chore: compatibility fixes and testnet setup script#1001
Conversation
|
The latest updates on your projects. Learn more about Vercel for GitHub. 2 Skipped Deployments
|
|
Note Other AI code review bot(s) detectedCodeRabbit has detected other AI code review bot(s) in this pull request and will avoid duplicating their findings in the review comments. This may lead to a less comprehensive review. WalkthroughAdds CRISP testnet tooling and config: new example env with multiple private keys, testnet setup script and npm tasks; updates deployed contract manifests for Sepolia/localhost; extends Hardhat ciphernode tasks (minting + transfer checks); removes onlyOwner from mock stable token mint; small Rust CLI and voting-snapshot adjustments. Changes
Sequence Diagram(s)sequenceDiagram
participant User
participant Setup as setup_testnet.sh
participant Enclave as Enclave Process
participant Hardhat
participant Sepolia
User->>Setup: run setup_testnet.sh
activate Setup
Setup->>Setup: source .env, setup cleanup traps
Setup->>Enclave: launch multiple nodes (background)
Setup->>Setup: extract node addresses (yq)
loop per ciphernode
Setup->>Hardhat: invoke ciphernode:mint:tokens
Hardhat->>Sepolia: query token, enable transfers if restricted
Hardhat->>Sepolia: mint tokens
Hardhat-->>Setup: mint success
Setup->>Hardhat: invoke ciphernode:add:self (with node key)
Hardhat->>Sepolia: bondingRegistry.isRegistered(address)?
alt not registered
Hardhat->>Sepolia: registerOperator
else already registered
Note right of Hardhat: skip registration
end
Hardhat-->>Setup: add success
end
Setup->>Setup: start dev_program.sh & dev_server.sh (parallel)
deactivate Setup
Estimated code review effort🎯 4 (Complex) | ⏱️ ~60 minutes
Possibly related PRs
Suggested reviewers
Poem
Pre-merge checks and finishing touches✅ Passed checks (3 passed)
✨ Finishing touches
🧪 Generate unit tests (beta)
Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out. Comment |
There was a problem hiding this comment.
Pull Request Overview
This PR introduces compatibility fixes and a new testnet setup script to streamline the deployment and configuration of ciphernode infrastructure on the Sepolia testnet. The changes focus on enabling easier multi-node testing and removing access control restrictions for mock contracts.
- Removed
onlyOwnerrestriction from MockUSDC mint function for easier testing - Added automatic transfer restriction handling in the token minting task
- Created a new testnet setup script that automates wallet configuration, node startup, token minting, and ciphernode registration
Reviewed Changes
Copilot reviewed 10 out of 10 changed files in this pull request and generated 3 comments.
Show a summary per file
| File | Description |
|---|---|
| packages/enclave-contracts/tasks/ciphernode.ts | Added logic to automatically disable transfer restrictions on EnclaveToken during minting |
| packages/enclave-contracts/contracts/test/MockStableToken.sol | Removed onlyOwner modifier from mint function to allow unrestricted minting for testing |
| packages/enclave-contracts/deployed_contracts.json | Updated contract deployment addresses and configuration for Sepolia network |
| examples/CRISP/scripts/setup_testnet.sh | New bash script to automate testnet setup with multiple ciphernodes |
| examples/CRISP/packages/crisp-contracts/package.json | Added new npm scripts for token minting and self-registration tasks |
| examples/CRISP/packages/crisp-contracts/hardhat.config.ts | Imported and registered ciphernodeMintTokens task |
| examples/CRISP/packages/crisp-contracts/deployed_contracts.json | Updated contract deployment addresses for Sepolia network |
| examples/CRISP/package.json | Added npm scripts for token minting, self-registration, and testnet setup |
| examples/CRISP/.env.example | Added example private keys for testing multiple ciphernodes |
| packages/enclave-contracts/artifacts/contracts/interfaces/IEnclave.sol/IEnclave.json | Updated build info ID (artifact regeneration) |
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
![coderabbitai[bot]](https://avatars.githubusercontent.com/in/347564?s=60&v=4){kind=small}
There was a problem hiding this comment.
Actionable comments posted: 3
🧹 Nitpick comments (1)
examples/CRISP/.env.example (1)
1-9: Consider removing quotes from environment variable values.The static analysis warnings about "Generic API Key" are false positives—these are well-known Hardhat test account keys. However, the quote characters around the values are unnecessary in
.envfiles and can sometimes cause parsing issues depending on how the file is loaded.Apply this diff to remove the quotes:
-PRIVATE_KEY_AG="0xac0974bec39a17e36ba4a6b4d238ff944bacb478cbed5efcae784d7bf4f2ff80" -PRIVATE_KEY_CN1="0x59c6995e998f97a5a0044966f0945389dc9e86dae88c7a8412f4603b6b78690d" -PRIVATE_KEY_CN2="0x5de4111afa1a4b94908f83103eb1f1706367c2e68ca870fc3fb9a804cdab365a" -PRIVATE_KEY_CN3="0x7c852118294e51e653712a81e05800f419141751be58f605c371e15141b007a6" -PRIVATE_KEY_CN4="0x47e179ec197488593b187f80a00eb0da91f1b9d0b13f8733639f19c30a34926a" -PRIVATE_KEY_CN5="0x8b3a350cf5c34c9194ca85829a2df0ec3153be0318b5e2d3348e872092edffba" +PRIVATE_KEY_AG=0xac0974bec39a17e36ba4a6b4d238ff944bacb478cbed5efcae784d7bf4f2ff80 +PRIVATE_KEY_CN1=0x59c6995e998f97a5a0044966f0945389dc9e86dae88c7a8412f4603b6b78690d +PRIVATE_KEY_CN2=0x5de4111afa1a4b94908f83103eb1f1706367c2e68ca870fc3fb9a804cdab365a +PRIVATE_KEY_CN3=0x7c852118294e51e653712a81e05800f419141751be58f605c371e15141b007a6 +PRIVATE_KEY_CN4=0x47e179ec197488593b187f80a00eb0da91f1b9d0b13f8733639f19c30a34926a +PRIVATE_KEY_CN5=0x8b3a350cf5c34c9194ca85829a2df0ec3153be0318b5e2d3348e872092edffba
📜 Review details
Configuration used: Path: .coderabbit.yaml
Review profile: CHILL
Plan: Pro
📒 Files selected for processing (10)
examples/CRISP/.env.example(1 hunks)examples/CRISP/package.json(2 hunks)examples/CRISP/packages/crisp-contracts/deployed_contracts.json(1 hunks)examples/CRISP/packages/crisp-contracts/hardhat.config.ts(2 hunks)examples/CRISP/packages/crisp-contracts/package.json(1 hunks)examples/CRISP/scripts/setup_testnet.sh(1 hunks)packages/enclave-contracts/artifacts/contracts/interfaces/IEnclave.sol/IEnclave.json(1 hunks)packages/enclave-contracts/contracts/test/MockStableToken.sol(1 hunks)packages/enclave-contracts/deployed_contracts.json(1 hunks)packages/enclave-contracts/tasks/ciphernode.ts(1 hunks)
🧰 Additional context used
🧠 Learnings (12)
📚 Learning: 2025-09-11T13:21:31.031Z
Learnt from: ctrlc03
Repo: gnosisguild/enclave PR: 677
File: packages/enclave-contracts/tasks/utils.ts:7-8
Timestamp: 2025-09-11T13:21:31.031Z
Learning: In Hardhat v3, the task API syntax has changed significantly from v2. The new syntax uses:
- `.addOption({ name, description, defaultValue, type })` instead of `.addOptionalParam()`
- `.setAction(async () => ({ default: (args, hre) => { ... } }))` instead of direct `.setAction((args, hre) => { ... })`
- `.build()` is required to finalize task definitions
- `ArgumentType.STRING` is used for option types instead of `types.string`
Applied to files:
examples/CRISP/packages/crisp-contracts/hardhat.config.ts
📚 Learning: 2025-09-11T13:09:03.800Z
Learnt from: ctrlc03
Repo: gnosisguild/enclave PR: 677
File: packages/enclave-contracts/scripts/deployAndSave/naiveRegistryFilter.ts:30-31
Timestamp: 2025-09-11T13:09:03.800Z
Learning: In Hardhat v3 deployment scripts, use `(await signer.provider?.getNetwork())?.name ?? "localhost"` instead of `hre.globalOptions.network` to reliably get the network name, as `hre.globalOptions.network` can be undefined in some contexts.
