spells-mainnet` repo, passing the calldata in the spell to check for it's validity. + * [ ] Run `make safeharbor-verify calldata=0xhexEncodedData` command in the `spells-mainnet` repo, passing the calldata in the spell to check for it's validity. * [ ] Verify the call uses the correct pattern: `(bool succ, bytes memory err) = AGREEMENT.call();` * [ ] Confirm proper error handling is implemented for each call * [ ] Verify the bug bounty section has appropriate comments/documentation From 40603659a32c2e00121972049607183661d7a415 Mon Sep 17 00:00:00 2001 From: 0xBasset <0xbasset@gmail.com> Date: Fri, 19 Sep 2025 11:52:32 -0300 Subject: [PATCH 04/12] add calldata to dictionary --- .wordlist.txt | 3 +++ 1 file changed, 3 insertions(+) diff --git a/.wordlist.txt b/.wordlist.txt index e741aab6..5a74781a 100644 --- a/.wordlist.txt +++ b/.wordlist.txt @@ -87,6 +87,9 @@ auth authed authing bytecode +Calc +CalcFab +calldata casted checksummed collateralization From ffbea9fd99fdbad7de2c51b05292749a35ea7bac Mon Sep 17 00:00:00 2001 From: 0xBasset <0xbasset@gmail.com> Date: Mon, 22 Sep 2025 10:39:48 -0300 Subject: [PATCH 05/12] fix script name error and other comments adjustments --- spell/spell-crafter-mainnet-workflow.md | 4 ++-- spell/spell-reviewer-mainnet-checklist.md | 4 ++-- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/spell/spell-crafter-mainnet-workflow.md b/spell/spell-crafter-mainnet-workflow.md index 36515a61..9a0749b6 100644 --- a/spell/spell-crafter-mainnet-workflow.md +++ b/spell/spell-crafter-mainnet-workflow.md @@ -129,7 +129,7 @@ Repo: https://github.com/makerdao/spells-mainnet * [ ] Run `make safeharbor-generate` command in the `spells-mainnet` repo to check for bug bounty updates * [ ] IF the command outputs hex encoded call: * [ ] Add the output hex encoded call to the spell using low-level Solidity call. - * [ ] The call MUST use the pattern: `(bool succ, bytes memory err) = AGREEMENT.call();` + * [ ] The call MUST use the pattern: `(bool succ, bytes memory err) = MULTICALL.call();` * [ ] Ensure proper error handling after the call (e.g., `require(succ, "Bug bounty update failed");`) * [ ] Add comment above the bug bounty section: `// ----- Bug Bounty Registry Updates -----` * [ ] Include note: `// Note: Updates to bug bounty registry identified by make generate command` @@ -149,7 +149,6 @@ Repo: https://github.com/makerdao/spells-mainnet * [ ] End-to-end "happy path" interaction with the module * IF bug bounty updates are present * [ ] Test that all bug bounty registry calls execute successfully - * [ ] Verify `make update-bug-bounty` returns empty diff in test environment after spell execution * [ ] Tests PASS via `make test` * [ ] Ensure `DssExecLib` address used in current spell (`DssExecLib.address`) matches `dss-exec-lib` [Latest Release Tag](https://github.com/makerdao/dss-exec-lib/releases/latest) * [ ] Push committed content to already opened PR @@ -228,6 +227,7 @@ Repo: https://github.com/makerdao/spells-mainnet * [ ] Create testnet and cast deployed spell there using `make cast-on-tenderly spell=0x...` command * [ ] Check that returned `public explorer url` is publicly accessible (e.g. using incognito browser mode) * [ ] IF `cast-on-tenderly` command is executed several times for the same spell, delete all testnets of the same name except the last one +* [ ] Verify `make safeharbor-generate` returns empty diff in the casted environment after spell execution. * [ ] Archive Spell via `make archive-spell` for the current date (or `make archive-spell date="YYYY-MM-DD"`) using Target Date inside the Exec Doc * [ ] Commit & push changes for review * [ ] Wait for CI to PASS diff --git a/spell/spell-reviewer-mainnet-checklist.md b/spell/spell-reviewer-mainnet-checklist.md index 2635a1af..2b785e41 100644 --- a/spell/spell-reviewer-mainnet-checklist.md +++ b/spell/spell-reviewer-mainnet-checklist.md @@ -273,8 +273,8 @@ * [ ] Target Contract is included in the ChainLog * [ ] Test Coverage is comprehensive * IF bug bounty registry updates are present - * [ ] Run `make safeharbor-verify calldata=0xhexEncodedData` command in the `spells-mainnet` repo, passing the calldata in the spell to check for it's validity. - * [ ] Verify the call uses the correct pattern: `(bool succ, bytes memory err) = AGREEMENT.call();` + * [ ] Run `make safeharbor-verify calldata=` command passing the calldata in the spell to check for it's validity. + * [ ] Verify the call uses the correct pattern: `(bool succ, bytes memory err) = MULTICALL.call();` * [ ] Confirm proper error handling is implemented for each call * [ ] Verify the bug bounty section has appropriate comments/documentation * IF spell interacts with ChainLog From 07664769ebde22c57cc1be211b8484e025cdf7f4 Mon Sep 17 00:00:00 2001 From: 0xBasset <0xbasset@gmail.com> Date: Mon, 22 Sep 2025 11:37:03 -0300 Subject: [PATCH 06/12] remame script elsewhere too --- spell/spell-reviewer-mainnet-checklist.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/spell/spell-reviewer-mainnet-checklist.md b/spell/spell-reviewer-mainnet-checklist.md index 2b785e41..e606b1da 100644 --- a/spell/spell-reviewer-mainnet-checklist.md +++ b/spell/spell-reviewer-mainnet-checklist.md @@ -388,7 +388,7 @@ _Insert your local test logs here_ * [ ] All actions are executed in the transaction trace * [ ] No reverts are present that block execution * [ ] No out-of-gas errors are present - * [ ] Confirm `make update-bug-bounty` returns empty + * [ ] Confirm `make safeharbor-generate` returns empty * Archive checks * [ ] `make diff-archive-spell` for current date or `make diff-archive-spell date="YYYY-MM-DD"` * [ ] Ensure date corresponds to target Exec Doc date From 18f5fabac765ae0413da767208fad228923f7858 Mon Sep 17 00:00:00 2001 From: 0xBasset <0xbasset@gmail.com> Date: Tue, 23 Sep 2025 10:53:19 -0300 Subject: [PATCH 07/12] remove required comments --- spell/spell-crafter-mainnet-workflow.md | 2 -- spell/spell-reviewer-mainnet-checklist.md | 2 +- 2 files changed, 1 insertion(+), 3 deletions(-) diff --git a/spell/spell-crafter-mainnet-workflow.md b/spell/spell-crafter-mainnet-workflow.md index 9a0749b6..5075274b 100644 --- a/spell/spell-crafter-mainnet-workflow.md +++ b/spell/spell-crafter-mainnet-workflow.md @@ -131,8 +131,6 @@ Repo: https://github.com/makerdao/spells-mainnet * [ ] Add the output hex encoded call to the spell using low-level Solidity call. * [ ] The call MUST use the pattern: `(bool succ, bytes memory err) = MULTICALL.call();` * [ ] Ensure proper error handling after the call (e.g., `require(succ, "Bug bounty update failed");`) - * [ ] Add comment above the bug bounty section: `// ----- Bug Bounty Registry Updates -----` - * [ ] Include note: `// Note: Updates to bug bounty registry identified by make generate command` * Add specific tests in `DssSpell.t.sol` to have sufficient test coverage for every spell action * [ ] Test new collaterals * [ ] Test new ilk registry values diff --git a/spell/spell-reviewer-mainnet-checklist.md b/spell/spell-reviewer-mainnet-checklist.md index e606b1da..f42e35f7 100644 --- a/spell/spell-reviewer-mainnet-checklist.md +++ b/spell/spell-reviewer-mainnet-checklist.md @@ -275,7 +275,7 @@ * IF bug bounty registry updates are present * [ ] Run `make safeharbor-verify calldata=` command passing the calldata in the spell to check for it's validity. * [ ] Verify the call uses the correct pattern: `(bool succ, bytes memory err) = MULTICALL.call();` - * [ ] Confirm proper error handling is implemented for each call + * [ ] Confirm proper error handling is implemented for the call * [ ] Verify the bug bounty section has appropriate comments/documentation * IF spell interacts with ChainLog * [ ] ChainLog version is incremented based on update type From 10ee33891e2be91053e4568978fb2c40ea270399 Mon Sep 17 00:00:00 2001 From: 