diff --git a/.env.example b/.env.example index 77ee002da..4e5b486bb 100644 --- a/.env.example +++ b/.env.example @@ -1,4 +1,5 @@ # RPC Endpoints +GROK_API_KEY=your_grok_key_here SOLANA_RPC=https://api.mainnet-beta.solana.com HELIUS_API_KEY=your_helius_key_here QUICKNODE_ENDPOINT=your_quicknode_endpoint_here diff --git a/.github/workflows/.github/workflows/dependency-audit.yml b/.github/workflows/.github/workflows/dependency-audit.yml new file mode 100644 index 000000000..2b76ea1f2 --- /dev/null +++ b/.github/workflows/.github/workflows/dependency-audit.yml @@ -0,0 +1,132 @@ +name: "Dependency Audit & Vulnerability Scan" + +# Run on push to main (or any branch), and on a daily schedule +on: + push: + branches: + - '**' + schedule: + - cron: '0 2 * * *' # daily at 02:00 UTC + workflow_dispatch: + +concurrency: + group: dependency-audit + cancel-in-progress: true + +jobs: + audit-node: + name: "Node.js / npm audit" + runs-on: ubuntu-latest + if: ${{ always() }} + steps: + - name: Checkout + uses: actions/checkout@v4 + + - name: Setup Node.js + uses: actions/setup-node@v4 + with: + node-version: '18' + cache: 'npm' + + - name: Install dependencies (npm) + if: ${{ hashFiles('**/package-lock.json') != '' }} + run: | + npm ci + + - name: Run npm audit (JSON) + if: ${{ hashFiles('**/package-lock.json') != '' }} + run: | + set -o pipefail + npm audit --json > npm-audit.json || true + cat npm-audit.json + + - name: Upload npm audit artifact + if: ${{ hashFiles('**/package-lock.json') != '' }} + uses: actions/upload-artifact@v4 + with: + name: npm-audit-json + path: npm-audit.json + + - name: Fail on high/critical npm findings + if: ${{ hashFiles('**/package-lock.json') != '' }} + run: | + jq -e '.advisories as $a | ($a | to_entries | map(.value) | map(select(.severity == "high" or .severity == "critical")) | length) > 0' npm-audit.json \ + && (echo "High/Critical vulnerabilities found in npm dependencies" && exit 1) || echo "No high/critical npm vulnerabilities" + + audit-go: + name: "Go / govulncheck" + runs-on: ubuntu-latest + if: ${{ always() }} + needs: audit-node + steps: + - name: Checkout + uses: actions/checkout@v4 + + - name: Setup Go + uses: actions/setup-go@v4 + with: + go-version: '1.24' + + - name: Install govulncheck + run: | + set -eux + GO111MODULE=on go install golang.org/x/vuln/cmd/govulncheck@latest + export PATH=$PATH:$(go env GOPATH)/bin + + - name: Run govulncheck (JSON) + run: | + set -eux + # run in module root; govulncheck returns 0 with no vulns, >0 otherwise + $(go env GOPATH)/bin/govulncheck -json ./... > govulncheck.json || true + cat govulncheck.json + + - name: Upload govulncheck artifact + uses: actions/upload-artifact@v4 + with: + name: govulncheck-json + path: govulncheck.json + + - name: Fail on found Go vulnerabilities (HIGH/CRITICAL) + run: | + # govulncheck JSON has "vulns" entries; search for severity levels if available + if jq -e '.vulns | length > 0' govulncheck.json >/dev/null 2>&1; then + # Try to detect severity mentions; if none, fail so maintainers can review + if jq -e '.vulns | map(.fixed|length > 0 or true) | length > 0' govulncheck.json >/dev/null 2>&1; then + echo "Go vulnerabilities detected β€” please review govulncheck.json artifact." + exit 1 + fi + fi + echo "No Go vulnerabilities detected (or none reported by govulncheck)." + + results-notify: + name: "Publish summary" + runs-on: ubuntu-latest + needs: [audit-node, audit-go] + steps: + - name: Checkout + uses: actions/checkout@v4 + + - name: Download artifacts + uses: actions/download-artifact@v4 + with: + path: artifacts + + - name: Create short summary comment (if run from PR) + if: github.event_name == 'pull_request' + uses: actions/github-script@v7 + with: + script: | + const fs = require('fs'); + const path = 'artifacts'; + let summary = `πŸ”Ž Dependency audit artifacts available:\\n\\n`; + const files = fs.readdirSync(path); + files.forEach(f => summary += `- ${f}\\n`); + github.rest.issues.createComment({ + owner: context.repo.owner, + repo: context.repo.repo, + issue_number: context.issue.number || github.context.payload.pull_request.number, + body: summary + }); + + - name: Finish + run: echo "Artifacts uploaded: $(ls -la artifacts || true)" diff --git a/.github/workflows/auto-update.yml b/.github/workflows/auto-update.yml index 7afc42fea..cde741120 100644 --- a/.github/workflows/auto-update.yml +++ b/.github/workflows/auto-update.yml @@ -37,7 +37,7 @@ jobs: curl -s "https://api.github.com/search/repositories?q=solana+security+best+practices&sort=stars" | jq -r '.items[0:3] | .[] | .html_url' - name: Create PR with Updates - uses: peter-evans/create-pull-request@v6 + uses: peter-evans/create-pull-request@v7 with: commit-message: "⬆️ Update dependencies and apply best practices" title: "Automated Dependency Updates" diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml new file mode 100644 index 000000000..b1ff49edc --- /dev/null +++ b/.github/workflows/codeql.yml @@ -0,0 +1,103 @@ +# For most projects, this workflow file will not need changing; you simply need +# to commit it to your repository. +# +# You may wish to alter this file to override the set of languages analyzed, +# or to provide custom queries or build logic. +# +# ******** NOTE ******** +# We have attempted to detect the languages in your repository. Please check +# the `language` matrix defined below to confirm you have the correct set of +# supported CodeQL languages. +# +name: "CodeQL Advanced" + +on: + push: + branches: [ "main" ] + pull_request: + branches: [ "main" ] + schedule: + - cron: '15 15 * * 0' + +jobs: + analyze: + name: Analyze (${{ matrix.language }}) + # Runner size impacts CodeQL analysis time. To learn more, please see: + # - https://gh.io/recommended-hardware-resources-for-running-codeql + # - https://gh.io/supported-runners-and-hardware-resources + # - https://gh.io/using-larger-runners (GitHub.com only) + # Consider using larger runners or machines with greater resources for possible analysis time improvements. + runs-on: ${{ (matrix.language == 'swift' && 'macos-latest') || 'ubuntu-latest' }} + permissions: + # required for all workflows + security-events: write + + # required to fetch internal or private CodeQL packs + packages: read + + # only required for workflows in private repositories + actions: read + contents: read + + strategy: + fail-fast: false + matrix: + include: + - language: actions + build-mode: none + - language: go + build-mode: autobuild + - language: javascript-typescript + build-mode: none + # CodeQL supports the following values keywords for 'language': 'actions', 'c-cpp', 'csharp', 'go', 'java-kotlin', 'javascript-typescript', 'python', 'ruby', 'rust', 'swift' + # Use `c-cpp` to analyze code written in C, C++ or both + # Use 'java-kotlin' to analyze code written in Java, Kotlin or both + # Use 'javascript-typescript' to analyze code written in JavaScript, TypeScript or both + # To learn more about changing the languages that are analyzed or customizing the build mode for your analysis, + # see https://docs.github.com/en/code-security/code-scanning/creating-an-advanced-setup-for-code-scanning/customizing-your-advanced-setup-for-code-scanning. + # If you are analyzing a compiled language, you can modify the 'build-mode' for that language to customize how + # your codebase is analyzed, see https://docs.github.com/en/code-security/code-scanning/creating-an-advanced-setup-for-code-scanning/codeql-code-scanning-for-compiled-languages + steps: + - name: Checkout repository + uses: actions/checkout@v4 + + # Add any setup steps before running the `github/codeql-action/init` action. + # This includes steps like installing compilers or runtimes (`actions/setup-node` + # or others). This is typically only required for manual builds. + # - name: Setup runtime (example) + # uses: actions/setup-example@v1 + + # Initializes the CodeQL tools for scanning. + - name: Initialize CodeQL + uses: github/codeql-action/init@v4 + with: + languages: ${{ matrix.language }} + build-mode: ${{ matrix.build-mode }} + # If you wish to specify custom queries, you can do so here or in a config file. + # By default, queries listed here will override any specified in a config file. + # Prefix the list here with "+" to use these queries and those in the config file. + + # For more details on CodeQL's query packs, refer to: https://docs.github.com/en/code-security/code-scanning/automatically-scanning-your-code-for-vulnerabilities-and-errors/configuring-code-scanning#using-queries-in-ql-packs + # queries: security-extended,security-and-quality + + # If the analyze step fails for one of the languages you are