Applied to files:
examples/CRISP/packages/crisp-contracts/hardhat.config.ts
📚 Learning: 2025-10-10T12:56:40.538Z
Learnt from: 0xjei
Repo: gnosisguild/enclave PR: 830
File: templates/default/README.md:123-128
Timestamp: 2025-10-10T12:56:40.538Z
Learning: In the Enclave repository, the hard-coded Hardhat development private key `0xac0974bec39a17e36ba4a6b4d238ff944bacb478cbed5efcae784d7bf4f2ff80` is acceptable in template README files and documentation for local testing/interaction purposes.
Applied to files:
examples/CRISP/.env.example
📚 Learning: 2024-10-23T01:59:27.215Z
Learnt from: ryardley
Repo: gnosisguild/enclave PR: 156
File: tests/basic_integration/test.sh:21-21
Timestamp: 2024-10-23T01:59:27.215Z
Learning: In `tests/basic_integration/test.sh`, the hardcoded `CIPHERNODE_SECRET` is acceptable for testing purposes and does not need to be changed.
Applied to files:
examples/CRISP/.env.exampleexamples/CRISP/scripts/setup_testnet.sh
📚 Learning: 2024-10-23T02:03:02.008Z
Learnt from: ryardley
Repo: gnosisguild/enclave PR: 156
File: packages/ciphernode/keyshare/src/encryption.rs:45-45
Timestamp: 2024-10-23T02:03:02.008Z
Learning: In the `packages/ciphernode/keyshare/src/encryption.rs` file, the environment variable `CIPHERNODE_SECRET` is used for the encryption password. A secure secret management solution is not currently available, but may be considered in future iterations.
Applied to files:
examples/CRISP/.env.example
📚 Learning: 2024-10-23T01:59:42.967Z
Learnt from: ryardley
Repo: gnosisguild/enclave PR: 156
File: packages/ciphernode/tests/tests/test_aggregation_and_decryption.rs:274-274
Timestamp: 2024-10-23T01:59:42.967Z
Learning: In the `packages/ciphernode/tests/tests/test_aggregation_and_decryption.rs` file and other test files within this project, hardcoding `CIPHERNODE_SECRET` is acceptable for testing purposes.
Applied to files:
examples/CRISP/.env.exampleexamples/CRISP/scripts/setup_testnet.sh
📚 Learning: 2024-09-26T04:12:09.345Z
Learnt from: ryardley
Repo: gnosisguild/enclave PR: 107
File: tests/basic_integration/test.sh:103-114
Timestamp: 2024-09-26T04:12:09.345Z
Learning: In `tests/basic_integration/test.sh`, the user prefers not to refactor the ciphernode addition section to reduce duplication.
Applied to files:
examples/CRISP/.env.exampleexamples/CRISP/scripts/setup_testnet.sh
📚 Learning: 2025-09-19T11:16:53.825Z
Learnt from: cedoor
Repo: gnosisguild/enclave PR: 752
File: packages/enclave-contracts/contracts/Enclave.sol:15-17
Timestamp: 2025-09-19T11:16:53.825Z
Learning: The Enclave contract in the gnosisguild/enclave repository has not been deployed yet as of September 2025, so storage layout considerations for upgradeable contracts don't apply to current changes.
Applied to files:
packages/enclave-contracts/artifacts/contracts/interfaces/IEnclave.sol/IEnclave.jsonpackages/enclave-contracts/deployed_contracts.json
📚 Learning: 2024-10-01T02:51:17.718Z
Learnt from: ryardley
Repo: gnosisguild/enclave PR: 119
File: packages/evm/contracts/test/MockE3Program.sol:15-17
Timestamp: 2024-10-01T02:51:17.718Z
Learning: In mock contracts used for testing, it's acceptable for functions to lack access control since they do not pose security risks.
Applied to files:
packages/enclave-contracts/contracts/test/MockStableToken.sol
📚 Learning: 2024-11-25T09:47:48.863Z
Learnt from: ryardley
Repo: gnosisguild/enclave PR: 184
File: packages/ciphernode/net/tests/entrypoint.sh:4-8
Timestamp: 2024-11-25T09:47:48.863Z
Learning: When reviewing test scripts like `packages/ciphernode/net/tests/entrypoint.sh`, avoid suggesting additional error handling and cleanup for `iptables` commands, as it may not be necessary.
Applied to files:
examples/CRISP/scripts/setup_testnet.sh
📚 Learning: 2024-11-25T09:48:29.068Z
Learnt from: ryardley
Repo: gnosisguild/enclave PR: 184
File: packages/ciphernode/net/tests/run.sh:5-8
Timestamp: 2024-11-25T09:48:29.068Z
Learning: In the `run.sh` script in `packages/ciphernode/net/tests`, adding programmatic validation of test results is not appropriate.
Applied to files:
examples/CRISP/scripts/setup_testnet.sh
📚 Learning: 2025-11-12T10:08:30.693Z
Learnt from: ctrlc03
Repo: gnosisguild/enclave PR: 996
File: examples/CRISP/packages/crisp-contracts/contracts/CRISPProgram.sol:144-169
Timestamp: 2025-11-12T10:08:30.693Z
Learning: In the CRISP program (examples/CRISP/packages/crisp-contracts/contracts/CRISPProgram.sol), there are plans to move the merkle tree from the Enclave contract to the program contract itself in the future, which would allow direct calls to validateInput to be stored in the merkle tree.
Applied to files:
packages/enclave-contracts/deployed_contracts.json
🧬 Code graph analysis (1)
examples/CRISP/packages/crisp-contracts/hardhat.config.ts (1)
packages/enclave-contracts/tasks/ciphernode.ts (2)
ciphernodeAdd(11-145)ciphernodeMintTokens(193-284)
🪛 dotenv-linter (4.0.0)
examples/CRISP/.env.example
[warning] 4-4: [QuoteCharacter] The value has quote characters (', ")
(QuoteCharacter)
[warning] 5-5: [QuoteCharacter] The value has quote characters (', ")
(QuoteCharacter)
[warning] 6-6: [QuoteCharacter] The value has quote characters (', ")
(QuoteCharacter)
[warning] 7-7: [QuoteCharacter] The value has quote characters (', ")
(QuoteCharacter)
[warning] 8-8: [QuoteCharacter] The value has quote characters (', ")
(QuoteCharacter)
[warning] 9-9: [QuoteCharacter] The value has quote characters (', ")
(QuoteCharacter)
🪛 Gitleaks (8.29.0)
examples/CRISP/.env.example
[high] 4-4: Detected a Generic API Key, potentially exposing access to various services and sensitive operations.