0xBasset <0xbasset@gmail.com> Date: Wed, 24 Sep 2025 09:29:24 -0300 Subject: [PATCH 08/12] remove item on comment verification --- spell/spell-reviewer-mainnet-checklist.md | 1 - 1 file changed, 1 deletion(-) diff --git a/spell/spell-reviewer-mainnet-checklist.md b/spell/spell-reviewer-mainnet-checklist.md index f42e35f7..6ac1e5c2 100644 --- a/spell/spell-reviewer-mainnet-checklist.md +++ b/spell/spell-reviewer-mainnet-checklist.md @@ -276,7 +276,6 @@ * [ ] Run `make safeharbor-verify calldata=` command passing the calldata in the spell to check for it's validity. * [ ] Verify the call uses the correct pattern: `(bool succ, bytes memory err) = MULTICALL.call();` * [ ] Confirm proper error handling is implemented for the call - * [ ] Verify the bug bounty section has appropriate comments/documentation * IF spell interacts with ChainLog * [ ] ChainLog version is incremented based on update type * Major -> New Vat (++.0.0) From 11f6ac40838da4427854d3f9e1ab0bd10e122895 Mon Sep 17 00:00:00 2001 From: 0xBasset <0xbasset@gmail.com> Date: Mon, 13 Oct 2025 11:56:42 -0300 Subject: [PATCH 09/12] adjust list to adhere to new code format --- spell/spell-crafter-mainnet-workflow.md | 16 ++++++++++++---- spell/spell-reviewer-mainnet-checklist.md | 9 +++++---- 2 files changed, 17 insertions(+), 8 deletions(-) diff --git a/spell/spell-crafter-mainnet-workflow.md b/spell/spell-crafter-mainnet-workflow.md index 5075274b..b322d989 100644 --- a/spell/spell-crafter-mainnet-workflow.md +++ b/spell/spell-crafter-mainnet-workflow.md @@ -127,10 +127,18 @@ Repo: https://github.com/makerdao/spells-mainnet * [ ] Ensure every spell variable is declared as public/internal * Bug Bounty Registry Updates * [ ] Run `make safeharbor-generate` command in the `spells-mainnet` repo to check for bug bounty updates - * [ ] IF the command outputs hex encoded call: - * [ ] Add the output hex encoded call to the spell using low-level Solidity call. - * [ ] The call MUST use the pattern: `(bool succ, bytes memory err) = MULTICALL.call();` - * [ ] Ensure proper error handling after the call (e.g., `require(succ, "Bug bounty update failed");`) + * [ ] IF the command outputs a solidity snippet: + * [ ] Paste the generated code into the spell as is. The code should not be modified. You may adjust formatting. + * [ ] Import the `AGREEMENT_ADDRESS` from the `ChainLog` + * [ ] If not already present, add the helper function to perform the call: +```solidity +function _updateSafeHarbor(bytes[] memory calldatas) public { + for (uint256 i = 0; i < calldatas.length; i++) { + (bool success, ) = address(AGREEMENT_ADDRESS).call(calldatas[i]); + require(success, "SaferHarbor call failed"); + } +} +``` * Add specific tests in `DssSpell.t.sol` to have sufficient test coverage for every spell action * [ ] Test new collaterals * [ ] Test new ilk registry values diff --git a/spell/spell-reviewer-mainnet-checklist.md b/spell/spell-reviewer-mainnet-checklist.md index 6ac1e5c2..2a2d711d 100644 --- a/spell/spell-reviewer-mainnet-checklist.md +++ b/spell/spell-reviewer-mainnet-checklist.md @@ -273,9 +273,10 @@ * [ ] Target Contract is included in the ChainLog * [ ] Test Coverage is comprehensive * IF bug bounty registry updates are present - * [ ] Run `make safeharbor-verify calldata=` command passing the calldata in the spell to check for it's validity. - * [ ] Verify the call uses the correct pattern: `(bool succ, bytes memory err) = MULTICALL.call();` - * [ ] Confirm proper error handling is implemented for the call + * [ ] Run `make safeharbor-generate` command passing the calldata in the spell to check for it's validity. + * [ ] Verify that the generated code exactly matches the generated code in the spell. + * [ ] Ensure that `AGREEMENT_ADDRESS` is imported from the ChainLog. + * [ ] Ensure that the helper function to perform the call is present and is implemented correctly. * IF spell interacts with ChainLog * [ ] ChainLog version is incremented based on update type * Major -> New Vat (++.0.0) @@ -387,7 +388,7 @@ _Insert your local test logs here_ * [ ] All actions are executed in the transaction trace * [ ] No reverts are present that block execution * [ ] No out-of-gas errors are present - * [ ] Confirm `make safeharbor-generate` returns empty + * [ ] Confirm `make safeharbor-generate` returns "no updates" * Archive checks * [ ] `make diff-archive-spell` for current date or `make diff-archive-spell date="YYYY-MM-DD"` * [ ] Ensure date corresponds to target Exec Doc date From 93cbffac1dbc3f248a0bba7d29a5ca81f069b722 Mon Sep 17 00:00:00 2001 From: 0xBasset <0xbasset@gmail.com> Date: Thu, 16 Oct 2025 09:21:20 -0300 Subject: [PATCH 10/12] remove function from checklist --- spell/spell-crafter-mainnet-workflow.md | 10 +--------- 1 file changed, 1 insertion(+), 9 deletions(-) diff --git a/spell/spell-crafter-mainnet-workflow.md b/spell/spell-crafter-mainnet-workflow.md index b322d989..87994781 100644 --- a/spell/spell-crafter-mainnet-workflow.md +++ b/spell/spell-crafter-mainnet-workflow.md @@ -130,15 +130,7 @@ Repo: https://github.com/makerdao/spells-mainnet * [ ] IF the command outputs a solidity snippet: * [ ] Paste the generated code into the spell as is. The code should not be modified. You may adjust formatting. * [ ] Import the `AGREEMENT_ADDRESS` from the `ChainLog` - * [ ] If not already present, add the helper function to perform the call: -```solidity -function _updateSafeHarbor(bytes[] memory calldatas) public { - for (uint256 i = 0; i < calldatas.length; i++) { - (bool success, ) = address(AGREEMENT_ADDRESS).call(calldatas[i]); - require(success, "SaferHarbor call failed"); - } -} -``` + * [ ] If not already present, add the helper function to perform the call, using the established archive pattern. * Add specific tests in `DssSpell.t.sol` to have sufficient test coverage for every spell action * [ ] Test new collaterals * [ ] Test new ilk registry values From 5a1528ba3aa37cd4456e572b8ae6e85754e1d8c2 Mon Sep 17 00:00:00 2001 From: 0xBasset <0xbasset@gmail.com> Date: Fri, 17 Oct 2025 10:33:24 -0300 Subject: [PATCH 11/12] addressed PR comments --- spell/spell-crafter-mainnet-workflow.md | 15 +++++++++------ spell/spell-reviewer-mainnet-checklist.md | 12 +++++++----- 2 files changed, 16 insertions(+), 11 deletions(-) diff --git a/spell/spell-crafter-mainnet-workflow.md b/spell/spell-crafter-mainnet-workflow.md index 87994781..f787d97c 100644 --- a/spell/spell-crafter-mainnet-workflow.md +++ b/spell/spell-crafter-mainnet-workflow.md @@ -126,11 +126,14 @@ Repo: https://github.com/makerdao/spells-mainnet * [ ] Adjust system values, collateral values inside `config.sol` * [ ] Ensure every spell variable is declared as public/internal * Bug Bounty Registry Updates - * [ ] Run `make safeharbor-generate` command in the `spells-mainnet` repo to check for bug bounty updates - * [ ] IF the command outputs a solidity snippet: - * [ ] Paste the generated code into the spell as is. The code should not be modified. You may adjust formatting. - * [ ] Import the `AGREEMENT_ADDRESS` from the `ChainLog` - * [ ] If not already present, add the helper function to perform the call, using the established archive pattern. + * [ ] Check that output of make safeharbor-generate matches the instructions provided by Governance Facilitators + * [ ] If no instructions were provided and script produces "no changes", then no further action is required + * [ ] If there is a mismatch, crafter should notify Governance Facilitators + * [ ] If the scripts outputs a warning indicated by ⚠️ ❗, notify Governance Facilitators. + * [ ] If the command outputs a solidity snippet that matches the instructions provided by Governance Facilitators: + * [ ] Paste the generated code into the spell as is. The code should not be modified. You may adjust formatting + * [ ] Import the `AGREEMENT_ADDRESS` from the `ChainLog` + * [ ] If not already present, add the helper function to perform the call, using the established archive pattern. * Add specific tests in `DssSpell.t.sol` to have sufficient test coverage for every spell action * [ ] Test new collaterals * [ ] Test new ilk registry values @@ -225,7 +228,7 @@ Repo: https://github.com/makerdao/spells-mainnet * [ ] Create testnet and cast deployed spell there using `make cast-on-tenderly spell=0x...