Improve star checklist #55
Merged
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| - [ ] IF the contract have a concept of access control or `wards`: | ||
| - [ ] Expected admin address for this chain has full access (`SubProxy` on mainnet, `Executor` on other chains). | ||
| - [ ] Contract deployer address has no access (e.g. `wards(deployer)` is `0`). | ||
| - [ ] No other addresses has access to this contract. |
There was a problem hiding this comment.
Maybe it's good to specify: "other than the Star Proxy".
There was a problem hiding this comment.
Stating this would create more confusion and contradict the check above. As specified above, SubProxy is just one of the admin options, on L2s SubProxy isn't present, instead Executor contract shall be set as admin. So I would keep this check as is
| - [ ] The value has valid external source. | ||
| - [ ] IF the contract have a concept of access control or `wards`: | ||
| - [ ] Expected admin address for this chain has full access (`SubProxy` on mainnet, `Executor` on other chains). | ||
| - [ ] Contract deployer address has no access (e.g. `wards(deployer)` is `0`). |
There was a problem hiding this comment.
I did not mind the mention of specific functions rely and deny in the previous version.
There was a problem hiding this comment.
Stars doesn't really follow rely/deny pattern. In fact, I know zero Prime-owned/developed contracts that follow this pattern. Instead, current ALM system uses AccessControl from OpenZeppelin (see for example MainnetController). So I left wards(deployer) as an e.g. but not as a primary explanation of what "access" means
| - LIST every submodule or any other imported code used in this spell: | ||
| - `DEPENDENCY_NAME` imported at commit `COMMIT_HASH` COMMIT_URL | ||
| - [ ] The dependency commit matches audited commit. | ||
| - [ ] The dependency commit matches the version of the deployed contracts. (if ALM contracts are updated, then dependency also needs to be updated and vice-versa: dependency shouldn't be updated unless the ALM contracts are updated) |
There was a problem hiding this comment.
Suggested change
| - [ ] The dependency commit matches the version of the deployed contracts. (if ALM contracts are updated, then dependency also needs to be updated and vice-versa: dependency shouldn't be updated unless the ALM contracts are updated) | |
| - [ ] The dependency commit matches the version of the deployed contracts (if ALM contracts are updated, then dependency also needs to be updated and vice-versa: dependency shouldn't be updated unless the ALM contracts are updated). |
| - [ ] Addresses must be fetched from the relevant protocol's address registry (e.g., `spark-address-registry`, `bloom-address-registry`) IF they are present there, OTHERWISE defined as `constant` and have trusted source (e.g., when onboarding new contracts). | ||
| - LIST all addresses used in the spell (defined as `constant` or fetched from the registry repo) | ||
| - [CHAIN_NAME] `0xADDRESS`, EXTERNAL_SOURCE_URL | ||
| - [ ] Matches valid external source (previously approved forum post, external docs, etc) |
There was a problem hiding this comment.
Suggested change
| - [ ] Matches valid external source (previously approved forum post, external docs, etc) | |
| - [ ] Matches valid external source (previously approved forum post, external docs, etc). |
| - [ ] Addresses must be fetched from the relevant protocol's address registry (e.g., `spark-address-registry`, `bloom-address-registry`) IF they are present, OTHERWISE defined as `constant` when sourced from a trusted source (i.e., new contracts onboarding). | ||
|
|
||
| - [ ] Addresses must be fetched from the relevant protocol's address registry (e.g., `spark-address-registry`, `bloom-address-registry`) IF they are present there, OTHERWISE defined as `constant` and have trusted source (e.g., when onboarding new contracts). | ||
| - LIST all addresses used in the spell (defined as `constant` or fetched from the registry repo) |
There was a problem hiding this comment.
Suggested change
| - LIST all addresses used in the spell (defined as `constant` or fetched from the registry repo) | |
| - LIST all addresses used in the spell (defined as `constant` or fetched from the registry repo): |
| - [ ] Rates are calculated correctly and match their source (e.g., governance poll). | ||
| - [ ] Every contract variable is declared as either `constant` or `immutable`. | ||
| - [ ] Every precision variable (`WAD`, `RAY`, `RAD`, etc) match their expected value. | ||
| - LIST every variable using precision (`e18`, `e6`, `e...`, `WAD`, `RAY`, `RAD`, etc) |
There was a problem hiding this comment.
Suggested change
| - LIST every variable using precision (`e18`, `e6`, `e...`, `WAD`, `RAY`, `RAD`, etc) | |
| - LIST every variable using precision (`e18`, `e6`, `e...`, `WAD`, `RAY`, `RAD`, etc): |
| #### Testing | ||
| - LIST all tests and explain their coverage | ||
| - `TEST_FUNCTION_NAME` ensures EXPLANATION_OF_WHAT_IT_ENSURES | ||
| - [ ] The test is sufficient to ensure correctness the high-level goal behind tested spell action |
There was a problem hiding this comment.
Suggested change
| - [ ] The test is sufficient to ensure correctness the high-level goal behind tested spell action | |
| - [ ] The test is sufficient to ensure correctness the high-level goal behind tested spell action. |
| - [ ] Proper error handling for all external interactions. | ||
|
|
||
| #### Testing | ||
| - LIST all tests and explain their coverage |
There was a problem hiding this comment.
Suggested change
| - LIST all tests and explain their coverage | |
| - LIST all tests and explain their coverage: |
There was a problem hiding this comment.
I think it'd be better if we list the spell instructions and then point to tests that cover each (like we do on the core spells).
There was a problem hiding this comment.
@oddaf: reformulated into the list with spell actions:
- LIST each spell action (each line of code which changes a storage):
- INTENDED_SPELL_ACTION tested via TEST_NAME_1, TEST_NAME_2
- [ ] The unit test ensures the new value was changed in the spell.
- [ ] The end-to-end test is sufficient to ensure correctness the high-level goal behind this spell action.The idea is to also have all test names listed in the completed checklist, not only the actions
|
|
||
| #### Deployed Contract | ||
| - [ ] Both reviewers gave explicit "Good to deploy" | ||
| - [ ] A new comment in the PR contains link to the deployed spell(s) and Tenderly vnet(s) |
There was a problem hiding this comment.
Suggested change
| - [ ] A new comment in the PR contains link to the deployed spell(s) and Tenderly vnet(s) | |
| - [ ] A new comment in the PR contains link to the deployed spell(s) and Tenderly vnet(s). |
| ### Deployment Stage | ||
|
|
||
| #### Deployed Contract | ||
| - [ ] Both reviewers gave explicit "Good to deploy" |
There was a problem hiding this comment.
Suggested change
| - [ ] Both reviewers gave explicit "Good to deploy" | |
| - [ ] Both reviewers gave explicit "Good to deploy". |
riccardopersiani
approved these changes
Oct 16, 2025
oddaf
approved these changes
Oct 17, 2025
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
FOREACHkeyword with the newLISTpattern to promote explicit checks for each items, improve external reviewability of the completed checklists and enforce first reviewers to actually fill in required details instead of just ticking all boxes