(generic-api-key)
[high] 5-5: Detected a Generic API Key, potentially exposing access to various services and sensitive operations.
(generic-api-key)
[high] 6-6: Detected a Generic API Key, potentially exposing access to various services and sensitive operations.
(generic-api-key)
[high] 7-7: Detected a Generic API Key, potentially exposing access to various services and sensitive operations.
(generic-api-key)
[high] 8-8: Detected a Generic API Key, potentially exposing access to various services and sensitive operations.
(generic-api-key)
[high] 9-9: Detected a Generic API Key, potentially exposing access to various services and sensitive operations.
(generic-api-key)
examples/CRISP/packages/crisp-contracts/deployed_contracts.json
[high] 23-23: Detected a Generic API Key, potentially exposing access to various services and sensitive operations.
(generic-api-key)
[high] 41-41: Detected a Generic API Key, potentially exposing access to various services and sensitive operations.
(generic-api-key)
[high] 42-42: Detected a Generic API Key, potentially exposing access to various services and sensitive operations.
(generic-api-key)
[high] 69-69: Detected a Generic API Key, potentially exposing access to various services and sensitive operations.
(generic-api-key)
⏰ Context from checks skipped due to timeout of 90000ms. You can increase the timeout in your CodeRabbit configuration to a maximum of 15 minutes (900000ms). (8)
- GitHub Check: build_sdk
- GitHub Check: build_enclave_cli
- GitHub Check: integration_prebuild
- GitHub Check: test_contracts
- GitHub Check: test_net
- GitHub Check: rust_integration
- GitHub Check: rust_unit
- GitHub Check: Build & Push Image
🔇 Additional comments (10)
packages/enclave-contracts/artifacts/contracts/interfaces/IEnclave.sol/IEnclave.json (1)
980-980: LGTM! Standard build artifact update.The
buildInfoIdchange reflects a recompilation of the contract with no functional changes to the interface, ABI, or bytecode.packages/enclave-contracts/tasks/ciphernode.ts (1)
268-277: LGTM! Necessary post-mint setup.This conditional check ensures that minted tokens are immediately transferable, which is essential for the testnet workflow where tokens need to be used right after minting for bonding and ticket operations.
examples/CRISP/packages/crisp-contracts/hardhat.config.ts (1)
12-12: LGTM! Clean task integration.The
ciphernodeMintTokenstask is properly imported and added to the Hardhat configuration, enabling the testnet setup workflow.Also applies to: 78-78
examples/CRISP/packages/crisp-contracts/package.json (1)
32-33: LGTM! Scripts align with Hardhat tasks.The new npm scripts properly expose the
ciphernode:mint-tokensandciphernode:addHardhat tasks, enabling the testnet setup workflow.examples/CRISP/scripts/setup_testnet.sh (1)
79-79: Clarify wait behavior.The
waitcommand with no arguments waits for all background jobs. Currently, onlyenclave nodes up(line 43) is backgrounded. If this is intentional, the script is correct. However, if the intent was to wait specifically for the enclave nodes, consider usingwait $!immediately after line 43 to capture and wait for that specific PID.Is the placement of
waitat line 79 intentional to keep nodes running while other commands execute, then wait before starting concurrent processes?packages/enclave-contracts/deployed_contracts.json (1)
13-13: Verify placeholder registry address in testnet configuration.In
deployed_contracts.json(sepolia network), the registry is set to0x0000000000000000000000000000000000000001during Enclave initialization. ThesetCiphernodeRegistry()function validates only againstaddress(0), soaddress(1)would pass validation and persist if not updated via the setter post-deployment.Confirm:
- This is intentional testnet placeholder and not meant for production
- The registry address is replaced during deployment via
setCiphernodeRegistry()- Deployment workflow ensures this placeholder is not retained in actual deployments
examples/CRISP/package.json (2)
19-20: LGTM!The new ciphernode scripts follow the existing delegation pattern and should integrate cleanly with the crisp-contracts package configuration.
29-30: setup_testnet.sh exists at the expected location.Verification confirms that
./scripts/setup_testnet.shresolves correctly toexamples/CRISP/scripts/setup_testnet.sh. No action required.examples/CRISP/packages/crisp-contracts/deployed_contracts.json (2)
1-123: Dismiss gitleaks false positives on Ethereum addresses.Static analysis flagged lines 23, 41, 42, and 69 as "generic-api-key" alerts. However, these are standard Ethereum contract addresses (format:
0xfollowed by 40 hexadecimal characters) and deployment metadata addresses, which are public blockchain data and not secrets. These are false positives and can be safely ignored.
113-122: Verify constructor argument cross-references.The
CRISPProgramconstructor arguments reference several other deployed contracts. Spot-check confirms that the addresses match their corresponding contracts:
enclave(line 116) → matchesEnclave.address(line 76) ✓verifierAddress(line 117) → matchesMockRISC0Verifier.address(line 99) ✓inputValidatorAddress(line 118) → matchesMockCRISPInputValidator.address(line 102) ✓honkVerifierAddress(line 119) → matchesHonkVerifier.address(line 111) ✓Ensure that all dependent contracts are deployed before
CRISPProgramand that no addresses have been transcription errors.
ctrlc03
force-pushed
the
chore/compatibility-fixes
branch
from
dc59b90 to
d0e8ae4
Compare
There was a problem hiding this comment.
Actionable comments posted: 0
♻️ Duplicate comments (1)
examples/CRISP/scripts/setup_testnet.sh (1)
1-36: Add dependency checks to prevent failures with unclear error messages.The script uses
yq(5 times),pnpm(10 times),enclave(15 times), andconcurrently(1 time) without verifying they're installed. This causes obscure failures if any are missing. Add checks near the top after strict mode:set -euo pipefail +# Check for required dependencies +for cmd in yq pnpm enclave concurrently; do + if ! command -v "$cmd" &>/dev/null; then + echo "Error: '$cmd' is required but not installed." + exit 1 + fi +done + export CARGO_INCREMENTAL=1
🧹 Nitpick comments (2)
examples/CRISP/server/src/cli/approve.rs (1)
34-42: Good refactor: eliminated unnecessary RPC call.Resolving the owner directly from
signer.address()is more efficient and reliable than the previousprovider.get_accounts()approach. This eliminates an RPC round-trip and avoids potential account-ordering issues.Optional: eliminate redundant clone.