` command * [ ] Check that returned `public explorer url` is publicly accessible (e.g. using incognito browser mode) * [ ] IF `cast-on-tenderly` command is executed several times for the same spell, delete all testnets of the same name except the last one -* [ ] Verify `make safeharbor-generate` returns empty diff in the casted environment after spell execution. +* [ ] `make safeharbor-generate` returns empty diff in the testnet environment after spell was cast * [ ] Archive Spell via `make archive-spell` for the current date (or `make archive-spell date="YYYY-MM-DD"`) using Target Date inside the Exec Doc * [ ] Commit & push changes for review * [ ] Wait for CI to PASS diff --git a/spell/spell-reviewer-mainnet-checklist.md b/spell/spell-reviewer-mainnet-checklist.md index 2a2d711d..d9bbce22 100644 --- a/spell/spell-reviewer-mainnet-checklist.md +++ b/spell/spell-reviewer-mainnet-checklist.md @@ -273,10 +273,12 @@ * [ ] Target Contract is included in the ChainLog * [ ] Test Coverage is comprehensive * IF bug bounty registry updates are present - * [ ] Run `make safeharbor-generate` command passing the calldata in the spell to check for it's validity. - * [ ] Verify that the generated code exactly matches the generated code in the spell. - * [ ] Ensure that `AGREEMENT_ADDRESS` is imported from the ChainLog. - * [ ] Ensure that the helper function to perform the call is present and is implemented correctly. + * [ ] Run `make safeharbor-generate` + * [ ] Verify that the generated code exactly matches the code in the spell + * [ ] Verify that output matches the instructions provided by Governance Facilitators + * [ ] Ensure that the script does not output any warnings, which are indicated by ⚠️ ❗ + * [ ] Ensure that agreement address is fetched from the Chainlog + * [ ] Ensure that the helper function to perform the call is present and is implemented using the established archive pattern * IF spell interacts with ChainLog * [ ] ChainLog version is incremented based on update type * Major -> New Vat (++.0.0) @@ -388,7 +390,7 @@ _Insert your local test logs here_ * [ ] All actions are executed in the transaction trace * [ ] No reverts are present that block execution * [ ] No out-of-gas errors are present - * [ ] Confirm `make safeharbor-generate` returns "no updates" + * [ ] `make safeharbor-generate` against the testnet returns "no updates" * Archive checks * [ ] `make diff-archive-spell` for current date or `make diff-archive-spell date="YYYY-MM-DD"` * [ ] Ensure date corresponds to target Exec Doc date From fd2383a53f5cb1d9518ce95707d407a93cbde0e0 Mon Sep 17 00:00:00 2001 From: 0xBasset <0xbasset@gmail.com> Date: Tue, 28 Oct 2025 11:18:22 -0300 Subject: [PATCH 12/12] address another round of PR reviews --- spell/spell-crafter-mainnet-workflow.md | 8 +++++--- spell/spell-reviewer-mainnet-checklist.md | 2 ++ 2 files changed, 7 insertions(+), 3 deletions(-) diff --git a/spell/spell-crafter-mainnet-workflow.md b/spell/spell-crafter-mainnet-workflow.md index f787d97c..c1f79a2b 100644 --- a/spell/spell-crafter-mainnet-workflow.md +++ b/spell/spell-crafter-mainnet-workflow.md @@ -66,6 +66,8 @@ Repo: https://github.com/makerdao/spells-mainnet * [ ] Remove unused interface declarations * Ensure correctness of the cleanup * [ ] Run Tests `make test` (or `make test match=` to inspect debug traces) +* [ ] Run `make safeharbor-generate` to ensure that updates matches the bug bounty updates instructions