Skip to content

Add tests for ensureNotAssetHubAgent#1793

Merged
claravanstaden merged 4 commits into
ron/restrict-agent-call-contractfrom
clara/snowbsc-532-test-coverage
May 22, 2026
Merged

Add tests for ensureNotAssetHubAgent#1793
claravanstaden merged 4 commits into
ron/restrict-agent-call-contractfrom
clara/snowbsc-532-test-coverage

Conversation

@claravanstaden

@claravanstaden claravanstaden commented May 22, 2026
edited
Loading

Copy link
Copy Markdown
Contributor

Summary

  • Adds 9 tests covering the AssetHub-agent callContract block.
  • Pins the new helper's revert reason directly via an exposed wrapper on MockGateway.
  • Confirms BRIDGE_HUB_AGENT_ID remains intentionally non-privileged.

What changed

  • Exposed Functions.ensureNotAssetHubAgent on MockGateway for unit and fuzz tests.
  • Added 9 tests in GatewayV2.t.sol: positive user-agent callContract; helper unit coverage (rejects AssetHub with UnauthorizedPrivilegedAgent, allows BridgeHub, allows user agent, unregistered reverts AgentDoesNotExist); no-state-leak on the AssetHub failure path; fuzz invariant; dual unlock invariant; multi-command behavior.

Test plan

  • forge test --match-path test/GatewayV2.t.sol passes (49 / 49).
  • forge build clean.

🤖 Generated with Claude Code

@claravanstaden @claude
Add tests for ensureNotAssetHubAgent
250175a 
Strengthens coverage around the AssetHub-agent callContract block
introduced in #1788:

- positive: a v2_createAgent'd user agent can still callContract
- direct: ensureNotAssetHubAgent revert reason and allow/deny paths
  pinned via an exposed wrapper on MockGateway, including a fuzz
  invariant that only ASSET_HUB_AGENT_ID returns
  UnauthorizedPrivilegedAgent
- no-state-leak: AssetHub failure path emits no SaidHello, leaves
  agent balance and registration untouched
- dual-invariant: ASSET_HUB_AGENT_ID is rejected as a callContract
  origin AND still accepted as an unlockNativeToken recipient
- multi-command: a poisoned AssetHub-origin callContract bundled
  with a legit one fails every command; same payload from a user
  agent succeeds
- skipped: testAgentCallContractFailsForBridgeHub documents the
  latent AliasOrigin(Here) -> BRIDGE_HUB_AGENT_ID bypass that the
  current single-entry deny list does not cover

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
@codecov

codecov Bot commented May 22, 2026
edited
Loading

Copy link
Copy Markdown

Codecov Report

✅ All modified and coverable lines are covered by tests.
✅ Project coverage is 76.79%. Comparing base (e98e560) to head (cfc2ef1).

Additional details and impacted files 
@@                        Coverage Diff                        @@
##           ron/restrict-agent-call-contract    #1793   +/-   ##
=================================================================
  Coverage                             76.79%   76.79%           
=================================================================
  Files                                    24       24           
  Lines                                   987      987           
  Branches                                187      187           
=================================================================
  Hits                                    758      758           
  Misses                                  205      205           
  Partials                                 24       24
Flag Coverage Δ
solidity 76.79% <ø> (ø)

Flags with carried forward coverage won't be shown. Click here to find out more.

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:
  • ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.
  • 📦 JS Bundle Analysis: Save yourself from yourself by tracking and limiting bundle sizes in JS merges.

claravanstaden and others added 2 commits May 22, 2026 11:33
@claravanstaden @claude
Drop BridgeHub-block skip test
3d10923 
BridgeHub is intentionally non-privileged in the V2 deny list; only
ASSET_HUB_AGENT_ID is reserved. Remove the speculative
testAgentCallContractFailsForBridgeHub skip and clarify the existing
testEnsureNotAssetHubAgent_AllowsBridgeHub with a comment so future
readers know the allow is by design.

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
@claravanstaden @claude
Drop ticket id from section comment
1c82414 
Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
@claravanstaden claravanstaden changed the title Add tests for ensureNotAssetHubAgent (SNOWBSC-532 follow-up) Add tests for ensureNotAssetHubAgent May 22, 2026
@claravanstaden @claude
Drop PR reference from section comment
cfc2ef1 
Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
@claravanstaden claravanstaden mentioned this pull request May 22, 2026
Open
yrong
yrong approved these changes May 22, 2026
View reviewed changes

@yrong yrong left a comment

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Nice!

@claravanstaden claravanstaden merged commit 1b33385 into ron/restrict-agent-call-contract May 22, 2026
2 checks passed
@claravanstaden claravanstaden deleted the clara/snowbsc-532-test-coverage branch May 22, 2026 10:01
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@yrong yrong yrong approved these changes

Assignees

No one assigned

Labels

Component: Ethereum

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@claravanstaden @yrong