Since
address()typically takes&self, the clone on line 42 is unnecessary:let wallet = EthereumWallet::from(signer.clone()); let provider = ProviderBuilder::new() .wallet(wallet) .connect(http_rpc_url) .await?; let contract = ERC20::new(token_address, &provider); -let owner = signer.clone().address(); +let owner = signer.address(); let current_allowance = contract.allowance(owner, spender_address).call().await?;examples/CRISP/scripts/setup_testnet.sh (1)
70-79: Code duplication in ciphernode registration loop could be condensed.Lines 70–79 repeat the same pattern (export key, call pnpm) five times. While this is straightforward, a loop would reduce maintenance burden:
-export PRIVATE_KEY="$PRIVATE_KEY_CN1" -pnpm ciphernode:add:self --network "sepolia" -export PRIVATE_KEY="$PRIVATE_KEY_CN2" -pnpm ciphernode:add:self --network "sepolia" -export PRIVATE_KEY="$PRIVATE_KEY_CN3" -pnpm ciphernode:add:self --network "sepolia" -export PRIVATE_KEY="$PRIVATE_KEY_CN4" -pnpm ciphernode:add:self --network "sepolia" -export PRIVATE_KEY="$PRIVATE_KEY_CN5" -pnpm ciphernode:add:self --network "sepolia" +for i in {1..5}; do + export PRIVATE_KEY=$(eval echo "\$PRIVATE_KEY_CN$i") + pnpm ciphernode:add:self --network "sepolia" +done
📜 Review details
Configuration used: Path: .coderabbit.yaml
Review profile: CHILL
Plan: Pro
📒 Files selected for processing (10)
examples/CRISP/.env.example(1 hunks)examples/CRISP/package.json(2 hunks)examples/CRISP/packages/crisp-contracts/deployed_contracts.json(1 hunks)examples/CRISP/packages/crisp-contracts/hardhat.config.ts(2 hunks)examples/CRISP/packages/crisp-contracts/package.json(1 hunks)examples/CRISP/scripts/setup_testnet.sh(1 hunks)examples/CRISP/server/src/cli/approve.rs(1 hunks)packages/enclave-contracts/contracts/test/MockStableToken.sol(1 hunks)packages/enclave-contracts/deployed_contracts.json(1 hunks)packages/enclave-contracts/tasks/ciphernode.ts(2 hunks)
🚧 Files skipped from review as they are similar to previous changes (4)
- packages/enclave-contracts/contracts/test/MockStableToken.sol
- examples/CRISP/packages/crisp-contracts/hardhat.config.ts
- examples/CRISP/packages/crisp-contracts/package.json
- packages/enclave-contracts/tasks/ciphernode.ts
🧰 Additional context used
🧠 Learnings (10)
📚 Learning: 2024-11-25T09:47:48.863Z
Learnt from: ryardley
Repo: gnosisguild/enclave PR: 184
File: packages/ciphernode/net/tests/entrypoint.sh:4-8
Timestamp: 2024-11-25T09:47:48.863Z
Learning: When reviewing test scripts like `packages/ciphernode/net/tests/entrypoint.sh`, avoid suggesting additional error handling and cleanup for `iptables` commands, as it may not be necessary.
Applied to files:
examples/CRISP/scripts/setup_testnet.sh
📚 Learning: 2024-09-26T04:12:09.345Z
Learnt from: ryardley
Repo: gnosisguild/enclave PR: 107
File: tests/basic_integration/test.sh:103-114
Timestamp: 2024-09-26T04:12:09.345Z
Learning: In `tests/basic_integration/test.sh`, the user prefers not to refactor the ciphernode addition section to reduce duplication.
Applied to files:
examples/CRISP/scripts/setup_testnet.shexamples/CRISP/.env.example
📚 Learning: 2024-11-25T09:48:29.068Z
Learnt from: ryardley
Repo: gnosisguild/enclave PR: 184
File: packages/ciphernode/net/tests/run.sh:5-8
Timestamp: 2024-11-25T09:48:29.068Z
Learning: In the `run.sh` script in `packages/ciphernode/net/tests`, adding programmatic validation of test results is not appropriate.
Applied to files:
examples/CRISP/scripts/setup_testnet.sh
📚 Learning: 2024-10-23T01:59:27.215Z
Learnt from: ryardley
Repo: gnosisguild/enclave PR: 156
File: tests/basic_integration/test.sh:21-21
Timestamp: 2024-10-23T01:59:27.215Z
Learning: In `tests/basic_integration/test.sh`, the hardcoded `CIPHERNODE_SECRET` is acceptable for testing purposes and does not need to be changed.
Applied to files:
examples/CRISP/scripts/setup_testnet.shexamples/CRISP/.env.example
📚 Learning: 2024-09-26T05:01:46.024Z
Learnt from: ryardley
Repo: gnosisguild/enclave PR: 107
File: tests/basic_integration/test.sh:27-31
Timestamp: 2024-09-26T05:01:46.024Z
Learning: In the scripts, quoting the command substitution in the `kill` command within the `cleanup` function can cause the script to fail, so it's acceptable to leave it unquoted.
Applied to files:
examples/CRISP/scripts/setup_testnet.sh
📚 Learning: 2024-10-23T01:59:42.967Z
Learnt from: ryardley
Repo: gnosisguild/enclave PR: 156
File: packages/ciphernode/tests/tests/test_aggregation_and_decryption.rs:274-274
Timestamp: 2024-10-23T01:59:42.967Z
Learning: In the `packages/ciphernode/tests/tests/test_aggregation_and_decryption.rs` file and other test files within this project, hardcoding `CIPHERNODE_SECRET` is acceptable for testing purposes.
Applied to files:
examples/CRISP/scripts/setup_testnet.shexamples/CRISP/.env.example
📚 Learning: 2025-09-19T11:16:53.825Z
Learnt from: cedoor
Repo: gnosisguild/enclave PR: 752
File: packages/enclave-contracts/contracts/Enclave.sol:15-17
Timestamp: 2025-09-19T11:16:53.825Z
Learning: The Enclave contract in the gnosisguild/enclave repository has not been deployed yet as of September 2025, so storage layout considerations for upgradeable contracts don't apply to current changes.
Applied to files:
packages/enclave-contracts/deployed_contracts.json
📚 Learning: 2025-11-12T10:08:30.693Z
Learnt from: ctrlc03
Repo: gnosisguild/enclave PR: 996
File: examples/CRISP/packages/crisp-contracts/contracts/CRISPProgram.sol:144-169
Timestamp: 2025-11-12T10:08:30.693Z
Learning: In the CRISP program (examples/CRISP/packages/crisp-contracts/contracts/CRISPProgram.sol), there are plans to move the merkle tree from the Enclave contract to the program contract itself in the future, which would allow direct calls to validateInput to be stored in the merkle tree.
Applied to files:
packages/enclave-contracts/deployed_contracts.json
📚 Learning: 2025-10-10T12:56:40.538Z
Learnt from: 0xjei
Repo: gnosisguild/enclave PR: 830
File: templates/default/README.md:123-128
Timestamp: 2025-10-10T12:56:40.538Z
Learning: In the Enclave repository, the hard-coded Hardhat development private key `0xac0974bec39a17e36ba4a6b4d238ff944bacb478cbed5efcae784d7bf4f2ff80` is acceptable in template README files and documentation for local testing/interaction purposes.
Applied to files:
examples/CRISP/.env.example
📚 Learning: 2024-10-23T02:03:02.008Z
Learnt from: ryardley
Repo: gnosisguild/enclave PR: 156
File: packages/ciphernode/keyshare/src/encryption.rs:45-45
Timestamp: 2024-10-23T02:03:02.008Z
Learning: In the `packages/ciphernode/keyshare/src/encryption.rs` file, the environment variable `CIPHERNODE_SECRET` is used for the encryption password. A secure secret management solution is not currently available, but may be considered in future iterations.
