Skip to content

Legion (#42) (#44)#45

Merged
Dargon789 merged 1 commit into
mainfrom
alert-autofix-1
Mar 15, 2026
Merged

Legion (#42) (#44)#45
Dargon789 merged 1 commit into
mainfrom
alert-autofix-1

Conversation

@Dargon789

Copy link
Copy Markdown
Owner
  • feat: add ERC20 transfer benchmark for Porto with passkey

Add testERC20TransferViaPortoOrchestratorWithPasskey() benchmark to isolate passkey authentication costs from spend limit enforcement costs.

  • Uses secp256k1 passkey for transaction signing
  • Sets execution permissions for ERC20 transfers
  • Requires spend limits (set to max) for passkey operations
  • Gas cost: 116,094 (vs 97,030 without passkey, 117,083 with restrictive limits)
  • Provides clean measurement of passkey overhead (~19k gas)

Resolves ithacaxyz#272

🤖 Generated with Claude Code

Combines the following fixes:

🤖 Generated with Claude Code

  • chore: bump contract versions due to bytecode changes - Contracts updated: IthacaAccount

  • feat: subaccount design using spend function

  • test: complete subaccount flow with unit test

  • chore: bump contract versions due to bytecode changes - Contracts updated: IthacaAccount

  • feat: add merkle sigs natively into the account

  • fix: tests

  • test: add more sophisticated fuzz test

  • chore: bump contract versions due to bytecode changes - Contracts updated: IthacaAccount

  • feat: fix and simplify multichain design (feat: fix and simplify multichain design ithacaxyz/account#327)

  • feat: simplify multichain nonce design

  • chore: readd merkle verification prefix

  • chore: undo blank line addns

  • chore: lint

  • chore: redundant multichain bool

  • fix: lint

  • .

  • feat: remove intent struct (feat: remove intent struct ithacaxyz/account#365)

  • feat: simplify multichain nonce design

  • chore: readd merkle verification prefix

  • chore: undo blank line addns

  • chore: lint

  • .

  • ~50 failing tests down to 5

  • down to 1 failing test

  • fixed failing test

  • chore: remove console logs and bench

  • .

  • Update test/Base.t.sol

  • Update src/Orchestrator.sol

  • Update test/utils/mocks/MockPayerWithSignatureOptimized.sol

  • chore: final cleanup, rebench

  • Update src/Orchestrator.sol

  • chore: bump contract versions due to bytecode changes - Contracts updated: IthacaAccount,Orchestrator,SimpleFunder,Simulator

  • chore: cleanup

  • rebase

  • fix


  • feat: native merkle sig verification in Account

  • chore: fmt

  • chore: unify merkle sig flow for orchestrator multi chain intents

  • chore: bump contract versions due to bytecode changes - Contracts updated: Orchestrator,SimpleFunder,Simulator

  • Add .circleci/config.yml (Add .circleci/config.yml #1)

Add CircleCI configuration file to set up a basic pipeline with a say-hello job and workflow

CI:

Add .circleci/config.yml to define a say-hello job that checks out the code and prints a greeting using the cimg/base Docker image Add a workflow to orchestrate the say-hello job under the CircleCI 2.1 engine

CI:
Update Forge test command to use --rerun and increase verbosity to -vvvvv

Enhance the CI test step to automatically rerun failed tests and increase verbosity in Forge. CI:
Enable the --rerun flag for Forge tests to retry failures automatically Increase Forge test verbosity from -vvv to -vvvvv

Change Forge test invocation from "forge test --rerun -vvvvv" to "forge test -vvv"

  • Update ci.yaml

  • Create CNAME

  • Revert "Merge branch 'master'"

This reverts commit 6c02fbf, reversing changes made to a317ddb.

CI:
Update Forge test command to use --rerun and increase verbosity to -vvvvv

Enhance the CI test step to automatically rerun failed tests and increase verbosity in Forge. CI:
Enable the --rerun flag for Forge tests to retry failures automatically Increase Forge test verbosity from -vvv to -vvvvv

Change Forge test invocation from "forge test --rerun -vvvvv" to "forge test -vvv"

  • Update ci.yaml

  • Create CNAME

  • Revert "Merge branch 'master'"

This reverts commit 6c02fbf, reversing changes made to a317ddb.


reback use test
CI and automation chores (ithacaxyz#394)
7dd8a5d

https://github.com/Dargon789/account/security/code-scanning/3

reback use test
CI and automation chores (ithacaxyz#394)
7dd8a5d

Migrates deployment scripts to use fork-based configuration loading, removes legacy CircleCI and GitHub workflow files, and introduces a registry-based contract deployment record. Updates .env.example, README, and foundry configuration. Removes LayerZero vendor and test files, adds devtools submodule, and improves LayerZeroSettler configuration logic for multi-chain deployments.

