Files

defiQUG 1fb7266469 Add Oracle Aggregator and CCIP Integration

- Introduced Aggregator.sol for Chainlink-compatible oracle functionality, including round-based updates and access control.
- Added OracleWithCCIP.sol to extend Aggregator with CCIP cross-chain messaging capabilities.
- Created .gitmodules to include OpenZeppelin contracts as a submodule.
- Developed a comprehensive deployment guide in NEXT_STEPS_COMPLETE_GUIDE.md for Phase 2 and smart contract deployment.
- Implemented Vite configuration for the orchestration portal, supporting both Vue and React frameworks.
- Added server-side logic for the Multi-Cloud Orchestration Portal, including API endpoints for environment management and monitoring.
- Created scripts for resource import and usage validation across non-US regions.
- Added tests for CCIP error handling and integration to ensure robust functionality.
- Included various new files and directories for the orchestration portal and deployment scripts.

2025-12-12 14:57:48 -08:00

6.2 KiB

Raw Permalink Blame History

Project Dependencies Guide

Overview

This document provides a comprehensive guide for managing project dependencies, particularly OpenZeppelin contracts.

Current Dependency Status

✅ Independent Contracts (No External Dependencies)

WETH.sol
WETH10.sol
CCIPWETH9Bridge.sol
CCIPWETH10Bridge.sol
Multicall.sol
CREATE2Factory.sol
Aggregator.sol
Proxy.sol
IRouterClient.sol
CCIPMessageValidator.sol
CCIPReceiver.sol

⚠️ Contracts Requiring OpenZeppelin

CCIPSender.sol
CCIPRouter.sol
CCIPRouterOptimized.sol
MultiSig.sol
Voting.sol

OpenZeppelin Installation

Prerequisites

Git repository initialized
Foundry installed
foundry.toml configured with libs = ["lib"]

Installation Steps

Option 1: Install via Foundry (Recommended)

# Initialize git repository (if not already)
git init

# Install OpenZeppelin
forge install OpenZeppelin/openzeppelin-contracts

# Verify installation
ls -la lib/openzeppelin-contracts

# Test compilation
forge build

Option 2: Install via Git Submodule

# Initialize git repository
git init

# Add OpenZeppelin as submodule
git submodule add https://github.com/OpenZeppelin/openzeppelin-contracts lib/openzeppelin-contracts

# Initialize submodules
git submodule update --init --recursive

# Test compilation
forge build

Verification

# Check if OpenZeppelin is installed
ls lib/openzeppelin-contracts

# Verify compilation
forge build

# Run tests
forge test

Dependency Management

Adding New Dependencies

Foundry Dependencies

# Install dependency
forge install <username>/<repository>

# Update foundry.toml if needed
# libs = ["lib"]

Git Submodules

# Add submodule
git submodule add <repository-url> lib/<dependency-name>

# Initialize submodules
git submodule update --init --recursive

Updating Dependencies

Foundry Dependencies

# Update all dependencies
forge update

# Update specific dependency
forge update lib/<dependency-name>

Git Submodules

# Update submodule
cd lib/<dependency-name>
git pull origin main
cd ../..
git add lib/<dependency-name>
git commit -m "Update dependency"

Removing Dependencies

Foundry Dependencies

# Remove dependency
rm -rf lib/<dependency-name>

# Update .gitmodules if needed
git rm lib/<dependency-name>

Git Submodules

# Remove submodule
git submodule deinit lib/<dependency-name>
git rm lib/<dependency-name>
rm -rf .git/modules/lib/<dependency-name>

Dependency Guidelines

When to Use OpenZeppelin

Use OpenZeppelin When:

✅ Battle-tested functionality is needed
✅ Complex security features are required
✅ Standard patterns are needed
✅ Time is limited and security is critical

Don't Use OpenZeppelin When:

❌ Simple functionality can be implemented easily
❌ External dependencies should be minimized
❌ Gas optimization is critical
❌ Code size reduction is important

When to Use Custom Implementation

Use Custom Implementation When:

✅ Simple functionality (like admin pattern)
✅ Gas optimization is critical
✅ Code size reduction is important
✅ No external dependencies desired

Don't Use Custom Implementation When:

❌ Complex security features are needed
❌ Battle-tested implementation is required
❌ Time is limited

Migration Strategy

Phase 1: Install OpenZeppelin (Quick Fix)

Initialize git repository
Install OpenZeppelin
Verify compilation
Run tests
Deploy contracts

Phase 2: Refactor Contracts (Long-term)

Refactor CCIP contracts (Low effort)
Refactor governance contracts (Medium effort)
Update tests
Verify security
Update documentation

Phase 3: Remove OpenZeppelin (Final)

Remove OpenZeppelin dependency
Update documentation
Update CI/CD pipelines
Verify all tests pass

CI/CD Integration

GitHub Actions

Install Dependencies in CI

- name: Install dependencies
  run: |
    forge install --no-commit

Update Dependencies in CI

- name: Update dependencies
  run: |
    forge update

Git Submodules in CI

- name: Checkout with submodules
  uses: actions/checkout@v4
  with:
    submodules: recursive

Best Practices

Dependency Management

Minimize Dependencies: Only use when necessary
Version Pinning: Pin dependency versions
Regular Updates: Update dependencies regularly
Security Audits: Audit dependencies for security issues
Documentation: Document all dependencies

Code Organization

Independent Contracts: Keep contracts independent when possible
Minimal Interfaces: Use minimal interfaces instead of full libraries
Custom Patterns: Use custom patterns for simple functionality
Gas Optimization: Consider gas costs when choosing dependencies

Testing

Test Dependencies: Test all dependencies
Mock Dependencies: Mock dependencies in tests
Integration Tests: Test integration with dependencies
Security Tests: Test security of dependencies

Troubleshooting

Common Issues

Issue: OpenZeppelin Not Found

# Solution: Install OpenZeppelin
forge install OpenZeppelin/openzeppelin-contracts

Issue: Compilation Errors

# Solution: Check foundry.toml
# Ensure libs = ["lib"] is set

Issue: Git Submodule Issues

# Solution: Initialize submodules
git submodule update --init --recursive

Issue: Dependency Version Conflicts

# Solution: Update dependencies
forge update

References

Summary

Independent Contracts: 14 (74%)
Contracts Requiring OpenZeppelin: 5 (26%)
Installation: Simple (forge install)
Refactoring: Possible (11-22 hours)
Recommendation: Install OpenZeppelin short-term, refactor long-term

6.2 KiB Raw Permalink Blame History

Project Dependencies Guide

Overview

Current Dependency Status

✅ Independent Contracts (No External Dependencies)

⚠️ Contracts Requiring OpenZeppelin

OpenZeppelin Installation

Prerequisites

Installation Steps

Option 1: Install via Foundry (Recommended)

Option 2: Install via Git Submodule

Verification

Dependency Management

Adding New Dependencies

Foundry Dependencies

Git Submodules

Updating Dependencies

Foundry Dependencies

Git Submodules

Removing Dependencies

Foundry Dependencies

Git Submodules

Dependency Guidelines

When to Use OpenZeppelin

Use OpenZeppelin When:

Don't Use OpenZeppelin When:

When to Use Custom Implementation

Use Custom Implementation When:

Don't Use Custom Implementation When:

Migration Strategy

Phase 1: Install OpenZeppelin (Quick Fix)

Phase 2: Refactor Contracts (Long-term)

Phase 3: Remove OpenZeppelin (Final)

CI/CD Integration

GitHub Actions

Install Dependencies in CI

Update Dependencies in CI

Git Submodules in CI

Best Practices

Dependency Management

Code Organization

Testing

Troubleshooting

Common Issues

Issue: OpenZeppelin Not Found

Issue: Compilation Errors

Issue: Git Submodule Issues

Issue: Dependency Version Conflicts

References

Summary

6.2 KiB

Raw Permalink Blame History