Applied to files:
examples/CRISP/.env.example
🪛 dotenv-linter (4.0.0)
examples/CRISP/.env.example
[warning] 4-4: [QuoteCharacter] The value has quote characters (', ")
(QuoteCharacter)
[warning] 5-5: [QuoteCharacter] The value has quote characters (', ")
(QuoteCharacter)
[warning] 6-6: [QuoteCharacter] The value has quote characters (', ")
(QuoteCharacter)
[warning] 7-7: [QuoteCharacter] The value has quote characters (', ")
(QuoteCharacter)
[warning] 8-8: [QuoteCharacter] The value has quote characters (', ")
(QuoteCharacter)
[warning] 9-9: [QuoteCharacter] The value has quote characters (', ")
(QuoteCharacter)
🪛 Gitleaks (8.29.0)
examples/CRISP/.env.example
[high] 4-4: Detected a Generic API Key, potentially exposing access to various services and sensitive operations.
(generic-api-key)
[high] 5-5: Detected a Generic API Key, potentially exposing access to various services and sensitive operations.
(generic-api-key)
[high] 6-6: Detected a Generic API Key, potentially exposing access to various services and sensitive operations.
(generic-api-key)
[high] 7-7: Detected a Generic API Key, potentially exposing access to various services and sensitive operations.
(generic-api-key)
[high] 8-8: Detected a Generic API Key, potentially exposing access to various services and sensitive operations.
(generic-api-key)
[high] 9-9: Detected a Generic API Key, potentially exposing access to various services and sensitive operations.
(generic-api-key)
⏰ Context from checks skipped due to timeout of 90000ms. You can increase the timeout in your CodeRabbit configuration to a maximum of 15 minutes (900000ms). (10)
- GitHub Check: build_sdk
- GitHub Check: build_e3_support_dev
- GitHub Check: integration_prebuild
- GitHub Check: build_enclave_cli
- GitHub Check: rust_unit
- GitHub Check: test_net
- GitHub Check: rust_integration
- GitHub Check: test_contracts
- GitHub Check: Build & Push Image
- GitHub Check: Build & Push Image
🔇 Additional comments (6)
examples/CRISP/packages/crisp-contracts/deployed_contracts.json (1)
98-122: Verify new contract entries are complete and match actual deployments.New contracts added (MockRISC0Verifier, MockCRISPInputValidator, CRISPInputValidatorFactory, HonkVerifier, CRISPProgram) all have appropriate address and constructor argument metadata. CRISPProgram's constructorArgs properly reference all dependent verifier/validator contracts within this file. All cross-references between contracts are consistent (e.g., MockRISC0Verifier address matches CRISPProgram.verifierAddress, etc.).
Verify that:
- The deployed contract addresses match the actual blockchain deployments on Sepolia
- The
imageIdin CRISPProgram (line 120) is the correct program hash- The block numbers reflect the actual deployment blocks
packages/enclave-contracts/deployed_contracts.json (3)
30-36: Verify NaiveRegistryFilter constructor args change aligns with contract code.The constructor arguments have been significantly restructured: 8 fields (ticketToken, licenseToken, registry, slashedFundsTreasury, ticketPrice, licenseRequiredBond, minTicketBalance, exitDelay) were removed and replaced with
ciphernodeRegistryAddress. This indicates a meaningful contract redesign. Ensure the changes to this metadata match the corresponding contract code modifications.Cross-reference with:
packages/enclave-contracts/contracts/filters/NaiveRegistryFilter.sol(contract code)- Any related upgrade or deployment transaction logs to confirm this change is intentional and correct
57-77: Verify new contract entries match actual deployments.New contracts added (MockRISC0Verifier, CRISPInputValidatorFactory, HonkVerifier, CRISPProgram) are properly structured with addresses and constructorArgs. All cross-references are internally consistent: Enclave address used correctly in CiphernodeRegistryOwnable and CRISPProgram; MockRISC0Verifier, MockInputValidator, and HonkVerifier addresses all match their usage in CRISPProgram.
Verify that:
- All deployed contract addresses exist on Sepolia testnet
- The block numbers are sequential and match actual deployment blocks
- The
imageIdin CRISPProgram matches the correct program hash for the RISC0 circuit
3-5: Confirm RiscZeroGroth16Verifier deployment details.A new entry
RiscZeroGroth16Verifierhas been added with only an address and no blockNumber or constructor args. This may be intentional if it's an external/standard contract, but verify that this represents an actual deployment on Sepolia and that omitting metadata is appropriate.examples/CRISP/.env.example (1)
4-9: Static analysis warnings are false positives and acceptable for this template file.The Gitleaks warnings flagging generic API keys and dotenv-linter warnings about quote characters are expected and benign here:
- This is a template file (
.env.example), not actual secrets (.env).- The private keys are well-known Hardhat default test accounts, not sensitive credentials.
- Quote characters are necessary for environment variables containing special characters (colons).
- Per project learnings, hardcoded Hardhat default keys are acceptable for local testing and templates.
No changes needed.
examples/CRISP/package.json (1)
19-20: Script additions look correct and well-structured.The three new npm scripts follow the existing delegation pattern:
ciphernode:mint:tokensandciphernode:add:selfproperly delegate to the crisp-contracts subpackage.setup:testnetcalls the new setup script introduced in this PR.- Trailing comma on line 29 improves consistency.
No concerns with devDependency versions; they're current and appropriately versioned.
Also applies to: 29-30
ctrlc03
force-pushed
the
chore/compatibility-fixes
branch
from
d0e8ae4 to
b31f597
Compare
ctrlc03
force-pushed
the
chore/compatibility-fixes
branch
from
b31f597 to
81fbaaf
Compare
There was a problem hiding this comment.
Actionable comments posted: 2
♻️ Duplicate comments (1)
packages/enclave-contracts/contracts/test/MockStableToken.sol (1)
25-27: Confirm unrestricted minting is intentional for testnet automation.Previous reviews raised valid concerns about removing
onlyOwnerfrom this function, particularly for Sepolia deployment. While mock contracts without access control are acceptable for local testing (based on learnings), allowing unrestricted minting on a public testnet creates risk of token inflation by any external caller.If this change is required for the testnet setup automation mentioned in the PR, consider these alternatives:
- Add a
MINTER_ROLEthat can be granted to automation scripts instead of making mint fully public- Add deployment guards to prevent
DEPLOY_MOCKS=trueon public networks- Document explicitly that this mock should only be used in controlled testnet environments
Please confirm this is intentional for your testnet setup workflow and that appropriate safeguards are in place.
🧹 Nitpick comments (2)
examples/CRISP/packages/crisp-contracts/deployed_contracts.json (1)
1-122: Cross-references are consistent; consider adding blockNumbers for completeness.All contract address cross-references are properly aligned (e.g., Enclave correctly references CiphernodeRegistryOwnable, BondingRegistry, and MockUSDC at their deployed addresses). However, several contracts lack
blockNumberentries (MockRISC0Verifier, MockCRISPInputValidator, CRISPInputValidatorFactory, HonkVerifier, and CRISPProgram at lines 98–122), creating a schema inconsistency with earlier entries. If these block numbers are available, include them for consistency; if they represent pre-existing or externally sourced contracts, consider adding a comment to clarify the distinction.examples/CRISP/server/src/server/token_holders/etherscan.rs (1)
447-447: Add defensive code or document the invariant that block_number must be > 0.The change correctly aligns with ERC20Votes semantics (querying past blocks), but lacks protection against underflow. While the risk is low in practice (governance snapshots use real block numbers, not genesis block), the code should be more defensive.