on the Exec Sheet. + * [ ] If there is a mismatch, notify Governance Facilitators. * Add comments to the spell based on the relevant [Exec Sheet](https://docs.google.com/spreadsheets/d/1w_z5WpqxzwreCcaveB2Ye1PP5B8QAHDglzyxKHG3CHw) * [ ] Copy every _Section text_ from the Exec Sheet as comment to the spell code * [ ] Surround the comment by the set of dashes (e.g. `// ----- Section text -----`) @@ -126,13 +128,13 @@ Repo: https://github.com/makerdao/spells-mainnet * [ ] Adjust system values, collateral values inside `config.sol` * [ ] Ensure every spell variable is declared as public/internal * Bug Bounty Registry Updates - * [ ] Check that output of make safeharbor-generate matches the instructions provided by Governance Facilitators + * [ ] Check that output of `make safeharbor-generate` matches the instructions provided by Governance Facilitators * [ ] If no instructions were provided and script produces "no changes", then no further action is required * [ ] If there is a mismatch, crafter should notify Governance Facilitators * [ ] If the scripts outputs a warning indicated by ⚠️ ❗, notify Governance Facilitators. * [ ] If the command outputs a solidity snippet that matches the instructions provided by Governance Facilitators: * [ ] Paste the generated code into the spell as is. The code should not be modified. You may adjust formatting - * [ ] Import the `AGREEMENT_ADDRESS` from the `ChainLog` + * [ ] Fetch the agreement address from the `ChainLog` * [ ] If not already present, add the helper function to perform the call, using the established archive pattern. * Add specific tests in `DssSpell.t.sol` to have sufficient test coverage for every spell action * [ ] Test new collaterals @@ -228,7 +230,7 @@ Repo: https://github.com/makerdao/spells-mainnet * [ ] Create testnet and cast deployed spell there using `make cast-on-tenderly spell=0x...` command * [ ] Check that returned `public explorer url` is publicly accessible (e.g. using incognito browser mode) * [ ] IF `cast-on-tenderly` command is executed several times for the same spell, delete all testnets of the same name except the last one -* [ ] `make safeharbor-generate` returns empty diff in the testnet environment after spell was cast +* [ ] `make safeharbor-generate` returns "no updates" in the testnet environment after spell was cast * [ ] Archive Spell via `make archive-spell` for the current date (or `make archive-spell date="YYYY-MM-DD"`) using Target Date inside the Exec Doc * [ ] Commit & push changes for review * [ ] Wait for CI to PASS diff --git a/spell/spell-reviewer-mainnet-checklist.md b/spell/spell-reviewer-mainnet-checklist.md index d9bbce22..284ae5b3 100644 --- a/spell/spell-reviewer-mainnet-checklist.md +++ b/spell/spell-reviewer-mainnet-checklist.md @@ -19,6 +19,7 @@ * [ ] Office hours is `true` IF spell introduces a major change that can affect external parties (e.g.: keepers are affected in case of collateral offboarding) OTHERWISE explicitly set to `false` * [ ] Office hours value matches the Exec Sheet * [ ] 30 days spell expiry set in the constructor (`block.timestamp + 30 days`) + * [ ] `make safeharbor-generate` outputs matches the instructions on the Exec Sheet. If there is a mismatch, notify Governance Facilitators. * Spell description * [ ] Description follows the format `TARGET_DATE MakerDAO Executive Spell | Hash: EXEC_DOC_HASH` * [ ] `TARGET_DATE` in the description matches the target date @@ -391,6 +392,7 @@ _Insert your local test logs here_ * [ ] No reverts are present that block execution * [ ] No out-of-gas errors are present * [ ] `make safeharbor-generate` against the testnet returns "no updates" + * [ ] If the script outputs a warning indicated by ⚠️ ❗, notify Governance Facilitators. * Archive checks * [ ] `make diff-archive-spell` for current date or `make diff-archive-spell date="YYYY-MM-DD"` * [ ] Ensure date corresponds to target Exec Doc date