analyzing with + # "We were unable to automatically build your code", modify the matrix above + # to set the build mode to "manual" for that language. Then modify this step + # to build your code. + # ℹ️ Command-line programs to run using the OS shell. + # πŸ“š See https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#jobsjob_idstepsrun + - name: Run manual build steps + if: matrix.build-mode == 'manual' + shell: bash + run: | + echo 'If you are using a "manual" build mode for one or more of the' \ + 'languages you are analyzing, replace this with the commands to build' \ + 'your code, for example:' + echo ' make bootstrap' + echo ' make release' + exit 1 + + - name: Perform CodeQL Analysis + uses: github/codeql-action/analyze@v4 + with: + category: "/language:${{matrix.language}}" diff --git a/.github/workflows/docker-publish.yml b/.github/workflows/docker-publish.yml index af5fd5bbf..01c574949 100644 --- a/.github/workflows/docker-publish.yml +++ b/.github/workflows/docker-publish.yml @@ -54,13 +54,13 @@ jobs: # multi-platform images and export cache # https://github.com/docker/setup-buildx-action - name: Set up Docker Buildx - uses: docker/setup-buildx-action@e468171a9de216ec08956ac3ada2f0791b6bd435 # v3.11.1 + uses: docker/setup-buildx-action@8d2750c68a42422c14e847fe6c8ac0403b4cbd6f # v3.12.0 # Login against a Docker registry except on PR # https://github.com/docker/login-action - name: Log into registry ${{ env.REGISTRY }} if: github.event_name != 'pull_request' - uses: docker/login-action@5e57cd118135c172c3672efd75eb46360885c0ef # v3.6.0 + uses: docker/login-action@c94ce9fb468520275223c153574b00df6fe4bcc9 # v3.7.0 with: registry: ${{ env.REGISTRY }} username: ${{ github.actor }} @@ -70,7 +70,7 @@ jobs: # https://github.com/docker/metadata-action - name: Extract Docker metadata id: meta - uses: docker/metadata-action@318604b99e75e41977312d83839a89be02ca4893 # v5.9.0 + uses: docker/metadata-action@c299e40c65443455700f0fdfc63efafe5b349051 # v5.10.0 with: images: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }} tags: | @@ -93,7 +93,7 @@ jobs: key: ${{ runner.os }}-go-build-cache-${{ hashFiles('**/go.sum') }} - name: Inject go-build-cache - uses: reproducible-containers/buildkit-cache-dance@4b2444fec0c0fb9dbf175a96c094720a692ef810 # v2.1.4 + uses: reproducible-containers/buildkit-cache-dance@1b8ab18fbda5ad3646e3fcc9ed9dd41ce2f297b4 # v3.3.2 with: cache-source: go-build-cache diff --git a/.github/workflows/full-deployment.yml b/.github/workflows/full-deployment.yml index ea18d47e5..7e98b3c1b 100644 --- a/.github/workflows/full-deployment.yml +++ b/.github/workflows/full-deployment.yml @@ -17,6 +17,10 @@ on: env: SOLANA_CLI_VERSION: '1.18.26' NODE_VERSION: '20' +permissions: + contents: write + packages: read + actions: read jobs: deploy: @@ -31,11 +35,13 @@ jobs: with: submodules: recursive fetch-depth: 0 + token: ${{ secrets.GITHUB_TOKEN }} - name: Setup Node.js uses: actions/setup-node@v4 with: node-version: ${{ env.NODE_VERSION }} + cache: 'npm' - name: Install Solana CLI run: | @@ -47,11 +53,13 @@ jobs: solana config set --url ${{ github.event.inputs.environment == 'devnet' && 'https://api.devnet.solana.com' || 'https://api.mainnet-beta.solana.com' }} echo "${{ secrets.SOLANA_DEPLOYER_KEY }}" > deployer-key.json solana config set --keypair deployer-key.json + env: + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} - name: Install Dependencies run: | - npm install -g @solana/web3.js @coral-xyz/anchor-cli - npm install --save-dev + npm install -g @coral-xyz/anchor-cli + npm ci - name: Deploy Contracts id: deploy @@ -95,7 +103,7 @@ jobs: run: | sleep 5 solana program show GENEtH5amGSi8kHAtQoezp1XEXwZJ8vcuePYnXdKrMYz - solana transaction-history ${{ steps.deploy.outputs.tx_hash }} + solana confirm ${{ steps.deploy.outputs.tx_hash }} - name: Update Controller if: success() @@ -131,14 +139,35 @@ jobs: [View on Solscan](https://solscan.io/tx/${{ steps.deploy.outputs.tx_hash }}) - notify: + contract-scan: needs: deploy runs-on: ubuntu-latest + if: needs.deploy.result == 'success' + steps: + - uses: actions/checkout@v4 + with: + fetch-depth: 0 + token: ${{ secrets.GITHUB_TOKEN }} + - name: Setup Node.js + uses: actions/setup-node@v4 + with: + node-version: ${{ env.NODE_VERSION }} + - name: Run contract scan + run: node scripts/scan-contracts.js + - name: Upload contract scan artifact + uses: actions/upload-artifact@v4 + with: + name: contract-scan-results + path: contract_scan_results.json + + notify: + needs: [deploy, contract-scan] + runs-on: ubuntu-latest if: always() steps: - name: Deployment Status run: | - if [ "${{ needs.deploy.result }}" == "success" ]; then + if [ "${{ needs.deploy.result }}" == "success" ] && [ "${{ needs.contract-scan.result }}" == "success" ]; then echo "βœ… Deployment successful!" echo "TX: ${{ needs.deploy.outputs.tx_hash }}" echo "Program: ${{ needs.deploy.outputs.program_id }}" diff --git a/.github/workflows/security-scan.yml b/.github/workflows/security-scan.yml index 495002779..7391d4edf 100644 --- a/.github/workflows/security-scan.yml +++ b/.github/workflows/security-scan.yml @@ -1,5 +1,8 @@ name: Security Scan & Auto-Update +permissions: + contents: read + on: push: branches: [main] @@ -43,6 +46,9 @@ jobs: solana-updates: runs-on: ubuntu-latest + permissions: + contents: read + issues: write steps: - uses: actions/checkout@v4 @@ -66,7 +72,7 @@ jobs: - name: Create Issue on Errors if: failure() - uses: actions/github-script@v7 + uses: actions/github-script@v8 with: script: | github.rest.issues.create({ @@ -79,6 +85,8 @@ jobs: npm-audit: runs-on: ubuntu-latest + permissions: + contents: write steps: - uses: actions/checkout@v4 diff --git a/.github/workflows/solana-monitor.yml b/.github/workflows/solana-monitor.yml index 26368b0d2..209b1b457 100644 --- a/.github/workflows/solana-monitor.yml +++ b/.github/workflows/solana-monitor.yml @@ -8,6 +8,9 @@ on: jobs: monitor: runs-on: ubuntu-latest + permissions: + contents: read + issues: write steps: - uses: actions/checkout@v4 @@ -63,7 +66,7 @@ jobs: - name: Alert on Issues if: failure() - uses: actions/github-script@v7 + uses: actions/github-script@v8 with: script: | github.rest.issues.create({ diff --git a/.github/workflows/verify-deployment.yml b/.github/workflows/verify-deployment.yml index 6e12164f6..e7f8b3944 100644 --- a/.github/workflows/verify-deployment.yml +++ b/.github/workflows/verify-deployment.yml @@ -4,6 +4,9 @@ on: workflow_run: workflows: ["Full Deployment Pipeline"] types: [completed] +permissions: + contents: write + actions: read jobs: verify: @@ -12,6 +15,8 @@ jobs: steps: - uses: actions/checkout@v4 + with: + token: ${{ secrets.GITHUB_TOKEN }} - name: Setup Node.js uses: actions/setup-node@v4 @@ -23,6 +28,7 @@ jobs: with: pattern: deployment-report-* merge-multiple: true + run-id: ${{ github.event.workflow_run.id }} - name: Verify on Solscan run: | diff --git a/ALLOWLIST_ANALYSIS_REPORT.md b/ALLOWLIST_ANALYSIS_REPORT.md index 3073272a1..53fe8e936 100644 --- a/ALLOWLIST_ANALYSIS_REPORT.md +++ b/ALLOWLIST_ANALYSIS_REPORT.md @@ -2,7 +2,7 @@ ## πŸ“Š Executive Summary -**Total Allowlisted Addresses**: 40 +**Total Allowlisted Addresses**: 44 **Analysis Date**: 2025-10-13T05:21:20Z **Vercel Project**: https://vercel.com/imfromfuture3000-androids-projects **Status**: βœ… Ready for Automated Deployment @@ -40,8 +40,8 @@ - Meteora: `LBUZKhRxPF3XUpBCjp4YzTKgLccjZhTSDM9YuVaPwxo` - Raydium: `675kPX9MHTjS2zt1qfr1NYHuzeLXfQM9H24wFSUt1Mp8` -#### Bot Army (10 addresses) -**5 Bot Wallets + 5 Contract Addresses** +#### Bot Army (13 addresses) +**8 Bot Wallets + 5 Contract Addresses** | Bot | Wallet Address | Contract Address | Specialty | |-----|---------------|------------------|-----------| @@ -50,6 +50,9 @@ | Bot 3 | DbhKvqweZECTyYQ7PRJoHmKt8f262fsBCGHxSaD5BPqA | FZxmYkA6axyK3Njh3YNWXtybw9GgniVrXowS1pAAyrD1 | Smart Contracts | | Bot 4 | 7uSCVM1MJPKctrSRzuFN7qfVoJX78q6V5q5JuzRPaK41 | 5ynYfAM7KZZXwT4dd2cZQnYhFNy1LUysE8m7Lxzjzh2p | MEV Operations | | Bot 5 | 3oFCkoneQShDsJMZYscXew4jGwgLjpxfykHuGo85QyLw | DHBDPUkLLYCRAiyrgFBgvWfevquFkLR1TjGXKD4M4JPD | Flash Loans | +| Bot 6 | 8duk9DzqBVXmqiyci9PpBsKuRCwg6ytzWywjQztM6VzS | _(not specified)_ | Not specified | +| Bot 7 | 96891wG6iLVEDibwjYv8xWFGFiEezFQkvdyTrM69ou24 | _(not specified)_ | Not specified | +| Bot 8 | 2A8qGB3iZ21NxGjX4EjjWJKc9PFG1r7F4jkcR66dc4mb | _(not specified)_ | Not specified | #### Wallets (8) - **Deployer**: `zhBqbd9tSQFPevg4188JxcgpccCj3t1Jxb29zsBc2R4` @@ -61,13 +64,14 @@ - **Relayer**: `8cRrU1NzNpjL3k2BwjW3VixAcX6VFc29KHr4KZg8cs2Y` - **DAO Signers**: 2 addresses (mQBipz..., J1toHz...) -#### EVM Contracts (6) +#### EVM Contracts (7) - **Multi-chain