The
block_number - 1subtraction will panic in debug mode and wrap tou64::MAXin release ifblock_numberis 0. No validation exists in the call chain to prevent this.Recommendation: Use
saturating_sub(1)or add a comment documenting thatsnapshot_blockmust always be ≥ 1:let votes = token - .getPastVotes(voter_address, U256::from(block_number - 1)) + // ERC20Votes requires querying a finalized (past) block, not current. + // snapshot_block must be ≥ 1 to avoid underflow. + .getPastVotes(voter_address, U256::from(block_number.saturating_sub(1))) .call() .await
📜 Review details
Configuration used: Path: .coderabbit.yaml
Review profile: CHILL
Plan: Pro
📒 Files selected for processing (11)
examples/CRISP/.env.example(1 hunks)examples/CRISP/package.json(2 hunks)examples/CRISP/packages/crisp-contracts/deployed_contracts.json(1 hunks)examples/CRISP/packages/crisp-contracts/hardhat.config.ts(2 hunks)examples/CRISP/packages/crisp-contracts/package.json(1 hunks)examples/CRISP/scripts/setup_testnet.sh(1 hunks)examples/CRISP/server/src/cli/approve.rs(1 hunks)examples/CRISP/server/src/server/token_holders/etherscan.rs(1 hunks)packages/enclave-contracts/contracts/test/MockStableToken.sol(1 hunks)packages/enclave-contracts/deployed_contracts.json(1 hunks)packages/enclave-contracts/tasks/ciphernode.ts(2 hunks)
🚧 Files skipped from review as they are similar to previous changes (5)
- packages/enclave-contracts/deployed_contracts.json
- examples/CRISP/scripts/setup_testnet.sh
- examples/CRISP/packages/crisp-contracts/hardhat.config.ts
- examples/CRISP/packages/crisp-contracts/package.json
- examples/CRISP/server/src/cli/approve.rs
🧰 Additional context used
🧠 Learnings (8)
📓 Common learnings
Learnt from: ctrlc03
Repo: gnosisguild/enclave PR: 677
File: packages/enclave-contracts/scripts/deployAndSave/naiveRegistryFilter.ts:30-31
Timestamp: 2025-09-11T13:09:03.800Z
Learning: In Hardhat v3 deployment scripts, use `(await signer.provider?.getNetwork())?.name ?? "localhost"` instead of `hre.globalOptions.network` to reliably get the network name, as `hre.globalOptions.network` can be undefined in some contexts.
📚 Learning: 2024-10-01T02:51:17.718Z
Learnt from: ryardley
Repo: gnosisguild/enclave PR: 119
File: packages/evm/contracts/test/MockE3Program.sol:15-17
Timestamp: 2024-10-01T02:51:17.718Z
Learning: In mock contracts used for testing, it's acceptable for functions to lack access control since they do not pose security risks.
Applied to files:
packages/enclave-contracts/contracts/test/MockStableToken.sol
📚 Learning: 2025-09-19T11:16:53.825Z
Learnt from: cedoor
Repo: gnosisguild/enclave PR: 752
File: packages/enclave-contracts/contracts/Enclave.sol:15-17
Timestamp: 2025-09-19T11:16:53.825Z
Learning: The Enclave contract in the gnosisguild/enclave repository has not been deployed yet as of September 2025, so storage layout considerations for upgradeable contracts don't apply to current changes.
Applied to files:
examples/CRISP/packages/crisp-contracts/deployed_contracts.json
📚 Learning: 2025-10-10T12:56:40.538Z
Learnt from: 0xjei
Repo: gnosisguild/enclave PR: 830
File: templates/default/README.md:123-128
Timestamp: 2025-10-10T12:56:40.538Z
Learning: In the Enclave repository, the hard-coded Hardhat development private key `0xac0974bec39a17e36ba4a6b4d238ff944bacb478cbed5efcae784d7bf4f2ff80` is acceptable in template README files and documentation for local testing/interaction purposes.
Applied to files:
examples/CRISP/.env.example
📚 Learning: 2024-10-23T01:59:27.215Z
Learnt from: ryardley
Repo: gnosisguild/enclave PR: 156
File: tests/basic_integration/test.sh:21-21
Timestamp: 2024-10-23T01:59:27.215Z
Learning: In `tests/basic_integration/test.sh`, the hardcoded `CIPHERNODE_SECRET` is acceptable for testing purposes and does not need to be changed.
Applied to files:
examples/CRISP/.env.example
📚 Learning: 2024-10-23T01:59:42.967Z
Learnt from: ryardley
Repo: gnosisguild/enclave PR: 156
File: packages/ciphernode/tests/tests/test_aggregation_and_decryption.rs:274-274
Timestamp: 2024-10-23T01:59:42.967Z
Learning: In the `packages/ciphernode/tests/tests/test_aggregation_and_decryption.rs` file and other test files within this project, hardcoding `CIPHERNODE_SECRET` is acceptable for testing purposes.
Applied to files:
examples/CRISP/.env.example
📚 Learning: 2024-10-23T02:03:02.008Z
Learnt from: ryardley
Repo: gnosisguild/enclave PR: 156
File: packages/ciphernode/keyshare/src/encryption.rs:45-45
Timestamp: 2024-10-23T02:03:02.008Z
Learning: In the `packages/ciphernode/keyshare/src/encryption.rs` file, the environment variable `CIPHERNODE_SECRET` is used for the encryption password. A secure secret management solution is not currently available, but may be considered in future iterations.
Applied to files:
examples/CRISP/.env.example
📚 Learning: 2024-09-26T04:12:09.345Z
Learnt from: ryardley
Repo: gnosisguild/enclave PR: 107
File: tests/basic_integration/test.sh:103-114
Timestamp: 2024-09-26T04:12:09.345Z
Learning: In `tests/basic_integration/test.sh`, the user prefers not to refactor the ciphernode addition section to reduce duplication.
Applied to files:
examples/CRISP/.env.example
🪛 dotenv-linter (4.0.0)
examples/CRISP/.env.example
[warning] 4-4: [QuoteCharacter] The value has quote characters (', ")
(QuoteCharacter)
[warning] 5-5: [QuoteCharacter] The value has quote characters (', ")
(QuoteCharacter)
[warning] 6-6: [QuoteCharacter] The value has quote characters (', ")
(QuoteCharacter)
[warning] 7-7: [QuoteCharacter] The value has quote characters (', ")
(QuoteCharacter)
[warning] 8-8: [QuoteCharacter] The value has quote characters (', ")
(QuoteCharacter)
[warning] 9-9: [QuoteCharacter] The value has quote characters (', ")
(QuoteCharacter)
🪛 Gitleaks (8.29.0)
examples/CRISP/.env.example
[high] 4-4: Detected a Generic API Key, potentially exposing access to various services and sensitive operations.
(generic-api-key)
[high] 5-5: Detected a Generic API Key, potentially exposing access to various services and sensitive operations.
(generic-api-key)
[high] 6-6: Detected a Generic API Key, potentially exposing access to various services and sensitive operations.
(generic-api-key)
[high] 7-7: Detected a Generic API Key, potentially exposing access to various services and sensitive operations.