30a2096

reback use test
CI and automation chores (ithacaxyz#394)
7dd8a5d

CI:
Update Forge test command to use --rerun and increase verbosity to -vvvvv

Enhance the CI test step to automatically rerun failed tests and increase verbosity in Forge. CI:
Enable the --rerun flag for Forge tests to retry failures automatically Increase Forge test verbosity from -vvv to -vvvvv

Change Forge test invocation from "forge test --rerun -vvvvv" to "forge test -vvv"

  • Update ci.yaml

  • Create CNAME


Reverts #11

Summary by Sourcery
CI:

Update the Forge test command in the CI workflow to enable reruns and increase verbosity. This reverts commit 942017f.


  • Update ci.yaml

  • Refactor function signatures and formatting for consistency

Updated function signatures in IFunder and SimpleFunder for single-line style, and improved code formatting in IthacaAccount, test/Account.t.sol, test/Benchmark.t.sol, and test/LayerZeroSettler.t.sol for readability and consistency. No logic changes were made.

  • Delete .circleci directory (Delete .circleci directory #27)

  • Default ignored files

  • .snapshot_worktree

  • Delete .idea directory (Delete .idea directory #35)

  • pre-commit

  • pre-commit

  • deploy execute_config.sh

  • Update forge-std

  • Update check-bytecode-changes.js

  • pre-commit

  • chore: bump contract versions due to bytecode changes

  • chore: bump contract versions due to bytecode changes

  • chore: bump contract versions due to bytecode changes

contracts update


* feat: add ERC20 transfer benchmark for Porto with passkey

Add testERC20TransferViaPortoOrchestratorWithPasskey() benchmark to isolate
passkey authentication costs from spend limit enforcement costs.

- Uses secp256k1 passkey for transaction signing
- Sets execution permissions for ERC20 transfers
- Requires spend limits (set to max) for passkey operations
- Gas cost: 116,094 (vs 97,030 without passkey, 117,083 with restrictive limits)
- Provides clean measurement of passkey overhead (~19k gas)

Resolves ithacaxyz#272

🤖 Generated with [Claude Code](https://claude.ai/code)



* feat: allow early refunds by recipient in escrow

* feat: add callSansTo support to ERC7821 execute

* chore: improvements and fixes to ERC7821Ithaca

* chore: add address(0) replacement to new compute digest

* fix: sanitize upper bits before checking replacement + tests

* feat: do not add replay safe wrapper if sig is eoa

* chore: bump contract versions due to bytecode changes - Contracts updated: IthacaAccount

* chore: use `auto-assign-pr.yml` org action

* fix: combine improvements from PRs ithacaxyz#357, ithacaxyz#314, and ithacaxyz#379

Combines the following fixes:
- PR ithacaxyz#357: Replace SuperAdminCanSpendAnything with SuperAdminCanExecuteEverything in setCallChecker
- PR ithacaxyz#314: Fix typos across codebase (overriden→overridden, Calcualated→Calculated, etc.)
- PR ithacaxyz#379: Correct inline comment about approval amount (20-byte all-ones, not type(uint256).max)





🤖 Generated with [Claude Code](https://claude.ai/code)



* chore: bump contract versions due to bytecode changes - Contracts updated: IthacaAccount

* feat: subaccount design using spend function

* test: complete subaccount flow with unit test

* chore: bump contract versions due to bytecode changes - Contracts updated: IthacaAccount

* feat: add merkle sigs natively into the account

* fix: tests

* test: add more sophisticated fuzz test

* chore: bump contract versions due to bytecode changes - Contracts updated: IthacaAccount

* feat: fix and simplify multichain design (ithacaxyz#327)

* feat: simplify multichain nonce design

* chore: readd merkle verification prefix

* chore: undo blank line addns

* chore: lint

* chore: redundant multichain bool

* fix: lint

* .

