Skip to content

Comments

Rewards Eligibility Oracle testing#1289

Draft
RembrandtK wants to merge 4 commits intomainfrom
reo-testing
Draft

Rewards Eligibility Oracle testing#1289
RembrandtK wants to merge 4 commits intomainfrom
reo-testing

Conversation

@RembrandtK
Copy link
Contributor

@RembrandtK RembrandtK commented Feb 23, 2026

Working branch for Rewards Eligibility Oracle testing and associated deployment changes.

@RembrandtK
feat(deployment): add REO tasks and improve deployment tooling
69ec503 
- Add reo:enable, reo:disable, reo:status Hardhat tasks
- Improve bytecode change detection and proxy hash verification
- Allow deploy:status to run without deployer key
- Fix etherscan API key resolution from keystore and environment
- Add diagnostic scripts for bytecode and rocketh state inspection
- Update IRewardsManager interface ID
@RembrandtK
docs: add REO testing plans, guides, and tracking
d9cb3a0 
- Add baseline and REO-specific test plans
- Add self-service indexer test guide for eligibility verification
- Add Notion test tracker with CSV export for coordination
- Document local-network integration test coverage (32 tests)
- Organize support files into support/ subdirectory
- Remove obsolete planning docs and Notion raw exports
@RembrandtK
docs: rewards behaviour changes summary
5a71fcd 
Functional summary of before/after reward behaviour changes between
the Horizon mainnet baseline and the issuance upgrade: activation
overview, reclaim system, view function semantics, and provenance.
@socket-security
Copy link

socket-security bot commented Feb 23, 2026
edited
Loading

Review the following changes in direct dependencies. Learn more about Socket for GitHub.

Diff Package Supply Chain
Security		 Vulnerability Quality Maintenance License
Added@​types/​json5@​2.2.01001003950100
Addedarbos-precompiles@​1.0.2821007650100
Added@​nomiclabs/​hardhat-etherscan@​3.1.89810010050100
Added@​openzeppelin/​foundry-upgrades@​0.4.0581009291100
Added@​rocketh/​export@​0.17.16711006596100
Added@​graphql-yoga/​plugin-persisted-operations@​3.15.21001006698100
Added@​rocketh/​read-execute@​0.17.8731006696100
Added@​rocketh/​deploy@​0.17.8741006796100
Added@​tenderly/​hardhat-tenderly@​1.11.0821006986100
Added@​rocketh/​verifier@​0.17.16751006996100
Added@​types/​glob@​8.1.01001007081100
Added@​rocketh/​core@​0.17.8761007093100
Added@​rocketh/​proxy@​0.17.12701007796100
Added@​types/​sinon-chai@​3.2.121001007080100
Added@​openzeppelin/​contracts@​3.4.2100819591100
Added@​typescript-eslint/​parser@​8.53.11001007198100
Added@​rocketh/​node@​0.17.16761007295100
Added@​rocketh/​doc@​0.17.16741007296100
Added@​tenderly/​api-client@​1.1.0781007286100
Added@​rocketh/​diamond@​0.17.11731007896100
Added@​nomicfoundation/​hardhat-foundry@​1.2.0871007582100
Added@​wagmi/​cli@​2.5.1971007697100
Added@​nomicfoundation/​hardhat-toolbox@​4.0.0981007685100
Added@​types/​chai@​4.3.201001007783100
Added@​types/​mocha@​9.1.11001007780100
Addedaxios@​1.12.2998510098100
Added@​nomicfoundation/​ignition-core@​0.15.13981007993100
Added@​nomiclabs/​hardhat-waffle@​2.0.6971009280100
Added@​nomiclabs/​hardhat-ethers@​2.2.310010010080100
Added@​typescript-eslint/​eslint-plugin@​8.53.1991008098100
Added@​types/​node@​20.19.141001008196100
Added@​nomicfoundation/​hardhat-keystore@​3.0.3871008191100
See 20 more rows in the dashboard

View full report

@socket-security
Copy link

socket-security bot commented Feb 23, 2026
edited
Loading

Warning

Review the following alerts detected in dependencies.

According to your organization's Security Policy, it is recommended to resolve "Warn" alerts. Learn more about Socket for GitHub.

Action Severity Alert  (click "▶" to expand/collapse)
Warn High
Obfuscated code: npm @react-native/debugger-frontend is 96.0% likely obfuscated

Confidence: 0.96

Location: Package overview

From: pnpm-lock.yamlnpm/@react-native/debugger-frontend@0.81.4

ℹ Read more on: This package | This alert | What is obfuscated code?

Next steps: Take a moment to review the security alert above. Review the linked package source code to understand the potential risk. Ensure the package is not malicious before proceeding. If you're unsure how to proceed, reach out to your security team or ask the Socket team for help at support@socket.dev.

Suggestion: Packages should not obfuscate their code. Consider not using packages with obfuscated code.

Mark the package as acceptable risk. To ignore this alert only in this pull request, reply with the comment @SocketSecurity ignore npm/@react-native/debugger-frontend@0.81.4. You can also ignore all packages with @SocketSecurity ignore-all. To ignore an alert for all future pull requests, use Socket's Dashboard to change the triage state of this alert.

Warn High
Obfuscated code: npm buffer is 96.0% likely obfuscated

Confidence: 0.96

Location: Package overview

From: pnpm-lock.yamlnpm/@openzeppelin/hardhat-upgrades@1.28.0npm/@openzeppelin/foundry-upgrades@0.4.0npm/buffer@4.9.2

ℹ Read more on: This package | This alert | What is obfuscated code?

Next steps: Take a moment to review the security alert above. Review the linked package source code to understand the potential risk. Ensure the package is not malicious before proceeding. If you're unsure how to proceed, reach out to your security team or ask the Socket team for help at support@socket.dev.

Suggestion: Packages should not obfuscate their code. Consider not using packages with obfuscated code.

Mark the package as acceptable risk. To ignore this alert only in this pull request, reply with the comment @SocketSecurity ignore npm/buffer@4.9.2. You can also ignore all packages with @SocketSecurity ignore-all. To ignore an alert for all future pull requests, use Socket's Dashboard to change the triage state of this alert.

View full report

@RembrandtK
docs: add test plans for subgraph denial and reward conditions
2ba0551 
Draft test plans covering issuance upgrade behavior changes beyond REO:
- SubgraphDenialTestPlan: 6 cycles, 18 tests for deny/undeny lifecycle,
  accumulator freeze, allocation-level deferral, reward recovery
- RewardsConditionsTestPlan: 7 cycles, 26 tests for reclaim system,
  below-minimum signal, zero allocated tokens, POI presentation paths,
  allocation resize/close, observability

Updated README with dependency tree and coverage summaries.
Added 44 new tests to NotionTracker.csv.
@codecov
Copy link

codecov bot commented Feb 23, 2026

Codecov Report

✅ All modified and coverable lines are covered by tests.
✅ Project coverage is 86.95%. Comparing base (ada3155) to head (2ba0551).
⚠️ Report is 1 commits behind head on main.

Additional details and impacted files 
@@           Coverage Diff           @@
##             main    #1289   +/-   ##
=======================================
  Coverage   86.95%   86.95%           
=======================================
  Files          46       46           
  Lines        2492     2492           
  Branches      746      746           
=======================================
  Hits         2167     2167           
  Misses        325      325
Flag Coverage Δ
unittests 86.95% <ø> (ø)

Flags with carried forward coverage won't be shown. Click here to find out more.

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:
  • ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.
  • 📦 JS Bundle Analysis: Save yourself from yourself by tracking and limiting bundle sizes in JS merges.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@RembrandtK