(generic-api-key)
[high] 8-8: Detected a Generic API Key, potentially exposing access to various services and sensitive operations.
(generic-api-key)
[high] 9-9: Detected a Generic API Key, potentially exposing access to various services and sensitive operations.
(generic-api-key)
⏰ Context from checks skipped due to timeout of 90000ms. You can increase the timeout in your CodeRabbit configuration to a maximum of 15 minutes (900000ms). (10)
- GitHub Check: rust_unit
- GitHub Check: build_sdk
- GitHub Check: build_enclave_cli
- GitHub Check: integration_prebuild
- GitHub Check: rust_integration
- GitHub Check: test_contracts
- GitHub Check: build_e3_support_dev
- GitHub Check: test_net
- GitHub Check: Build & Push Image
- GitHub Check: Build & Push Image
🔇 Additional comments (3)
examples/CRISP/.env.example (1)
1-9: Static analysis alerts are false positives for test keys in.env.example.Gitleaks flagged the private keys as generic API keys, and dotenv-linter flagged quote characters. Both are false positives here:
- These are Hardhat's well-known default test account keys (not secrets requiring protection)
- The file is a
.env.exampletemplate intended for local testnet setup with reproducible test accounts- Quote characters in
.envfiles are standard practice for proper value parsing- As per project learnings, hardcoded Hardhat test keys in template/example files are acceptable for local testing and testnet interaction
The file is properly scoped for its intended use case.
examples/CRISP/package.json (2)
30-30: All testnet setup script requirements verified and functional.The script exists at
examples/CRISP/scripts/setup_testnet.shand is correctly referenced. The initialization sequence properly handles:
- Environment setup (CARGO_INCREMENTAL, .env sourcing)
- Wallet configuration for aggregator and ciphernodes
- Ciphernode startup via
enclave nodes up- Contract deployment prerequisites through minting tokens to each ciphernode
- Ciphernode registration via
pnpm ciphernode:add:selffor each node- Error handling with
set -euo pipefailand .env validation- Signal cleanup via trap for INT/TERM
No issues found.
19-20: All referenced Hardhat tasks are properly defined and registered.Verification confirms:
ciphernodeMintTokenstask is defined and imported from@enclave-e3/contracts/tasks/ciphernodeciphernodeAddtask is defined and imported from the same package (invoked asciphernode:addper Hardhat's camelCase-to-kebab-case convention)@enclave-e3/contractsdependency is declared with"workspace:*"inpackages/crisp-contracts/package.json- npm scripts in
packages/crisp-contracts/package.jsoncorrectly delegate to these hardhat tasks- Tasks are registered in
hardhat.config.tsline 78
ctrlc03
force-pushed
the
chore/compatibility-fixes
branch
from
89c8b04 to
ec09fd1
Compare
There was a problem hiding this comment.
Actionable comments posted: 1
♻️ Duplicate comments (1)
examples/CRISP/scripts/setup_testnet.sh (1)
38-55: LGTM!The wallet configuration and address extraction logic is clean. The previous "useless use of cat" concern has been addressed—the current code correctly uses
yqdirectly.However, the missing dependency checks for
yq,pnpm,enclave, andconcurrentlyremain unaddressed from previous reviews.
📜 Review details
Configuration used: Path: .coderabbit.yaml
Review profile: CHILL
Plan: Pro
📒 Files selected for processing (12)
examples/CRISP/.env.example(1 hunks)examples/CRISP/package.json(1 hunks)examples/CRISP/packages/crisp-contracts/deployed_contracts.json(1 hunks)examples/CRISP/packages/crisp-contracts/hardhat.config.ts(2 hunks)examples/CRISP/packages/crisp-contracts/package.json(1 hunks)examples/CRISP/scripts/setup_testnet.sh(1 hunks)examples/CRISP/server/src/cli/approve.rs(1 hunks)examples/CRISP/server/src/server/token_holders/etherscan.rs(1 hunks)packages/enclave-contracts/contracts/registry/CiphernodeRegistryOwnable.sol(1 hunks)packages/enclave-contracts/contracts/test/MockStableToken.sol(1 hunks)packages/enclave-contracts/deployed_contracts.json(1 hunks)packages/enclave-contracts/tasks/ciphernode.ts(2 hunks)
🚧 Files skipped from review as they are similar to previous changes (7)
- examples/CRISP/server/src/cli/approve.rs
- packages/enclave-contracts/deployed_contracts.json
- packages/enclave-contracts/contracts/test/MockStableToken.sol
- packages/enclave-contracts/tasks/ciphernode.ts
- examples/CRISP/packages/crisp-contracts/package.json
- examples/CRISP/package.json
- packages/enclave-contracts/contracts/registry/CiphernodeRegistryOwnable.sol
🧰 Additional context used
🧠 Learnings (12)
📓 Common learnings
Learnt from: 0xjei
Repo: gnosisguild/enclave PR: 830
File: templates/default/README.md:123-128
Timestamp: 2025-10-10T12:56:40.538Z
Learning: In the Enclave repository, the hard-coded Hardhat development private key `0xac0974bec39a17e36ba4a6b4d238ff944bacb478cbed5efcae784d7bf4f2ff80` is acceptable in template README files and documentation for local testing/interaction purposes.
📚 Learning: 2025-09-19T11:16:53.825Z
Learnt from: cedoor
Repo: gnosisguild/enclave PR: 752
File: packages/enclave-contracts/contracts/Enclave.sol:15-17
Timestamp: 2025-09-19T11:16:53.825Z
Learning: The Enclave contract in the gnosisguild/enclave repository has not been deployed yet as of September 2025, so storage layout considerations for upgradeable contracts don't apply to current changes.
Applied to files:
examples/CRISP/packages/crisp-contracts/deployed_contracts.json
📚 Learning: 2024-09-26T04:12:09.345Z
Learnt from: ryardley
Repo: gnosisguild/enclave PR: 107
File: tests/basic_integration/test.sh:103-114
Timestamp: 2024-09-26T04:12:09.345Z
Learning: In `tests/basic_integration/test.sh`, the user prefers not to refactor the ciphernode addition section to reduce duplication.
Applied to files:
examples/CRISP/scripts/setup_testnet.shexamples/CRISP/.env.example
📚 Learning: 2024-11-25T09:47:48.863Z
Learnt from: ryardley
Repo: gnosisguild/enclave PR: 184
File: packages/ciphernode/net/tests/entrypoint.sh:4-8
Timestamp: 2024-11-25T09:47:48.863Z
Learning: When reviewing test scripts like `packages/ciphernode/net/tests/entrypoint.sh`, avoid suggesting additional error handling and cleanup for `iptables` commands, as it may not be necessary.
Applied to files:
examples/CRISP/scripts/setup_testnet.sh
📚 Learning: 2024-11-25T09:48:29.068Z
Learnt from: ryardley
Repo: gnosisguild/enclave PR: 184
File: packages/ciphernode/net/tests/run.sh:5-8
Timestamp: 2024-11-25T09:48:29.068Z
Learning: In the `run.sh` script in `packages/ciphernode/net/tests`, adding programmatic validation of test results is not appropriate.