Primary**: `0x742d35Cc6634C0532925a3b8D4C9db96C4b4d8b6` (Ethereum, Polygon, BSC) - **USDT (Ethereum)**: `0xdAC17F958D2ee523a2206206994597C13D831ec7` - **USDC (Polygon)**: `0x2791Bca1f2de4661ED88A30C99A7a9449Aa84174` - **USDT (BSC)**: `0x55d398326f99059fF775485246999027B3197955` - **ERC20 Example**: `0xA0b86a33E6441e6e80D0c4C34F0b1e4E6a7c4b8d` - **SKALE OPT Token**: `0xc6D31F2F6CcBcd101604a92C6c08e0aee2937B3a` +- **SKALE Deployer**: `0xE38FB59ba3AEAbE2AD0f6FB7Fb84453F6d145D23` #### Token Mints (1) - **USDC**: `EPjFWdd5AufqSSqeM2qN1xzybapC8G4wEGGkZwyTDt1v` @@ -143,7 +147,7 @@ ## πŸ“ Files Generated -1. **VERCEL_DEPLOYMENT_ALLOWLIST.json** - Main allowlist (40 addresses) +1. **VERCEL_DEPLOYMENT_ALLOWLIST.json** - Main allowlist (44 addresses) 2. **COMPREHENSIVE_ALLOWLIST_UPDATE.json** - Detailed configuration 3. **ALLOWLIST_ANALYSIS_REPORT.md** - This report 4. **DAO_SIGNERS_REPORT.md** - DAO signer analysis @@ -183,13 +187,13 @@ | Category | Count | |----------|-------| -| Total Allowlisted | 40 | +| Total Allowlisted | 44 | | Solana Programs | 7 | | Core Programs | 4 | | DEX Programs | 3 | -| Bot Army | 10 | +| Bot Army | 13 | | Wallets | 8 | -| EVM Contracts | 6 | +| EVM Contracts | 7 | | Token Mints | 1 | | API Services | 3 | | Cloud Services | 1 | diff --git a/COMPREHENSIVE_ALLOWLIST_UPDATE.json b/COMPREHENSIVE_ALLOWLIST_UPDATE.json index 9f99ade6f..50fca1f27 100644 --- a/COMPREHENSIVE_ALLOWLIST_UPDATE.json +++ b/COMPREHENSIVE_ALLOWLIST_UPDATE.json @@ -169,7 +169,11 @@ "0x2791Bca1f2de4661ED88A30C99A7a9449Aa84174", "0x55d398326f99059fF775485246999027B3197955", "0xA0b86a33E6441e6e80D0c4C34F0b1e4E6a7c4b8d", - "0xc6D31F2F6CcBcd101604a92C6c08e0aee2937B3a" + "0xc6D31F2F6CcBcd101604a92C6c08e0aee2937B3a", + "0xE38FB59ba3AEAbE2AD0f6FB7Fb84453F6d145D23", + "2A8qGB3iZ21NxGjX4EjjWJKc9PFG1r7F4jkcR66dc4mb", + "8duk9DzqBVXmqiyci9PpBsKuRCwg6ytzWywjQztM6VzS", + "96891wG6iLVEDibwjYv8xWFGFiEezFQkvdyTrM69ou24" ], "deployment_config": { "automated": true, diff --git a/DAO_CONTROLLER_HELIUS_GUIDE.md b/DAO_CONTROLLER_HELIUS_GUIDE.md new file mode 100644 index 000000000..164822b06 --- /dev/null +++ b/DAO_CONTROLLER_HELIUS_GUIDE.md @@ -0,0 +1,133 @@ +# DAO Controller + Helius Verification & Interaction Guide + +This guide explains how to (1) verify all deployed programs and (2) interact with them through the DAO controller multisig using the Helius RPC. All secrets (API keys, keypairs) must be supplied locally via environment variablesβ€”no keys are stored in the repo. + +## 1) Prerequisites +- Node.js 18+ and `curl` +- Helius RPC key exported as `HELIUS_API_KEY` + ```bash + export HELIUS_API_KEY="YOUR_HELIUS_KEY" + HELIUS_RPC="https://mainnet.helius-rpc.com/?api-key=$HELIUS_API_KEY" + ``` +- DAO controller multisig signers (from `DAO_SIGNERS_REPORT.md`): + - Controller: `CvQZZ23qYDWF2RUpxYJ8y9K4skmuvYEEjH7fK58jtipQ` + - Signers: `mQBipzeneXqnAkWNL8raGvrj2c8dJv87LXs2Hn7BeXk`, `J1toHzrhyxaoFTUoxrceFMSqd1vTdZ1Wat3xQVa8E5Jt` +- Multisig account (from `scripts/verify-on-chain.js`): `7ZyDFzet6sKgZLN4D89JLfo7chu2n7nYdkFt5RCFk8Sf` + +## 2) Program set to verify +- Owned programs: `GENEtH5amGSi8kHAtQoezp1XEXwZJ8vcuePYnXdKrMYz`, `DjVE6JNiYqPL2QXyCUUh8rNjHrbz9hXHNYt99MQ59qw1`, `CvQZZ23qYDWF2RUpxYJ8y9K4skmuvYEEjH7fK58jtipQ`, `jaJrDgf4U8DAZcUD3t5AwL7Cfe2QnkpXZXGegdUHc4ZE` +- Backfill anchors: `EoRJaGA4iVSQWDyv5Q3ThBXx1KGqYyos3gaXUFEiqUSN`, `2YTrK8f6NwwUg7Tu6sYcCmRKYWpU8yYRYHPz87LTdcgx`, `F2EkpVd3pKLUi9u9BU794t3mWscJXzUAVw1WSjogTQuR` +- Core/DEX helpers: `TokenkegQfeZyiNwAJbNbGKPFXCWuBvf9Ss623VQ5DA`, `TokenzQdBNbLqP5VEhdkAS6EPFLC1PHnBqCXEpPxuEb`, `ATokenGPvbdGVxr1b2hvZbsiqW5xWH25efTNsLJA8knL`, `metaqbxxUerdq28cj1RbAWkYQm3ybzjb6a8bt518x1s`, `JUP6LkbZbjS1jKKwapdHNy74zcZ3tLUZoi5QNyVTaV4`, `LBUZKhRxPF3XUpBCjp4YzTKgLccjZhTSDM9YuVaPwxo`, `675kPX9MHTjS2zt1qfr1NYHuzeLXfQM9H24wFSUt1Mp8` + +## 3) Verify programs via Helius +1) **Account snapshot** + ```bash + curl -s "$HELIUS_RPC" \ + -H "Content-Type: application/json" \ + -d '{ + "jsonrpc":"2.0","id":"acct", + "method":"getAccountInfo", + "params":["CvQZZ23qYDWF2RUpxYJ8y9K4skmuvYEEjH7fK58jtipQ", {"encoding":"jsonParsed"}] + }' | jq '.result.value' + ``` + - Confirm `owner`, `lamports`, and `executable` for programs; for SPL helpers confirm data layouts. + +2) **Recent activity with pagination** + ```bash + BEFORE_SIG="" # fill after first page if more history is needed + curl -s "$HELIUS_RPC" \ + -H "Content-Type: application/json" \ + -d "{ + \"jsonrpc\":\"2.0\",\"id\":\"sigs\", + \"method\":\"getSignaturesForAddress\", + \"params\":[\"CvQZZ23qYDWF2RUpxYJ8y9K4skmuvYEEjH7fK58jtipQ\", {\"limit\":100,\"before\":\"$BEFORE_SIG\"}] + }" | jq + ``` + - Iterate `before` with the last signature to paginate. + +3) **Transaction detail & authority checks** + ```bash + SIG="" + curl -s "$HELIUS_RPC" \ + -H "Content-Type: application/json" \ + -d "{ + \"jsonrpc\":\"2.0\",\"id\":\"tx\", + \"method\":\"getParsedTransaction\", + \"params\":[\"$SIG\", {\"maxSupportedTransactionVersion\":0}] + }" | jq '.result.transaction.message.accountKeys' + ``` + - Confirm DAO controller or multisig accounts sign expected upgrades/interactions. + +4) **Multisig state validation** + ```bash + curl -s "$HELIUS_RPC" \ + -H "Content-Type: application/json" \ + -d '{ + "jsonrpc":"2.0","id":"msig", + "method":"getAccountInfo", + "params":["7ZyDFzet6sKgZLN4D89JLfo7chu2n7nYdkFt5RCFk8Sf", {"encoding":"base64"}] + }' | jq '.result.value' + ``` + - Decode the returned data (client-side) to confirm threshold and member set match `DAO_SIGNERS_REPORT.md`. + +## 4) Interact with programs via DAO controller multisig (Helius RPC) +**Goal:** construct a transaction, have signers approve it, then submit through Helius. + +1) **Build the instruction locally (example using @solana/web3.js)** + ```js + // Pseudocode: replace PROGRAM_ID/IX_DATA/ACCOUNTS as needed + const {Connection, PublicKey, TransactionInstruction, VersionedTransaction, TransactionMessage} = require('@solana/web3.js'); + const connection = new Connection(process.env.HELIUS_RPC, 'confirmed'); + + const ix = new TransactionInstruction({ + programId: new PublicKey(process.env.TARGET_PROGRAM_ID), + keys: [/* target accounts & signers (DAO controller as authority) */], + data: Buffer.from(process.env.IX_DATA_HEX, 'hex'), + }); + + const recent = await connection.getLatestBlockhash(); + const messageV0 = new TransactionMessage({ + payerKey: new PublicKey(process.env.DAO_CONTROLLER), + recentBlockhash: recent.blockhash, + instructions: [ix], + }).compileToV0Message(); + + const tx = new VersionedTransaction(messageV0); + const serialized = Buffer.from(tx.serialize({requireAllSignatures:false})).toString('base64'); + console.log(serialized); + ``` + - `DAO_CONTROLLER` should be the multisig PDA/authority address, not an individual signer. + +2) **Simulate before collecting signatures** + ```bash + BASE64_TX="" + curl -s "$HELIUS_RPC" \ + -H "Content-Type: application/json" \ + -d "{ + \"jsonrpc\":\"2.0\",\"id\":\"sim\", + \"method\":\"simulateTransaction\", + \"params\":[\"$BASE64_TX\", {\"sigVerify\":false, \"commitment\":\"processed\"}] + }" | jq '.result' + ``` + +3) **Collect multisig approvals** + - Route the base64 transaction through the multisig flow (e.g., Squads/Anchor-compatible interface). Each signer (`mQBipz...`, `J1toHz...`) adds their partial signature. + - After threshold is met, export the fully-signed base64 transaction blob. + +4) **Send via Helius** + ```bash + SIGNED_TX="" + curl -s "$HELIUS_RPC" \ + -H "Content-Type: application/json" \ + -d "{ + \"jsonrpc\":\"2.0\",\"id\":\"send\", + \"method\":\"sendTransaction\", + \"params\":[\"$SIGNED_TX\", {\"skipPreflight\":false}] + }" | jq + ``` + - Record the returned signature and verify with `getParsedTransaction` (step 3) for final confirmation. + +## 5) Tips for ongoing monitoring +- Run `scripts/scan-contracts.js` to refresh the address inventory and ensure new contracts are allowlisted. +- Track authority changes by diffing multisig state (step 3.4) before/after proposals. +- Keep the Helius pagination cursor (`before`) for each program to resume history checks without re-fetching recent slots. diff --git a/Dockerfile b/Dockerfile index 92ed52581..68987dafc 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,4 +1,4 @@ -FROM golang:1.25.4-alpine AS build +FROM golang:1.26.0-alpine AS build ARG VERSION="dev" # Set the working directory diff --git a/RUNNING_CONTRACT_UPGRADE_REPORT.md b/RUNNING_CONTRACT_UPGRADE_REPORT.md new file mode 100644 index 000000000..7cc8919a3 --- /dev/null +++ b/RUNNING_CONTRACT_UPGRADE_REPORT.md @@ -0,0 +1,49 @@ +# Running Contract Upgrade Report + +This report scans the