* feat: remove intent struct (ithacaxyz#365)

* feat: simplify multichain nonce design

* chore: readd merkle verification prefix

* chore: undo blank line addns

* chore: lint

* .

* ~50 failing tests down to 5

* down to 1 failing test

* fixed failing test

* chore: remove console logs and bench

* .

* Update test/Base.t.sol

* Update src/Orchestrator.sol

* Update test/utils/mocks/MockPayerWithSignatureOptimized.sol

* chore: final cleanup, rebench

* Update src/Orchestrator.sol

* chore: bump contract versions due to bytecode changes - Contracts updated: IthacaAccount,Orchestrator,SimpleFunder,Simulator

* chore: cleanup

* rebase

* fix

---------



* feat: native merkle sig verification in Account

* chore: fmt

* chore: unify merkle sig flow for orchestrator multi chain intents

* chore: bump contract versions due to bytecode changes - Contracts updated: Orchestrator,SimpleFunder,Simulator

* Add .circleci/config.yml (#1)

Add CircleCI configuration file to set up a basic pipeline with a say-hello job and workflow

CI:

Add .circleci/config.yml to define a say-hello job that checks out the code and prints a greeting using the cimg/base Docker image
Add a workflow to orchestrate the say-hello job under the CircleCI 2.1 engine

* Update ci.yaml



* Update ci.yaml (#2)

CI:
Update Forge test command to use --rerun and increase verbosity to -vvvvv


* Update ci.yaml (#4)

Enhance the CI test step to automatically rerun failed tests and increase verbosity in Forge.
CI:
Enable the --rerun flag for Forge tests to retry failures automatically
Increase Forge test verbosity from -vvv to -vvvvv


* Update ci.yaml (#5)

Change Forge test invocation from "forge test --rerun -vvvvv" to "forge test -vvv"


* Update ci.yaml



* Create CNAME

* Revert "Merge branch 'master'"

This reverts commit 6c02fbf, reversing
changes made to a317ddb.

* Create CNAME (#9)

* Update ci.yaml (#2)

CI:
Update Forge test command to use --rerun and increase verbosity to -vvvvv


* Update ci.yaml (#4)

Enhance the CI test step to automatically rerun failed tests and increase verbosity in Forge.
CI:
Enable the --rerun flag for Forge tests to retry failures automatically
Increase Forge test verbosity from -vvv to -vvvvv


* Update ci.yaml (#5)

Change Forge test invocation from "forge test --rerun -vvvvv" to "forge test -vvv"


* Update ci.yaml



* Create CNAME

* Revert "Merge branch 'master'"

This reverts commit 6c02fbf, reversing
changes made to a317ddb.

---------



* Update ci.yaml (#10)

reback use test 
CI and automation chores (ithacaxyz#394)
 7dd8a5d



* Potential fix for code scanning alert no. 3: Workflow does not contain permissions (#15)

https://github.com/Dargon789/account/security/code-scanning/3



* Update ci.yaml (#16)

reback use test 
CI and automation chores (ithacaxyz#394)
 7dd8a5d



* Delete CNAME

* Update Brutalizer.sol

* Potential fix for code scanning alert no. 2: Workflow does not contain permissions (#17)




* Refactor deployment scripts and update configs

Migrates deployment scripts to use fork-based configuration loading, removes legacy CircleCI and GitHub workflow files, and introduces a registry-based contract deployment record. Updates .env.example, README, and foundry configuration. Removes LayerZero vendor and test files, adds devtools submodule, and improves LayerZeroSettler configuration logic for multi-chain deployments.

* Fix commit user email format in CI workflow (#18)

30a2096



* Potential fix for code scanning alert no. 4: Workflow does not contain permissions (#19)




* Potential fix for code scanning alert no. 1: Workflow does not contain permissions (#20)




* Update ci.yaml (#21)

reback use test 
CI and automation chores (ithacaxyz#394)
 7dd8a5d



* Master (#22)

* Merge branch 'master' (#8)

* Update ci.yaml (#2)

CI:
Update Forge test command to use --rerun and increase verbosity to -vvvvv


* Update ci.yaml (#4)

Enhance the CI test step to automatically rerun failed tests and increase verbosity in Forge.
CI:
Enable the --rerun flag for Forge tests to retry failures automatically
Increase Forge test verbosity from -vvv to -vvvvv


* Update ci.yaml (#5)

Change Forge test invocation from "forge test --rerun -vvvvv" to "forge test -vvv"


* Update ci.yaml



* Create CNAME

---------



* Revert "fix vm block accoount (#11)" (#13)

Reverts #11

Summary by Sourcery
CI:

Update the Forge test command in the CI workflow to enable reruns and increase verbosity.
This reverts commit 942017f.