Applied to files:
examples/CRISP/scripts/setup_testnet.sh
📚 Learning: 2024-10-23T01:59:27.215Z
Learnt from: ryardley
Repo: gnosisguild/enclave PR: 156
File: tests/basic_integration/test.sh:21-21
Timestamp: 2024-10-23T01:59:27.215Z
Learning: In `tests/basic_integration/test.sh`, the hardcoded `CIPHERNODE_SECRET` is acceptable for testing purposes and does not need to be changed.
Applied to files:
examples/CRISP/scripts/setup_testnet.shexamples/CRISP/.env.example
📚 Learning: 2024-09-26T05:01:46.024Z
Learnt from: ryardley
Repo: gnosisguild/enclave PR: 107
File: tests/basic_integration/test.sh:27-31
Timestamp: 2024-09-26T05:01:46.024Z
Learning: In the scripts, quoting the command substitution in the `kill` command within the `cleanup` function can cause the script to fail, so it's acceptable to leave it unquoted.
Applied to files:
examples/CRISP/scripts/setup_testnet.sh
📚 Learning: 2024-10-23T01:59:42.967Z
Learnt from: ryardley
Repo: gnosisguild/enclave PR: 156
File: packages/ciphernode/tests/tests/test_aggregation_and_decryption.rs:274-274
Timestamp: 2024-10-23T01:59:42.967Z
Learning: In the `packages/ciphernode/tests/tests/test_aggregation_and_decryption.rs` file and other test files within this project, hardcoding `CIPHERNODE_SECRET` is acceptable for testing purposes.
Applied to files:
examples/CRISP/scripts/setup_testnet.shexamples/CRISP/.env.example
📚 Learning: 2025-09-11T13:21:31.031Z
Learnt from: ctrlc03
Repo: gnosisguild/enclave PR: 677
File: packages/enclave-contracts/tasks/utils.ts:7-8
Timestamp: 2025-09-11T13:21:31.031Z
Learning: In Hardhat v3, the task API syntax has changed significantly from v2. The new syntax uses:
- `.addOption({ name, description, defaultValue, type })` instead of `.addOptionalParam()`
- `.setAction(async () => ({ default: (args, hre) => { ... } }))` instead of direct `.setAction((args, hre) => { ... })`
- `.build()` is required to finalize task definitions
- `ArgumentType.STRING` is used for option types instead of `types.string`
Applied to files:
examples/CRISP/packages/crisp-contracts/hardhat.config.ts
📚 Learning: 2025-09-11T13:09:03.800Z
Learnt from: ctrlc03
Repo: gnosisguild/enclave PR: 677
File: packages/enclave-contracts/scripts/deployAndSave/naiveRegistryFilter.ts:30-31
Timestamp: 2025-09-11T13:09:03.800Z
Learning: In Hardhat v3 deployment scripts, use `(await signer.provider?.getNetwork())?.name ?? "localhost"` instead of `hre.globalOptions.network` to reliably get the network name, as `hre.globalOptions.network` can be undefined in some contexts.
Applied to files:
examples/CRISP/packages/crisp-contracts/hardhat.config.ts
📚 Learning: 2025-10-10T12:56:40.538Z
Learnt from: 0xjei
Repo: gnosisguild/enclave PR: 830
File: templates/default/README.md:123-128
Timestamp: 2025-10-10T12:56:40.538Z
Learning: In the Enclave repository, the hard-coded Hardhat development private key `0xac0974bec39a17e36ba4a6b4d238ff944bacb478cbed5efcae784d7bf4f2ff80` is acceptable in template README files and documentation for local testing/interaction purposes.
Applied to files:
examples/CRISP/.env.example
📚 Learning: 2024-10-23T02:03:02.008Z
Learnt from: ryardley
Repo: gnosisguild/enclave PR: 156
File: packages/ciphernode/keyshare/src/encryption.rs:45-45
Timestamp: 2024-10-23T02:03:02.008Z
Learning: In the `packages/ciphernode/keyshare/src/encryption.rs` file, the environment variable `CIPHERNODE_SECRET` is used for the encryption password. A secure secret management solution is not currently available, but may be considered in future iterations.
Applied to files:
examples/CRISP/.env.example
🧬 Code graph analysis (1)
examples/CRISP/packages/crisp-contracts/hardhat.config.ts (2)
packages/enclave-contracts/tasks/utils.ts (1)
cleanDeploymentsTask(11-26)packages/enclave-contracts/tasks/ciphernode.ts (3)
ciphernodeAdd(11-149)ciphernodeAdminAdd(290-500)ciphernodeMintTokens(197-288)
🪛 dotenv-linter (4.0.0)
examples/CRISP/.env.example
[warning] 4-4: [QuoteCharacter] The value has quote characters (', ")
(QuoteCharacter)
[warning] 5-5: [QuoteCharacter] The value has quote characters (', ")
(QuoteCharacter)
[warning] 6-6: [QuoteCharacter] The value has quote characters (', ")
(QuoteCharacter)
[warning] 7-7: [QuoteCharacter] The value has quote characters (', ")
(QuoteCharacter)
[warning] 8-8: [QuoteCharacter] The value has quote characters (', ")
(QuoteCharacter)
[warning] 9-9: [QuoteCharacter] The value has quote characters (', ")
(QuoteCharacter)
⏰ Context from checks skipped due to timeout of 90000ms. You can increase the timeout in your CodeRabbit configuration to a maximum of 15 minutes (900000ms). (10)
- GitHub Check: build_sdk
- GitHub Check: build_enclave_cli
- GitHub Check: test_contracts
- GitHub Check: integration_prebuild
- GitHub Check: rust_unit
- GitHub Check: build_e3_support_risc0
- GitHub Check: rust_integration
- GitHub Check: build_e3_support_dev
- GitHub Check: test_net
- GitHub Check: Build & Push Image
🔇 Additional comments (9)
examples/CRISP/packages/crisp-contracts/hardhat.config.ts (2)
12-12: LGTM!The import of
ciphernodeMintTokensis consistent with the existing task imports and aligns with the new mint-tokens task implementation.
78-78: LGTM!The addition of
ciphernodeMintTokensto the tasks array properly registers the new minting task with Hardhat, enabling the workflow used in the testnet setup script.examples/CRISP/packages/crisp-contracts/deployed_contracts.json (1)
1-124: LGTM!The deployment manifest has been updated with new testnet addresses and block numbers. All address cross-references in constructor arguments are consistent with the deployed contracts defined in the same file.
examples/CRISP/.env.example (1)
1-9: LGTM!The hardcoded Hardhat development private keys are appropriate for testnet testing and documentation purposes. The static analysis warnings about quote characters are false positives—quotes in .env files are standard practice and necessary for proper parsing.
Based on learnings
examples/CRISP/scripts/setup_testnet.sh (5)
1-10: LGTM!Strict error handling with
set -euo pipefailand the cleanup of previous enclave data directories are appropriate for a fresh testnet setup.
11-25: LGTM!The cleanup function properly terminates enclave processes and background jobs. The
|| truepattern ensures the script doesn't fail if no jobs exist.
27-36: LGTM!The
.envfile existence check with a clear error message addresses the concern from previous reviews. The trap setup ensures cleanup runs on script interruption.
57-79: LGTM!The token minting and ciphernode registration workflow is clear and correctly switches private keys for each operation. The repetition across the five ciphernodes is intentional for testnet setup.
81-89: LGTM!The final concurrent execution of development scripts with labeled output provides good visibility during testnet operation.
Summary by CodeRabbit
New Features
Bug Fixes
Chores