---------



* Update ci.yaml



* Refactor function signatures and formatting for consistency

Updated function signatures in IFunder and SimpleFunder for single-line style, and improved code formatting in IthacaAccount, test/Account.t.sol, test/Benchmark.t.sol, and test/LayerZeroSettler.t.sol for readability and consistency. No logic changes were made.

* Delete .circleci directory (#27)



* # Default ignored files

* .snapshot_worktree

* Delete .idea directory (#35)



* pre-commit

* pre-commit

* deploy execute_config.sh

* Update forge-std

* Update check-bytecode-changes.js

* pre-commit

* chore: bump contract versions due to bytecode changes

* chore: bump contract versions due to bytecode changes

* chore: bump contract versions due to bytecode changes

contracts update

* v0.5.11

* chore: unify merkle sig flow for orchestrator multi chain intents

* test: add tests for getContextKeyHash in Account.t.sol (ithacaxyz#412)

* Refactor function signatures and formatting for consistency

---------

Signed-off-by: Dargon789 <64915515+Dargon789@users.noreply.github.com>
Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
Co-authored-by: Tanishk Goyal <legion2002@users.noreply.github.com>
Co-authored-by: Tanishk Goyal <goyaltanishk02@gmail.com>
Co-authored-by: howy <132113803+howydev@users.noreply.github.com>
Co-authored-by: GitHub Action <action@github.com>
Co-authored-by: o-az <omaraziz.dev@proton.me>
Co-authored-by: Claude <noreply@anthropic.com>
Co-authored-by: Copilot Autofix powered by AI <62310815+github-advanced-security[bot]@users.noreply.github.com>
Co-authored-by: googleworkspace-bot <googleworkspace-bot@google.com>
@vercel

vercel Bot commented Mar 15, 2026

Copy link
Copy Markdown

The latest updates on your projects. Learn more about Vercel for GitHub.

Project Deployment Actions Updated (UTC)
legion Ready Ready Preview, Comment Mar 15, 2026 8:26am

@gemini-code-assist

Copy link
Copy Markdown

Note

Gemini is unable to generate a summary for this pull request due to the file types involved not being currently supported.

@snyk-io

snyk-io Bot commented Mar 15, 2026

Copy link
Copy Markdown

Snyk checks have passed. No issues have been found so far.

Status Scan Engine Critical High Medium Low Total (0)
Open Source Security 0 0 0 0 0 issues

💻 Catch issues earlier using the plugins for VS Code, JetBrains IDEs, Visual Studio, and Eclipse.

@Dargon789

Copy link
Copy Markdown
Owner Author

@Mergifyio refresh

@mergify

mergify Bot commented Mar 15, 2026

Copy link
Copy Markdown

refresh

✅ Pull request refreshed

@Dargon789 Dargon789 merged commit b232265 into main Mar 15, 2026
10 of 14 checks passed
@Dargon789 Dargon789 deleted the alert-autofix-1 branch March 15, 2026 09:31
@Dargon789 Dargon789 self-assigned this Apr 16, 2026
@Dargon789 Dargon789 added bug Something isn't working documentation Improvements or additions to documentation duplicate This issue or pull request already exists enhancement New feature or request help wanted Extra attention is needed good first issue Good for newcomers invalid This doesn't seem right question Further information is requested wontfix This will not be worked on labels Apr 16, 2026
@github-project-automation github-project-automation Bot moved this from Todo to Done in web3-Defi-Gamefi Apr 16, 2026
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

bug Something isn't working documentation Improvements or additions to documentation duplicate This issue or pull request already exists enhancement New feature or request good first issue Good for newcomers help wanted Extra attention is needed invalid This doesn't seem right question Further information is requested wontfix This will not be worked on

Projects

Status: Done

1 participant