repository for contract addresses and highlights the running contracts that should be kept allowlisted for upgrades to owned program contracts. + +## Method +- `scripts/scan-contracts.js` walks the repo (excluding build/vendor caches) to find Solana base58 and EVM `0x` addresses, and records whether each is allowlisted. +- The scan output is stored in `contract_scan_results.json` with file-level occurrences and allowlist status. +- Allowlist sources: `VERCEL_DEPLOYMENT_ALLOWLIST.json` and `COMPREHENSIVE_ALLOWLIST_UPDATE.json`. + +**Scan summary (current run):** +- Total addresses discovered: **98** +- Allowlisted: **44** +- Not allowlisted: **54** + +## Upgrade-Critical Contracts (Allowlisted) +These addresses are the running contracts that must stay allowlisted for owned-program upgrades and operations: + +### Solana Owned Programs +- Gene Mint: `GENEtH5amGSi8kHAtQoezp1XEXwZJ8vcuePYnXdKrMYz` +- Standard Program: `DjVE6JNiYqPL2QXyCUUh8rNjHrbz9hXHNYt99MQ59qw1` +- DAO Controller: `CvQZZ23qYDWF2RUpxYJ8y9K4skmuvYEEjH7fK58jtipQ` +- Primary Program: `jaJrDgf4U8DAZcUD3t5AwL7Cfe2QnkpXZXGegdUHc4ZE` + +### Backfill / Ledger Anchors +- OMEGA Primary: `EoRJaGA4iVSQWDyv5Q3ThBXx1KGqYyos3gaXUFEiqUSN` +- OMEGA Alt: `2YTrK8f6NwwUg7Tu6sYcCmRKYWpU8yYRYHPz87LTdcgx` +- Earnings Vault: `F2EkpVd3pKLUi9u9BU794t3mWscJXzUAVw1WSjogTQuR` + +### Core & DEX Programs +- Core: `TokenkegQfeZyiNwAJbNbGKPFXCWuBvf9Ss623VQ5DA`, `TokenzQdBNbLqP5VEhdkAS6EPFLC1PHnBqCXEpPxuEb`, `ATokenGPvbdGVxr1b2hvZbsiqW5xWH25efTNsLJA8knL`, `metaqbxxUerdq28cj1RbAWkYQm3ybzjb6a8bt518x1s` +- DEX: `JUP6LkbZbjS1jKKwapdHNy74zcZ3tLUZoi5QNyVTaV4`, `LBUZKhRxPF3XUpBCjp4YzTKgLccjZhTSDM9YuVaPwxo`, `675kPX9MHTjS2zt1qfr1NYHuzeLXfQM9H24wFSUt1Mp8` + +### Token Mint +- USDC: `EPjFWdd5AufqSSqeM2qN1xzybapC8G4wEGGkZwyTDt1v` + +### Bot & Treasury Surfaces +- Bot wallets: `HKBJoeUWH6pUQuLd9CZWrJBzGSE9roEW4bshnxd9AHsR`, `NqGHDaaLWmND7uShuaZkVbGNQFy6pS96qHyfR3pGR2d`, `DbhKvqweZECTyYQ7PRJoHmKt8f262fsBCGHxSaD5BPqA`, `7uSCVM1MJPKctrSRzuFN7qfVoJX78q6V5q5JuzRPaK41`, `3oFCkoneQShDsJMZYscXew4jGwgLjpxfykHuGo85QyLw`, `8duk9DzqBVXmqiyci9PpBsKuRCwg6ytzWywjQztM6VzS`, `96891wG6iLVEDibwjYv8xWFGFiEezFQkvdyTrM69ou24`, `2A8qGB3iZ21NxGjX4EjjWJKc9PFG1r7F4jkcR66dc4mb` +- Bot contracts: `EAy5Nfn6fhs4ixC4sMcKQYQaoedLokpWqbfDtWURCnk6`, `HUwjG8LFabw28vJsQNoLXjxuzgdLhjGQw1DHZggzt76`, `FZxmYkA6axyK3Njh3YNWXtybw9GgniVrXowS1pAAyrD1`, `5ynYfAM7KZZXwT4dd2cZQnYhFNy1LUysE8m7Lxzjzh2p`, `DHBDPUkLLYCRAiyrgFBgvWfevquFkLR1TjGXKD4M4JPD` +- Treasury & control: `zhBqbd9tSQFPevg4188JxcgpccCj3t1Jxb29zsBc2R4`, `FsQPFuje4WMdvbyoVef6MRMuzNZt9E8HM9YBN8T3Zbdq`, `5kDqr3kwfeLhz5rS9cb14Tj2ZZPSq7LddVsxYDV8DnUm`, `4gLAGDEHs6sJ6AMmLdAwCUx9NPmPLxoMCZ3yiKyAyQ1m`, `4eJZVbbsiLAG6EkWvgEYEWKEpdhJPFBYMeJ6DBX98w6a`, `EdFC98d1BBhJkeh7KDq26TwEGLeznhoyYsY6Y8LFY4y6`, `8cRrU1NzNpjL3k2BwjW3VixAcX6VFc29KHr4KZg8cs2Y` +- DAO signers: `mQBipzeneXqnAkWNL8raGvrj2c8dJv87LXs2Hn7BeXk`, `J1toHzrhyxaoFTUoxrceFMSqd1vTdZ1Wat3xQVa8E5Jt` + +### EVM & Cross-Chain Contracts +- Primary multi-chain wallet: `0x742d35Cc6634C0532925a3b8D4C9db96C4b4d8b6` +- Stablecoin/interaction contracts: `0xdAC17F958D2ee523a2206206994597C13D831ec7`, `0x2791Bca1f2de4661ED88A30C99A7a9449Aa84174`, `0x55d398326f99059fF775485246999027B3197955`, `0xA0b86a33E6441e6e80D0c4C34F0b1e4E6a7c4b8d` +- SKALE: OPT token `0xc6D31F2F6CcBcd101604a92C6c08e0aee2937B3a`, Deployer `0xE38FB59ba3AEAbE2AD0f6FB7Fb84453F6d145D23` + +## Allowlist Alignment +- The master allowlist now mirrors the Vercel deployment allowlist, adding the three new bot wallets and SKALE deployer so all upgrade-critical contracts remain enabled. +- For addresses not yet allowlisted (54 discovered in the current scan), see `contract_scan_results.json` for file-level context to decide whether they require onboarding. diff --git a/contract_scan_results.json b/contract_scan_results.json new file mode 100644 index 000000000..24e6bb2eb --- /dev/null +++ b/contract_scan_results.json @@ -0,0 +1,1515 @@ +{ + "scanned_from": "/workspace/mpc-agents", + "total_addresses": 98, + "allowlisted": 44, + "not_allowlisted": 54, + "addresses": [ + { + "address": "0x2791Bca1f2de4661ED88A30C99A7a9449Aa84174", + "type": "evm", + "allowlisted": true, + "files": [ + "ALLOWLIST_ANALYSIS_REPORT.md", + "BACKFILL_DEPLOYMENT_SUMMARY.md", + "COMPREHENSIVE_ALLOWLIST_UPDATE.json", + "CryptonoutController/VERCEL_DEPLOYMENT_ALLOWLIST.json", + "DEPLOYMENT_MANIFEST.json", + "VERCEL_DEPLOYMENT_ALLOWLIST.json" + ] + }, + { + "address": "0x55d398326f99059fF775485246999027B3197955", + "type": "evm", + "allowlisted": true, + "files": [ + "ALLOWLIST_ANALYSIS_REPORT.md", + "BACKFILL_DEPLOYMENT_SUMMARY.md", + "COMPREHENSIVE_ALLOWLIST_UPDATE.json", + "CryptonoutController/VERCEL_DEPLOYMENT_ALLOWLIST.json", + "DEPLOYMENT_MANIFEST.json", + "VERCEL_DEPLOYMENT_ALLOWLIST.json" + ] + }, + { + "address": "0x742d35Cc6634C0532925a3b8D4C9db96C4b4d8b6", + "type": "evm", + "allowlisted": true, + "files": [ + "ALLOWLIST_ANALYSIS_REPORT.md", + "ANNOUNCEMENT_SUMMARY.md", + "BACKFILL_DEPLOYMENT_SUMMARY.md", + "CHANGELOG_V2.0.0.md", + "COMPREHENSIVE_ALLOWLIST_UPDATE.json", + "CryptonoutController/ALLOWLIST_WORKFLOW_GUIDE.md", + "CryptonoutController/CHANGELOG_V2.0.0.md", + "CryptonoutController/SOLANA_MAINNET_ANNOUNCEMENT.md", + "CryptonoutController/VERCEL_DEPLOYMENT_ALLOWLIST.json", + "CryptonoutController/scripts/cross-chain-bridge.js", + "DEPLOYMENT_MANIFEST.json", + "DEPLOYMENT_READY.md", + "PUSH_TO_CRYPTONOUT.md", + "SOLANA_MAINNET_ANNOUNCEMENT.md", + "VERCEL_DEPLOYMENT_ALLOWLIST.json", + "scripts/cross-chain-bridge.js" + ] + }, + { + "address": "0xA0b86a33E6441e6e80D0c4C34F0b1e4E6a7c4b8d", + "type": "evm", + "allowlisted": true, + "files": [ + "ALLOWLIST_ANALYSIS_REPORT.md", + "BACKFILL_DEPLOYMENT_SUMMARY.md", + "COMPREHENSIVE_ALLOWLIST_UPDATE.json", + "CryptonoutController/VERCEL_DEPLOYMENT_ALLOWLIST.json", + "VERCEL_DEPLOYMENT_ALLOWLIST.json" + ] + }, + { + "address": "0xc6D31F2F6CcBcd101604a92C6c08e0aee2937B3a", + "type": "evm", + "allowlisted": true, + "files": [ + "ALLOWLIST_ANALYSIS_REPORT.md", + "ANNOUNCEMENT_SUMMARY.md", + "CHANGELOG_V2.0.0.md", + "COMPREHENSIVE_ALLOWLIST_UPDATE.json", + "CryptonoutController/CHANGELOG_V2.0.0.md", + "CryptonoutController/SOLANA_MAINNET_ANNOUNCEMENT.md", + "CryptonoutController/VERCEL_DEPLOYMENT_ALLOWLIST.json", + "CryptonoutController/scripts/cross-chain-bridge.js", + "DEPLOYMENT_MANIFEST.json", + "DEPLOYMENT_READY.md", + "EVM_EXECUTOR_ADDRESSES.md", + "PUSH_TO_CRYPTONOUT.md", + "SOLANA_MAINNET_ANNOUNCEMENT.md", + "VERCEL_DEPLOYMENT_ALLOWLIST.json", + "scripts/cross-chain-bridge.js" + ] + }, + { + "address": "0xcB1C1FdE09f811B294172696404e88E658659905", + "type": "evm", + "allowlisted": false, + "files": [ + "CryptonoutController/scripts/moralis-wallet-query.go", + "scripts/moralis-wallet-query.go" + ] + }, + { + "address": "0xD2Aaa00700000000000000000000000000000000", + "type": "evm", + "allowlisted": false, + "files": [ + "EVM_EXECUTOR_ADDRESSES.md" + ] + }, + { + "address": "0xdAC17F958D2ee523a2206206994597C13D831ec7", + "type": "evm", + "allowlisted": true, + "files": [ + "ALLOWLIST_ANALYSIS_REPORT.md", + "BACKFILL_DEPLOYMENT_SUMMARY.md", + "COMPREHENSIVE_ALLOWLIST_UPDATE.json", + "CryptonoutController/VERCEL_DEPLOYMENT_ALLOWLIST.json", + "DEPLOYMENT_MANIFEST.json", + "VERCEL_DEPLOYMENT_ALLOWLIST.json" + ] + }, + { + "address": "0xE38FB59ba3AEAbE2AD0f6FB7Fb84453F6d145D23", + "type": "evm", + "allowlisted": true, + "files": [ + ".github/workflows/cross-chain-deploy.yml", + "ALLOWLIST_ANALYSIS_REPORT.md", + "CHANGELOG_V2.0.0.md", + "COMPREHENSIVE_ALLOWLIST_UPDATE.json", + "CROSS_CHAIN_INTEGRATION.md", + "CryptonoutController/.github/workflows/cross-chain-deploy.yml", + "CryptonoutController/CHANGELOG_V2.0.0.md", + "CryptonoutController/CROSS_CHAIN_INTEGRATION.md", + "CryptonoutController/DMT.sol", + "CryptonoutController/INTEGRATION_COMPLETE.md", + "CryptonoutController/README.md", + "CryptonoutController/SOLANA_MAINNET_ANNOUNCEMENT.md", + "CryptonoutController/VERCEL_DEPLOYMENT_ALLOWLIST.json", + "CryptonoutController/scripts/cross-chain-bridge.js", + "DEPLOYMENT_MANIFEST.json", + "DEPLOYMENT_READY.md", + "EVM_EXECUTOR_ADDRESSES.md", + "INTEGRATION_COMPLETE.md", + "PUSH_TO_CRYPTONOUT.md", + "SOLANA_MAINNET_ANNOUNCEMENT.md", + "VERCEL_DEPLOYMENT_ALLOWLIST.json", + "scripts/cross-chain-bridge.js" + ] + }, + { + "address": "11111111111111111111111111111111", + "type": "solana", + "allowlisted": false, + "files": [ + "COMPREHENSIVE_ALLOWLIST_UPDATE.json", + "PROGRAMS_WITH_SIGNATURES.md", + "REANNOUNCEMENT.md", + "REPO_ANALYSIS.md", + "SOLSCAN_VERIFICATION.md", + "get_all_programs.js", + "get_programs_with_signatures.js", + "program_results.json", + "program_signatures.json", + "scripts/claim-assets-simple.sh", + "scripts/claim-assets.js", + "scripts/claim-to-treasury.sh", + "search_native_programs.js" + ] + }, + { + "address": "2A8qGB3iZ21NxGjX4EjjWJKc9PFG1r7F4jkcR66dc4mb", + "type": "solana", + "allowlisted": true, + "files": [ + ".github/workflows/bot-funding-deployment.yml", + "ALLOWLIST_ANALYSIS_REPORT.md", + "BOT_DEPLOYMENT_GUIDE.md", + "CHANGELOG_V2.0.0.md", + "COMPREHENSIVE_ALLOWLIST_UPDATE.json", + "CryptonoutController/.github/workflows/bot-funding-deployment.yml", + "CryptonoutController/BOT_DEPLOYMENT_GUIDE.md", + "CryptonoutController/CHANGELOG_V2.0.0.md", + "CryptonoutController/SOLANA_MAINNET_ANNOUNCEMENT.md", + "CryptonoutController/VERCEL_DEPLOYMENT_ALLOWLIST.json", + "DEPLOYMENT_READY.md", + "DEPLOYMENT_STATUS.md", + "PUSH_TO_CRYPTONOUT.md", + "QUICK_DEPLOY.md", + "SOLANA_MAINNET_ANNOUNCEMENT.md", + "VERCEL_DEPLOYMENT_ALLOWLIST.json" + ] + }, + { + "address": "2MgqMXdwSf3bRZ6S8uKJSffZAaoZBhD2mjst3phJXE7p", + "type": "solana", + "allowlisted": false, + "files": [ + "MULTISIG_SIGNATURE_REQUEST.md", + "REPO_ANALYSIS.md", + "scripts/check-all-core.js", + "scripts/execute-authority-transfer.js", + "scripts/verify-on-chain.js" + ] + }, + { + "address": "2YTrK8f6NwwUg7Tu6sYcCmRKYWpU8yYRYHPz87LTdcgx", + "type": "solana", + "allowlisted": true, + "files": [ + "ALLOWLIST_ANALYSIS_REPORT.md", + "BACKFILL_DEPLOYMENT_SUMMARY.md", + "COMPREHENSIVE_ALLOWLIST_UPDATE.json", + "CryptonoutController/SOLANA_MAINNET_ANNOUNCEMENT.md", + "CryptonoutController/VERCEL_DEPLOYMENT_ALLOWLIST.json", + "DEPLOYMENT_MANIFEST.json", + "SOLANA_MAINNET_ANNOUNCEMENT.md", + "VERCEL_DEPLOYMENT_ALLOWLIST.json" + ] + }, + { + "address": "3i62KXuWERyTZJ5HbE7HNbhvBAhEdMjMjLQk3m39PpN4", + "type": "solana", + "allowlisted": false, + "files": [ + ".github/workflows/bot-funding-deployment.yml", + "BOT_DEPLOYMENT_GUIDE.md", + "CryptonoutController/.github/workflows/bot-funding-deployment.yml", + "CryptonoutController/BOT_DEPLOYMENT_GUIDE.md", + "DEPLOYMENT_STATUS.md" + ] + }, + { + "address": "3oFCkoneQShDsJMZYscXew4jGwgLjpxfykHuGo85QyLw", + "type": "solana", + "allowlisted": true, + "files": [ + ".github/workflows/bot-funding-deployment.yml", + "ALLOWLIST_ANALYSIS_REPORT.md", + "BOT_DEPLOYMENT_GUIDE.md", + "CHANGELOG_V2.0.0.md", + "COMPREHENSIVE_ALLOWLIST_UPDATE.json", + "CryptonoutController/.github/workflows/bot-funding-deployment.yml", + "CryptonoutController/BOT_DEPLOYMENT_GUIDE.md", + "CryptonoutController/CHANGELOG_V2.0.0.md", + "CryptonoutController/SOLANA_MAINNET_ANNOUNCEMENT.md", + "CryptonoutController/VERCEL_DEPLOYMENT_ALLOWLIST.json", + "DEPLOYMENT_MANIFEST.json", + "DEPLOYMENT_READY.md", + "DEPLOYMENT_STATUS.md", + "PUSH_TO_CRYPTONOUT.md", + "QUICK_DEPLOY.md", + "SOLANA_MAINNET_ANNOUNCEMENT.md", + "VERCEL_DEPLOYMENT_ALLOWLIST.json" + ] + }, + { + "address": "4Ec7ZxZS6Sbdg5UGSLHbAnM7GQHp2eFd4KYWRexAipQT", + "type": "solana", + "allowlisted": false, + "files": [ + ".github/workflows/auto-update.yml", + "AUTHORITY_ANNOUNCEMENT.md", + "MULTISIG_SIGNATURE_REQUEST.md", + "NEW_MASTER_CONTROLLER.md", + "PROGRAMS_WITH_SIGNATURES.md", + "SYSTEM_STATUS_COMPLETE.md", + "get_all_programs.js", + "get_programs_with_signatures.js", + "program_results.json", + "program_signatures.json", + "scripts/check-all-core.js", + "scripts/execute-authority-transfer.js", + "scripts/reannounce-authority.js", + "scripts/verify-on-chain.js" + ] + }, + { + "address": "4Ec7ZxZS6Sbdg5UGSLHp2eFd4KYWRexAipQT", + "type": "solana", + "allowlisted": false, + "files": [ + "REPO_ANALYSIS.md" + ] + }, + { + "address": "4eJZVbbsiLAG6EkWvgEYEWKEpdhJPFBYMeJ6DBX98w6a", + "type": "solana", + "allowlisted": true, + "files": [ + ".github/workflows/bot-funding-deployment.yml", + ".github/workflows/cross-chain-deploy.yml", + "ALLOWLIST_ANALYSIS_REPORT.md", + "BACKFILL_DEPLOYMENT_SUMMARY.md", + "CHANGELOG_V2.0.0.md", + "COMPREHENSIVE_ALLOWLIST_UPDATE.json", + "COPILOT_ALLOWLIST.json", + "CROSS_CHAIN_INTEGRATION.md", + "CryptonoutController/.github/workflows/bot-funding-deployment.yml", + "CryptonoutController/.github/workflows/cross-chain-deploy.yml", + "CryptonoutController/CHANGELOG_V2.0.0.md", + "CryptonoutController/CROSS_CHAIN_INTEGRATION.md", + "CryptonoutController/INTEGRATION_COMPLETE.md", + "CryptonoutController/SOLANA_MAINNET_ANNOUNCEMENT.md", + "CryptonoutController/VERCEL_DEPLOYMENT_ALLOWLIST.json", + "CryptonoutController/scripts/cross-chain-bridge.js", + "DAO_SIGNERS_REPORT.md", + "DEPLOYMENT_MANIFEST.json", + "DEPLOYMENT_STATUS.md", + "DEPLOYMENT_VERIFICATION.md", + "INTEGRATION_COMPLETE.md", + "NEW_AUTHORITY.md", + "SOLANA_MAINNET_ANNOUNCEMENT.md", + "SOLSCAN_VERIFICATION.md", + "VERCEL_DEPLOYMENT_ALLOWLIST.json", + "get_all_programs.js", + "program_results.json", + "scripts/check-deployment-signatures.sh", + "scripts/claim-to-treasury.sh", + "scripts/cross-chain-bridge.js", + "scripts/deploy-pentacle-contract.sh", + "scripts/verify-transactions.sh" + ] + }, + { + "address": "4gLAGDEHs6sJ6AMmLdAwCUx9NPmPLxoMCZ3yiKyAyQ1m", + "type": "solana", + "allowlisted": true, + "files": [ + "ALLOWLIST_ANALYSIS_REPORT.md", + "BACKFILL_DEPLOYMENT_SUMMARY.md", + "CHANGELOG_V2.0.0.md", + "COMPREHENSIVE_ALLOWLIST_UPDATE.json", + "COPILOT_ALLOWLIST.json", + "CryptonoutController/CHANGELOG_V2.0.0.md", + "CryptonoutController/SOLANA_MAINNET_ANNOUNCEMENT.md", + "CryptonoutController/VERCEL_DEPLOYMENT_ALLOWLIST.json", + "DAO_SIGNERS_REPORT.md", + "NEW_AUTHORITY.md", + "SOLANA_CLI_INSTALL.md", + "SOLANA_MAINNET_ANNOUNCEMENT.md", + "VERCEL_DEPLOYMENT_ALLOWLIST.json", + "scripts/check-deployment-signatures.sh", + "scripts/set-upgrade-authority.sh", + "scripts/upgrade-program-authority.sh" + ] + }, + { + "address": "4k3Dyjzvzp8eMZWUXbBCjEvwSkkk59S5iCNLY3QrkX6R", + "type": "solana", + "allowlisted": false, + "files": [ + "scripts/quicknode-cleanup.js", + "scripts/reannounce-contracts.js" + ] + }, + { + "address": "4p1FfVusdT83PxejTPLEz6ZQ4keN9LVEkKhzSt6PJ5zw", + "type": "solana", + "allowlisted": false, + "files": [ + "REPO_ANALYSIS.md", + "helius_lookup.js", + "search_native_programs.js" + ] + }, + { + "address": "5kDqr3kwfeLhz5rS9cb14Tj2ZZPSq7LddVsxYDV8DnUm", + "type": "solana", + "allowlisted": true, + "files": [ + "ALLOWLIST_ANALYSIS_REPORT.md", + "BACKFILL_DEPLOYMENT_SUMMARY.md", + "COMPREHENSIVE_ALLOWLIST_UPDATE.json", + "CryptonoutController/SOLANA_MAINNET_ANNOUNCEMENT.md", + "CryptonoutController/VERCEL_DEPLOYMENT_ALLOWLIST.json", + "DAO_SIGNERS_REPORT.md", + "DEPLOYMENT_VERIFICATION.md", + "NEW_AUTHORITY.md", + "SOLANA_MAINNET_ANNOUNCEMENT.md", + "VERCEL_DEPLOYMENT_ALLOWLIST.json", + "WALLET_CONNECTION_GUIDE.md", + "scripts/deploy-pentacle-contract.sh", + "scripts/real-deployment-guide.sh" + ] + }, + { + "address": "5ynYfAM7KZZXwT4dd2cZQnYhFNy1LUysE8m7Lxzjzh2p", + "type": "solana", + "allowlisted": true, + "files": [ + "ALLOWLIST_ANALYSIS_REPORT.md", + "COMPREHENSIVE_ALLOWLIST_UPDATE.json", + "CryptonoutController/VERCEL_DEPLOYMENT_ALLOWLIST.json", + "DEPLOYMENT_MANIFEST.json", + "VERCEL_DEPLOYMENT_ALLOWLIST.json" + ] + }, + { + "address": "61aq585V8cR2sZBeawJFt2NPqmN7zDi1sws4KLs5xHXV", + "type": "solana", + "allowlisted": false, + "files": [ + "REPO_ANALYSIS.md", + "search_native_programs.js" + ] + }, + { + "address": "675kPX9MHTjS2zt1qfr1NYHuzeLXfQM9H24wFSUt1Mp8", + "type": "solana", + "allowlisted": true, + "files": [ + "ALLOWLIST_ANALYSIS_REPORT.md", + "CHANGELOG_V2.0.0.md", + "COMPREHENSIVE_ALLOWLIST_UPDATE.json", + "CryptonoutController/CHANGELOG_V2.0.0.md", + "CryptonoutController/SOLANA_MAINNET_ANNOUNCEMENT.md", + "CryptonoutController/VERCEL_DEPLOYMENT_ALLOWLIST.json", + "DEPLOYMENT_MANIFEST.json", + "SOLANA_MAINNET_ANNOUNCEMENT.md", + "VERCEL_DEPLOYMENT_ALLOWLIST.json" + ] + }, + { + "address": "7uSCVM1MJPKctrSRzuFN7qfVoJX78q6V5q5JuzRPaK41", + "type": "solana", + "allowlisted": true, + "files": [ + ".github/workflows/bot-funding-deployment.yml", + "ALLOWLIST_ANALYSIS_REPORT.md", + "BOT_DEPLOYMENT_GUIDE.md", + "CHANGELOG_V2.0.0.md", + "COMPREHENSIVE_ALLOWLIST_UPDATE.json", + "CryptonoutController/.github/workflows/bot-funding-deployment.yml", + "CryptonoutController/BOT_DEPLOYMENT_GUIDE.md", + "CryptonoutController/CHANGELOG_V2.0.0.md", + "CryptonoutController/SOLANA_MAINNET_ANNOUNCEMENT.md", + "CryptonoutController/VERCEL_DEPLOYMENT_ALLOWLIST.json", + "DEPLOYMENT_MANIFEST.json", + "DEPLOYMENT_READY.md", + "DEPLOYMENT_STATUS.md", + "PUSH_TO_CRYPTONOUT.md", + "QUICK_DEPLOY.md", + "SOLANA_MAINNET_ANNOUNCEMENT.md", + "VERCEL_DEPLOYMENT_ALLOWLIST.json" + ] + }, + { + "address": "7ZyDFzet6sKgZLN4D89JLfo7chu2n7nYdkFt5RCFk8Sf", + "type": "solana", + "allowlisted": false, + "files": [ + "DEPLOYMENT_MANIFEST.json", + "MULTISIG_SIGNATURE_REQUEST.md", + "NEW_MASTER_CONTROLLER.md", + "PROGRAMS_WITH_SIGNATURES.md", + "REBATES_INCOME_REPORT.md", + "REPO_ANALYSIS.md", + "SECURITY_REPORT.md", + "SQUADS_MASTER_CONTROLLER.md", + "SYSTEM_STATUS_COMPLETE.md", + "get_programs_with_signatures.js", + "program_signatures.json", + "scripts/check-all-core.js", + "scripts/check-rebates-income.js", + "scripts/collect-assets.js", + "scripts/execute-authority-transfer.js", + "scripts/transfer-assets.js", + "scripts/verify-on-chain.js", + "scripts/verify-relayers-rebates.js" + ] + }, + { + "address": "89FnbsKH8n6FXCghGUijxh3snqx3e6VXJ7q1fQAHWkQQ", + "type": "solana", + "allowlisted": false, + "files": [ + "MULTISIG_SIGNATURE_REQUEST.md", + "REPO_ANALYSIS.md", + "scripts/check-all-core.js", + "scripts/execute-authority-transfer.js", + "scripts/verify-on-chain.js" + ] + }, + { + "address": "8cRrU1NzNpjL3k2BwjW3VixAcX6VFc29KHr4KZg8cs2Y", + "type": "solana", + "allowlisted": true, + "files": [ + "ALLOWLIST_ANALYSIS_REPORT.md", + "CHANGELOG_V2.0.0.md", + "COMPREHENSIVE_ALLOWLIST_UPDATE.json", + "CryptonoutController/CHANGELOG_V2.0.0.md", + "CryptonoutController/SOLANA_MAINNET_ANNOUNCEMENT.md", + "CryptonoutController/VERCEL_DEPLOYMENT_ALLOWLIST.json", + "DEPLOYMENT_MANIFEST.json", + "SOLANA_MAINNET_ANNOUNCEMENT.md", + "VERCEL_DEPLOYMENT_ALLOWLIST.json" + ] + }, + { + "address": "8duk9DzqBVXmqiyci9PpBsKuRCwg6ytzWywjQztM6VzS", + "type": "solana", + "allowlisted": true, + "files": [ + ".github/workflows/bot-funding-deployment.yml", + "ALLOWLIST_ANALYSIS_REPORT.md", + "BOT_DEPLOYMENT_GUIDE.md", + "CHANGELOG_V2.0.0.md", + "COMPREHENSIVE_ALLOWLIST_UPDATE.json", + "CryptonoutController/.github/workflows/bot-funding-deployment.yml", + "CryptonoutController/BOT_DEPLOYMENT_GUIDE.md", + "CryptonoutController/CHANGELOG_V2.0.0.md", + "CryptonoutController/SOLANA_MAINNET_ANNOUNCEMENT.md", + "CryptonoutController/VERCEL_DEPLOYMENT_ALLOWLIST.json", + "DEPLOYMENT_READY.md", + "DEPLOYMENT_STATUS.md", + "PUSH_TO_CRYPTONOUT.md", + "QUICK_DEPLOY.md", + "SOLANA_MAINNET_ANNOUNCEMENT.md", + "VERCEL_DEPLOYMENT_ALLOWLIST.json" + ] + }, + { + "address": "96383f45573cb7f253c731d3b3ab81c87ef81934", + "type": "solana", + "allowlisted": false, + "files": [ + ".github/workflows/docker-publish.yml" + ] + }, + { + "address": "96891wG6iLVEDibwjYv8xWFGFiEezFQkvdyTrM69ou24", + "type": "solana", + "allowlisted": true, + "files": [ + ".github/workflows/bot-funding-deployment.yml", + "ALLOWLIST_ANALYSIS_REPORT.md", + "BOT_DEPLOYMENT_GUIDE.md", + "CHANGELOG_V2.0.0.md", + "COMPREHENSIVE_ALLOWLIST_UPDATE.json", + "CryptonoutController/.github/workflows/bot-funding-deployment.yml", + "CryptonoutController/BOT_DEPLOYMENT_GUIDE.md", + "CryptonoutController/CHANGELOG_V2.0.0.md", + "CryptonoutController/SOLANA_MAINNET_ANNOUNCEMENT.md", + "CryptonoutController/VERCEL_DEPLOYMENT_ALLOWLIST.json", + "DEPLOYMENT_READY.md", + "DEPLOYMENT_STATUS.md", + "PUSH_TO_CRYPTONOUT.md", + "QUICK_DEPLOY.md", + "SOLANA_MAINNET_ANNOUNCEMENT.md", + "VERCEL_DEPLOYMENT_ALLOWLIST.json" + ] + }, + { + "address": "ATokenGPvbdGVxr1b2hvZbsiqW5xWH25efTNsLJA8knL", + "type": "solana", + "allowlisted": true, + "files": [ + "ALLOWLIST_ANALYSIS_REPORT.md", + "COMPREHENSIVE_ALLOWLIST_UPDATE.json", + "CryptonoutController/VERCEL_DEPLOYMENT_ALLOWLIST.json", + "REPO_ANALYSIS.md", + "SOLSCAN_VERIFICATION.md", + "VERCEL_DEPLOYMENT_ALLOWLIST.json", + "get_all_programs.js", + "program_results.json", + "scripts/claim-assets-simple.sh", + "scripts/claim-assets.js", + "scripts/claim-to-treasury.sh", + "search_native_programs.js" + ] + }, + { + "address": "BPFLoader2111111111111111111111111111111111", + "type": "solana", + "allowlisted": false, + "files": [ + "PROGRAMS_WITH_SIGNATURES.md", + "program_signatures.json" + ] + }, + { + "address": "BPFLoaderUpgradeab1e11111111111111111111111", + "type": "solana", + "allowlisted": false, + "files": [ + ".github/workflows/security-scan.yml", + "PROGRAMS_WITH_SIGNATURES.md", + "REPO_ANALYSIS.md", + "get_all_programs.js", + "program_results.json", + "program_signatures.json", + "scripts/execute-authority-transfer.js", + "scripts/transfer-authority-zero-cost.js", + "search_native_programs.js" + ] + }, + { + "address": "BYidGfUnfoQtqi4nHiuo57Fjreizbej6hawJLnbwJmYr", + "type": "solana", + "allowlisted": false, + "files": [ + "MULTISIG_SIGNATURE_REQUEST.md", + "REPO_ANALYSIS.md", + "scripts/check-all-core.js", + "scripts/execute-authority-transfer.js", + "scripts/verify-on-chain.js" + ] + }, + { + "address": "CHRDWWqUs6LyeeoD7pJb3iRfnvYeMfwMUtf2N7zWk7uh", + "type": "solana", + "allowlisted": false, + "files": [ + "MULTISIG_SIGNATURE_REQUEST.md", + "REPO_ANALYSIS.md", + "scripts/check-all-core.js", + "scripts/execute-authority-transfer.js", + "scripts/verify-on-chain.js" + ] + }, + { + "address": "Config1111111111111111111111111111111111111", + "type": "solana", + "allowlisted": false, + "files": [ + "search_native_programs.js" + ] + }, + { + "address": "cuNEagBQEHWN1FnbGEjCXL2szYEXqfJPbP2HNUaca9Y", + "type": "solana", + "allowlisted": false, + "files": [ + "go.sum" + ] + }, + { + "address": "CvQZZ23qYDWF2RUpxYJ8y9K4skmuvYEEjH7fK58jtipQ", + "type": "solana", + "allowlisted": true, + "files": [ + ".github/workflows/solana-monitor.yml", + "ALLOWLIST_ANALYSIS_REPORT.md", + "ANNOUNCEMENT_SUMMARY.md", + "AUTHORITY_ANNOUNCEMENT.md", + "BACKFILL_DEPLOYMENT_SUMMARY.md", + "CHANGELOG_V2.0.0.md", + "COMPREHENSIVE_ALLOWLIST_UPDATE.json", + "COPILOT_ALLOWLIST.json", + "CryptonoutController/CHANGELOG_V2.0.0.md", + "CryptonoutController/SOLANA_MAINNET_ANNOUNCEMENT.md", + "CryptonoutController/VERCEL_DEPLOYMENT_ALLOWLIST.json", + "CryptonoutController/scripts/cross-chain-bridge.js", + "DAO_SIGNERS_REPORT.md", + "DEPLOYMENT_MANIFEST.json", + "MULTISIG_SIGNATURE_REQUEST.md", + "NEW_MASTER_CONTROLLER.md", + "PROGRAMS_WITH_SIGNATURES.md", + "REBATES_INCOME_REPORT.md", + "REPO_ANALYSIS.md", + "SECURITY_REPORT.md", + "SOLANA_CLI_INSTALL.md", + "SOLANA_MAINNET_ANNOUNCEMENT.md", + "SYSTEM_STATUS_COMPLETE.md", + "VERCEL_DEPLOYMENT_ALLOWLIST.json", + "get_programs_with_signatures.js", + "program_signatures.json", + "scripts/analyze-repo-addresses.sh", + "scripts/check-all-core.js", + "scripts/check-deployment-signatures.sh", + "scripts/check-rebates-income.js", + "scripts/collect-assets.js", + "scripts/cross-chain-bridge.js", + "scripts/dao-signers.json", + "scripts/execute-authority-transfer.js", + "scripts/get-dao-signers.js", + "scripts/get-dao-signers.sh", + "scripts/reannounce-authority.js", + "scripts/repo-address-analysis.json", + "scripts/transfer-assets.js", + "scripts/transfer-authority-zero-cost.js", + "scripts/upgrade-program-authority.sh", + "scripts/verify-on-chain.js", + "scripts/verify-relayers-rebates.js" + ] + }, + { + "address": "DbhKvqweZECTyYQ7PRJoHmKt8f262fsBCGHxSaD5BPqA", + "type": "solana", + "allowlisted": true, + "files": [ + ".github/workflows/bot-funding-deployment.yml", + "ALLOWLIST_ANALYSIS_REPORT.md", + "BOT_DEPLOYMENT_GUIDE.md", + "CHANGELOG_V2.0.0.md", + "COMPREHENSIVE_ALLOWLIST_UPDATE.json", + "CryptonoutController/.github/workflows/bot-funding-deployment.yml", + "CryptonoutController/BOT_DEPLOYMENT_GUIDE.md", + "CryptonoutController/CHANGELOG_V2.0.0.md", + "CryptonoutController/SOLANA_MAINNET_ANNOUNCEMENT.md", + "CryptonoutController/VERCEL_DEPLOYMENT_ALLOWLIST.json", + "DEPLOYMENT_MANIFEST.json", + "DEPLOYMENT_READY.md", + "DEPLOYMENT_STATUS.md", + "PUSH_TO_CRYPTONOUT.md", + "QUICK_DEPLOY.md", + "SOLANA_MAINNET_ANNOUNCEMENT.md", + "VERCEL_DEPLOYMENT_ALLOWLIST.json" + ] + }, + { + "address": "DezXAZ8z7PnrnRJjz3wXBoRgixCa6xjnB7YaB1pPB263", + "type": "solana", + "allowlisted": false, + "files": [ + "scripts/quicknode-cleanup.js", + "scripts/reannounce-contracts.js" + ] + }, + { + "address": "Dg5NLa5JuwfRMkuwZEguD9RpVrcQD3536GxogUv7pLNV", + "type": "solana", + "allowlisted": false, + "files": [ + "MULTISIG_SIGNATURE_REQUEST.md", + "REPO_ANALYSIS.md", + "scripts/check-all-core.js", + "scripts/execute-authority-transfer.js", + "scripts/verify-on-chain.js" + ] + }, + { + "address": "DHBDPUkLLYCRAiyrgFBgvWfevquFkLR1TjGXKD4M4JPD", + "type": "solana", + "allowlisted": true, + "files": [ + "ALLOWLIST_ANALYSIS_REPORT.md", + "COMPREHENSIVE_ALLOWLIST_UPDATE.json", + "CryptonoutController/VERCEL_DEPLOYMENT_ALLOWLIST.json", + "DEPLOYMENT_MANIFEST.json", + "VERCEL_DEPLOYMENT_ALLOWLIST.json" + ] + }, + { + "address": "DjVE6JNiYqPL2QXyCUUh8rNjHrbz9hXHNYt99MQ59qw1", + "type": "solana", + "allowlisted": true, + "files": [ + "ALLOWLIST_ANALYSIS_REPORT.md", + "ANNOUNCEMENT_SUMMARY.md", + "BACKFILL_DEPLOYMENT_SUMMARY.md", + "CHANGELOG_V2.0.0.md", + "COMPREHENSIVE_ALLOWLIST_UPDATE.json", + "COPILOT_ALLOWLIST.json", + "CryptonoutController/CHANGELOG_V2.0.0.md", + "CryptonoutController/SOLANA_MAINNET_ANNOUNCEMENT.md", + "CryptonoutController/VERCEL_DEPLOYMENT_ALLOWLIST.json", + "DAO_SIGNERS_REPORT.md", + "DEPLOYMENT_MANIFEST.json", + "PROGRAMS_WITH_SIGNATURES.md", + "REPO_ANALYSIS.md", + "SOLANA_CLI_INSTALL.md", + "SOLANA_MAINNET_ANNOUNCEMENT.md", + "SOLSCAN_VERIFICATION.md", + "VERCEL_DEPLOYMENT_ALLOWLIST.json", + "WALLET_CONNECTION_GUIDE.md", + "get_programs_with_signatures.js", + "program_signatures.json", + "scripts/analyze-repo-addresses.sh", + "scripts/check-deployment-signatures.sh", + "scripts/check-solscan-assets.sh", + "scripts/claim-assets-simple.sh", + "scripts/claim-assets.js", + "scripts/claim-to-treasury.sh", + "scripts/repo-address-analysis.json", + "scripts/upgrade-program-authority.sh" + ] + }, + { + "address": "DWpWsitgmSgYmy2dQdWyKC1694ELPqMs", + "type": "solana", + "allowlisted": false, + "files": [ + "package-lock.json" + ] + }, + { + "address": "EAy5Nfn6fhs4ixC4sMcKQYQaoedLokpWqbfDtWURCnk6", + "type": "solana", + "allowlisted": true, + "files": [ + "ALLOWLIST_ANALYSIS_REPORT.md", + "COMPREHENSIVE_ALLOWLIST_UPDATE.json", + "CryptonoutController/VERCEL_DEPLOYMENT_ALLOWLIST.json", + "DEPLOYMENT_MANIFEST.json", + "VERCEL_DEPLOYMENT_ALLOWLIST.json" + ] + }, + { + "address": "EdFC98d1BBhJkeh7KDq26TwEGLeznhoyYsY6Y8LFY4y6", + "type": "solana", + "allowlisted": true, + "files": [ + "ALLOWLIST_ANALYSIS_REPORT.md", + "COMPREHENSIVE_ALLOWLIST_UPDATE.json", + "CROSS_CHAIN_INTEGRATION.md", + "CryptonoutController/CROSS_CHAIN_INTEGRATION.md", + "CryptonoutController/SOLANA_MAINNET_ANNOUNCEMENT.md", + "CryptonoutController/VERCEL_DEPLOYMENT_ALLOWLIST.json", + "SOLANA_MAINNET_ANNOUNCEMENT.md", + "VERCEL_DEPLOYMENT_ALLOWLIST.json" + ] + }, + { + "address": "EhJqf1p39c8NnH5iuZAJyw778LQua1AhZWxarT5SF8sT", + "type": "solana", + "allowlisted": false, + "files": [ + "MULTISIG_SIGNATURE_REQUEST.md", + "REPO_ANALYSIS.md", + "scripts/check-all-core.js", + "scripts/execute-authority-transfer.js", + "scripts/verify-on-chain.js" + ] + }, + { + "address": "EoRJaGA4iVSQWDyv5Q3ThBXx1KGqYyos3gaXUFEiqUSN", + "type": "solana", + "allowlisted": true, + "files": [ + "ALLOWLIST_ANALYSIS_REPORT.md", + "BACKFILL_DEPLOYMENT_SUMMARY.md", + "COMPREHENSIVE_ALLOWLIST_UPDATE.json", + "CryptonoutController/SOLANA_MAINNET_ANNOUNCEMENT.md", + "CryptonoutController/VERCEL_DEPLOYMENT_ALLOWLIST.json", + "DEPLOYMENT_MANIFEST.json", + "SOLANA_MAINNET_ANNOUNCEMENT.md", + "VERCEL_DEPLOYMENT_ALLOWLIST.json" + ] + }, + { + "address": "EPjFWdd5AufqSSqeM2qN1xzybapC8G4wEGGkZwyTDt1v", + "type": "solana", + "allowlisted": true, + "files": [ + "ALLOWLIST_ANALYSIS_REPORT.md", + "COMPREHENSIVE_ALLOWLIST_UPDATE.json", + "CryptonoutController/VERCEL_DEPLOYMENT_ALLOWLIST.json", + "EVM_EXECUTOR_ADDRESSES.md", + "REPO_ANALYSIS.md", + "VERCEL_DEPLOYMENT_ALLOWLIST.json", + "scripts/claim-assets-simple.sh", + "scripts/claim-assets.js", + "scripts/collect-assets.js", + "scripts/quicknode-cleanup.js", + "scripts/reannounce-contracts.js" + ] + }, + { + "address": "Es9vMFrzaCERmJfrF4H2FYD4KCoNkY11McCe8BenwNYB", + "type": "solana", + "allowlisted": false, + "files": [ + "REPO_ANALYSIS.md", + "scripts/claim-assets-simple.sh", + "scripts/claim-assets.js", + "scripts/collect-assets.js", + "scripts/quicknode-cleanup.js", + "scripts/reannounce-contracts.js" + ] + }, + { + "address": "F2EkpVd3pKLUi9u9BU794t3mWscJXzUAVw1WSjogTQuR", + "type": "solana", + "allowlisted": true, + "files": [ + "ALLOWLIST_ANALYSIS_REPORT.md", + "BACKFILL_DEPLOYMENT_SUMMARY.md", + "COMPREHENSIVE_ALLOWLIST_UPDATE.json", + "CryptonoutController/SOLANA_MAINNET_ANNOUNCEMENT.md", + "CryptonoutController/VERCEL_DEPLOYMENT_ALLOWLIST.json", + "DEPLOYMENT_MANIFEST.json", + "SOLANA_MAINNET_ANNOUNCEMENT.md", + "VERCEL_DEPLOYMENT_ALLOWLIST.json" + ] + }, + { + "address": "FsQPFuje4WMdvbyoVef6MRMuzNZt9E8HM9YBN8T3Zbdq", + "type": "solana", + "allowlisted": true, + "files": [ + ".github/workflows/full-deployment.yml", + "ALLOWLIST_ANALYSIS_REPORT.md", + "BACKFILL_DEPLOYMENT_SUMMARY.md", + "COMPREHENSIVE_ALLOWLIST_UPDATE.json", + "CryptonoutController/SOLANA_MAINNET_ANNOUNCEMENT.md", + "CryptonoutController/VERCEL_DEPLOYMENT_ALLOWLIST.json", + "DEPLOYMENT_LOG.md", + "DEPLOYMENT_MANIFEST.json", + "REPO_ANALYSIS.md", + "SIGNER_STATUS.md", + "SOLANA_MAINNET_ANNOUNCEMENT.md", + "VERCEL_DEPLOYMENT_ALLOWLIST.json", + "WALLET_CONNECTION_GUIDE.md", + "scripts/check-deployment-signatures.sh", + "scripts/check-signer-ready.js", + "scripts/collect-assets.js" + ] + }, + { + "address": "FVhQ3QHvXudWSdGix2sdcG47YmrmUxRhf3KCBmiKfekf", + "type": "solana", + "allowlisted": false, + "files": [ + "DEPLOYMENT_MANIFEST.json", + "REANNOUNCEMENT.md", + "REBATES_INCOME_REPORT.md", + "REPO_ANALYSIS.md", + "SECURITY_REPORT.md", + "SYSTEM_STATUS_COMPLETE.md", + "scripts/check-all-core.js", + "scripts/check-rebates-income.js", + "scripts/helius-account-info.js", + "scripts/reannounce-with-new-controller.js", + "scripts/verify-relayers-rebates.js" + ] + }, + { + "address": "FZxmYkA6axyK3Njh3YNWXtybw9GgniVrXowS1pAAyrD1", + "type": "solana", + "allowlisted": true, + "files": [ + "ALLOWLIST_ANALYSIS_REPORT.md", + "COMPREHENSIVE_ALLOWLIST_UPDATE.json", + "CryptonoutController/VERCEL_DEPLOYMENT_ALLOWLIST.json", + "DEPLOYMENT_MANIFEST.json", + "VERCEL_DEPLOYMENT_ALLOWLIST.json" + ] + }, + { + "address": "GENEtH5amGSi8kHAtQoezp1XEXwZJ8vcuePYnXdKrMYz", + "type": "solana", + "allowlisted": true, + "files": [ + ".github/workflows/full-deployment.yml", + "ALLOWLIST_ANALYSIS_REPORT.md", + "ANNOUNCEMENT_SUMMARY.md", + "BACKFILL_DEPLOYMENT_SUMMARY.md", + "CHANGELOG_V2.0.0.md", + "COMPREHENSIVE_ALLOWLIST_UPDATE.json", + "COPILOT_ALLOWLIST.json", + "CryptonoutController/CHANGELOG_V2.0.0.md", + "CryptonoutController/SOLANA_MAINNET_ANNOUNCEMENT.md", + "CryptonoutController/VERCEL_DEPLOYMENT_ALLOWLIST.json", + "CryptonoutController/scripts/cross-chain-bridge.js", + "DAO_SIGNERS_REPORT.md", + "DEPLOYMENT_LOG.md", + "DEPLOYMENT_MANIFEST.json", + "PROGRAMS_WITH_SIGNATURES.md", + "REPO_ANALYSIS.md", + "SOLANA_CLI_INSTALL.md", + "SOLANA_MAINNET_ANNOUNCEMENT.md", + "SOLSCAN_VERIFICATION.md", + "VERCEL_DEPLOYMENT_ALLOWLIST.json", + "WALLET_CONNECTION_GUIDE.md", + "get_programs_with_signatures.js", + "package.json", + "program_signatures.json", + "scripts/analyze-repo-addresses.sh", + "scripts/check-deployment-signatures.sh", + "scripts/check-solscan-assets.sh", + "scripts/claim-assets-simple.sh", + "scripts/claim-assets.js", + "scripts/claim-to-treasury.sh", + "scripts/cross-chain-bridge.js", + "scripts/repo-address-analysis.json", + "scripts/upgrade-program-authority.sh" + ] + }, + { + "address": "getLatestPendingReviewQueryParams", + "type": "solana", + "allowlisted": false, + "files": [ + "pkg/github/pullrequests_test.go" + ] + }, + { + "address": "getLatestPendingReviewQueryReview", + "type": "solana", + "allowlisted": false, + "files": [ + "pkg/github/pullrequests_test.go" + ] + }, + { + "address": "GetRepositoryResourceBranchContent", + "type": "solana", + "allowlisted": false, + "files": [ + "pkg/github/repository_resource.go", + "pkg/github/repository_resource_test.go", + "pkg/github/tools.go" + ] + }, + { + "address": "GetRepositoryResourceCommitContent", + "type": "solana", + "allowlisted": false, + "files": [ + "pkg/github/repository_resource.go", + "pkg/github/repository_resource_test.go", + "pkg/github/tools.go" + ] + }, + { + "address": "GGG2JyBtwbPAsYwUQED8GBbj9UMi7NQa3uwN3DmyGNtz", + "type": "solana", + "allowlisted": false, + "files": [ + "MULTISIG_SIGNATURE_REQUEST.md", + "REPO_ANALYSIS.md", + "scripts/check-all-core.js", + "scripts/execute-authority-transfer.js", + "scripts/verify-on-chain.js" + ] + }, + { + "address": "GLzZk1sczzW6fM4uPFeQCtTZQaf8H5VaBt99tUMbJAAW", + "type": "solana", + "allowlisted": false, + "files": [ + ".github/workflows/solana-monitor.yml", + "AUTHORITY_ANNOUNCEMENT.md", + "DEPLOYMENT_MANIFEST.json", + "MULTISIG_SIGNATURE_REQUEST.md", + "NEW_MASTER_CONTROLLER.md", + "PROGRAMS_WITH_SIGNATURES.md", + "REANNOUNCEMENT.md", + "REPO_ANALYSIS.md", + "SIGNER_STATUS.md", + "SYSTEM_STATUS_COMPLETE.md", + "get_programs_with_signatures.js", + "program_signatures.json", + "scripts/check-all-core.js", + "scripts/check-signer-ready.js", + "scripts/collect-assets.js", + "scripts/execute-authority-transfer.js", + "scripts/reannounce-authority.js", + "scripts/reannounce-with-new-controller.js", + "scripts/send-assets-with-signature.js", + "scripts/transfer-assets.js", + "scripts/transfer-authority-zero-cost.js", + "scripts/verify-on-chain.js" + ] + }, + { + "address": "HeLiuSrpc1111111111111111111111111111111111", + "type": "solana", + "allowlisted": false, + "files": [ + ".env.example", + "SECURITY_REPORT.md", + "SYSTEM_STATUS_COMPLETE.md", + "scripts/verify-relayers-rebates.js" + ] + }, + { + "address": "HKBJoeUWH6pUQuLd9CZWrJBzGSE9roEW4bshnxd9AHsR", + "type": "solana", + "allowlisted": true, + "files": [ + ".github/workflows/bot-funding-deployment.yml", + "ALLOWLIST_ANALYSIS_REPORT.md", + "BOT_DEPLOYMENT_GUIDE.md", + "CHANGELOG_V2.0.0.md", + "COMPREHENSIVE_ALLOWLIST_UPDATE.json", + "CryptonoutController/.github/workflows/bot-funding-deployment.yml", + "CryptonoutController/ALLOWLIST_WORKFLOW_GUIDE.md", + "CryptonoutController/BOT_DEPLOYMENT_GUIDE.md", + "CryptonoutController/CHANGELOG_V2.0.0.md", + "CryptonoutController/SOLANA_MAINNET_ANNOUNCEMENT.md", + "CryptonoutController/VERCEL_DEPLOYMENT_ALLOWLIST.json", + "DEPLOYMENT_MANIFEST.json", + "DEPLOYMENT_READY.md", + "DEPLOYMENT_STATUS.md", + "PUSH_TO_CRYPTONOUT.md", + "QUICK_DEPLOY.md", + "SOLANA_MAINNET_ANNOUNCEMENT.md", + "VERCEL_DEPLOYMENT_ALLOWLIST.json" + ] + }, + { + "address": "HUwjG8LFabw28vJsQNoLXjxuzgdLhjGQw1DHZggzt76", + "type": "solana", + "allowlisted": true, + "files": [ + "ALLOWLIST_ANALYSIS_REPORT.md", + "COMPREHENSIVE_ALLOWLIST_UPDATE.json", + "CryptonoutController/VERCEL_DEPLOYMENT_ALLOWLIST.json", + "DEPLOYMENT_MANIFEST.json", + "VERCEL_DEPLOYMENT_ALLOWLIST.json" + ] + }, + { + "address": "iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ", + "type": "solana", + "allowlisted": false, + "files": [ + "go.sum" + ] + }, + { + "address": "J1toHzrhyxaoFTUoxrceFMSqd1vTdZ1Wat3xQVa8E5Jt", + "type": "solana", + "allowlisted": true, + "files": [ + "CHANGELOG_V2.0.0.md", + "COMPREHENSIVE_ALLOWLIST_UPDATE.json", + "CryptonoutController/CHANGELOG_V2.0.0.md", + "CryptonoutController/SOLANA_MAINNET_ANNOUNCEMENT.md", + "CryptonoutController/VERCEL_DEPLOYMENT_ALLOWLIST.json", + "DAO_SIGNERS_REPORT.md", + "SOLANA_MAINNET_ANNOUNCEMENT.md", + "VERCEL_DEPLOYMENT_ALLOWLIST.json", + "scripts/dao-signers.json" + ] + }, + { + "address": "jaJrDgf4U8DAZcUD3t5AwL7Cfe2QnkpXZXGegdUHc4ZE", + "type": "solana", + "allowlisted": true, + "files": [ + "ALLOWLIST_ANALYSIS_REPORT.md", + "CHANGELOG_V2.0.0.md", + "COMPREHENSIVE_ALLOWLIST_UPDATE.json", + "CryptonoutController/CHANGELOG_V2.0.0.md", + "CryptonoutController/SOLANA_MAINNET_ANNOUNCEMENT.md", + "CryptonoutController/VERCEL_DEPLOYMENT_ALLOWLIST.json", + "DEPLOYMENT_MANIFEST.json", + "SOLANA_MAINNET_ANNOUNCEMENT.md", + "VERCEL_DEPLOYMENT_ALLOWLIST.json", + "get_all_programs.js", + "program_results.json" + ] + }, + { + "address": "JUP6LkbZbjS1jKKwapdHNy74zcZ3tLUZoi5QNyVTaV4", + "type": "solana", + "allowlisted": true, + "files": [ + ".github/workflows/security-scan.yml", + ".github/workflows/solana-monitor.yml", + "ALLOWLIST_ANALYSIS_REPORT.md", + "AUTHORITY_ANNOUNCEMENT.md", + "CHANGELOG_V2.0.0.md", + "COMPREHENSIVE_ALLOWLIST_UPDATE.json", + "CryptonoutController/CHANGELOG_V2.0.0.md", + "CryptonoutController/SOLANA_MAINNET_ANNOUNCEMENT.md", + "CryptonoutController/VERCEL_DEPLOYMENT_ALLOWLIST.json", + "DEPLOYMENT_MANIFEST.json", + "MULTISIG_SIGNATURE_REQUEST.md", + "NEW_MASTER_CONTROLLER.md", + "PROGRAMS_WITH_SIGNATURES.md", + "REPO_ANALYSIS.md", + "SOLANA_MAINNET_ANNOUNCEMENT.md", + "SOLSCAN_VERIFICATION.md", + "SYSTEM_STATUS_COMPLETE.md", + "VERCEL_DEPLOYMENT_ALLOWLIST.json", + "get_all_programs.js", + "get_programs_with_signatures.js", + "program_results.json", + "program_signatures.json", + "scripts/check-all-core.js", + "scripts/check-jupiter-program.sh", + "scripts/claim-to-treasury.sh", + "scripts/execute-authority-transfer.js", + "scripts/quicknode-priority-fee.js", + "scripts/reannounce-authority.js", + "scripts/transfer-authority-zero-cost.js", + "scripts/verify-on-chain.js" + ] + }, + { + "address": "JUPyiwrYJFskUPiHa7hkeR8VUtAeFoSYbKedZNsDvCN", + "type": "solana", + "allowlisted": false, + "files": [ + "scripts/quicknode-cleanup.js", + "scripts/reannounce-contracts.js" + ] + }, + { + "address": "K6U4dQ8jANMEqQQycXYiDcf3172NGefpQBzdDbavQbA", + "type": "solana", + "allowlisted": false, + "files": [ + "REPO_ANALYSIS.md", + "helius_lookup.js", + "search_native_programs.js" + ] + }, + { + "address": "KTk8SrYvCqwP2WcgQjoRCiF5b4QDvkkz8EmgD", + "type": "solana", + "allowlisted": false, + "files": [ + "package-lock.json" + ] + }, + { + "address": "LBUZKhRxPF3XUpBCjp4YzTKgLccjZhTSDM9YuVaPwxo", + "type": "solana", + "allowlisted": true, + "files": [ + "ALLOWLIST_ANALYSIS_REPORT.md", + "CHANGELOG_V2.0.0.md", + "COMPREHENSIVE_ALLOWLIST_UPDATE.json", + "CryptonoutController/CHANGELOG_V2.0.0.md", + "CryptonoutController/SOLANA_MAINNET_ANNOUNCEMENT.md", + "CryptonoutController/VERCEL_DEPLOYMENT_ALLOWLIST.json", + "DEPLOYMENT_MANIFEST.json", + "SOLANA_MAINNET_ANNOUNCEMENT.md", + "VERCEL_DEPLOYMENT_ALLOWLIST.json" + ] + }, + { + "address": "ListRepositorySecurityAdvisories", + "type": "solana", + "allowlisted": false, + "files": [ + "pkg/github/security_advisories.go", + "pkg/github/security_advisories_test.go", + "pkg/github/tools.go" + ] + }, + { + "address": "ManageRepositoryNotificationSubscription", + "type": "solana", + "allowlisted": false, + "files": [ + "pkg/github/notifications.go", + "pkg/github/notifications_test.go", + "pkg/github/tools.go" + ] + }, + { + "address": "MangoCzJ36AjZyKwVj3VnYU4GTonjfVEnJmvvWaxLac", + "type": "solana", + "allowlisted": false, + "files": [ + "scripts/quicknode-cleanup.js", + "scripts/reannounce-contracts.js" + ] + }, + { + "address": "metaqbxxUerdq28cj1RbAWkYQm3ybzjb6a8bt518x1s", + "type": "solana", + "allowlisted": true, + "files": [ + "ALLOWLIST_ANALYSIS_REPORT.md", + "COMPREHENSIVE_ALLOWLIST_UPDATE.json", + "CryptonoutController/VERCEL_DEPLOYMENT_ALLOWLIST.json", + "SOLSCAN_VERIFICATION.md", + "VERCEL_DEPLOYMENT_ALLOWLIST.json", + "scripts/claim-assets-simple.sh", + "scripts/claim-assets.js", + "scripts/claim-to-treasury.sh" + ] + }, + { + "address": "MPCSystem1111111111111111111111111111111111", + "type": "solana", + "allowlisted": false, + "files": [ + "scripts/quicknode-cleanup.js" + ] + }, + { + "address": "mQBipzeneXqnAkWNL8raGvrj2c8dJv87LXs2Hn7BeXk", + "type": "solana", + "allowlisted": true, + "files": [ + "CHANGELOG_V2.0.0.md", + "COMPREHENSIVE_ALLOWLIST_UPDATE.json", + "CryptonoutController/CHANGELOG_V2.0.0.md", + "CryptonoutController/SOLANA_MAINNET_ANNOUNCEMENT.md", + "CryptonoutController/VERCEL_DEPLOYMENT_ALLOWLIST.json", + "DAO_SIGNERS_REPORT.md", + "SOLANA_MAINNET_ANNOUNCEMENT.md", + "VERCEL_DEPLOYMENT_ALLOWLIST.json", + "scripts/dao-signers.json" + ] + }, + { + "address": "NativeLoader1111111111111111111111111111111", + "type": "solana", + "allowlisted": false, + "files": [ + "PROGRAMS_WITH_SIGNATURES.md", + "program_signatures.json" + ] + }, + { + "address": "NqGHDaaLWmND7uShuaZkVbGNQFy6pS96qHyfR3pGR2d", + "type": "solana", + "allowlisted": true, + "files": [ + ".github/workflows/bot-funding-deployment.yml", + "ALLOWLIST_ANALYSIS_REPORT.md", + "BOT_DEPLOYMENT_GUIDE.md", + "CHANGELOG_V2.0.0.md", + "COMPREHENSIVE_ALLOWLIST_UPDATE.json", + "CryptonoutController/.github/workflows/bot-funding-deployment.yml", + "CryptonoutController/ALLOWLIST_WORKFLOW_GUIDE.md", + "CryptonoutController/BOT_DEPLOYMENT_GUIDE.md", + "CryptonoutController/CHANGELOG_V2.0.0.md", + "CryptonoutController/SOLANA_MAINNET_ANNOUNCEMENT.md", + "CryptonoutController/VERCEL_DEPLOYMENT_ALLOWLIST.json", + "DEPLOYMENT_MANIFEST.json", + "DEPLOYMENT_READY.md", + "DEPLOYMENT_STATUS.md", + "PUSH_TO_CRYPTONOUT.md", + "QUICK_DEPLOY.md", + "SOLANA_MAINNET_ANNOUNCEMENT.md", + "VERCEL_DEPLOYMENT_ALLOWLIST.json" + ] + }, + { + "address": "Nvs5fzBLwdEF4nuxnFdsfajde4WfxtJr3CaiH", + "type": "solana", + "allowlisted": false, + "files": [ + "package-lock.json" + ] + }, + { + "address": "orcaEKTdK7LKz57vaAYr9QeNsVEPfiu6QeMU1kektZE", + "type": "solana", + "allowlisted": false, + "files": [ + "scripts/quicknode-cleanup.js", + "scripts/reannounce-contracts.js" + ] + }, + { + "address": "ProcessResponseAsRingBufferToEnd", + "type": "solana", + "allowlisted": false, + "files": [ + "pkg/buffer/buffer.go", + "pkg/github/actions.go", + "pkg/github/actions_test.go" + ] + }, + { + "address": "RepositorySubscriptionActionWatch", + "type": "solana", + "allowlisted": false, + "files": [ + "pkg/github/notifications.go" + ] + }, + { + "address": "SMPLecH534NA9acpos4G6x7uf3LWbCAwZQE9e8ZekMu", + "type": "solana", + "allowlisted": false, + "files": [ + "MULTISIG_SIGNATURE_REQUEST.md", + "NEW_MASTER_CONTROLLER.md", + "PROGRAMS_WITH_SIGNATURES.md", + "REPO_ANALYSIS.md", + "SQUADS_MASTER_CONTROLLER.md", + "SYSTEM_STATUS_COMPLETE.md", + "get_programs_with_signatures.js", + "program_signatures.json", + "scripts/check-all-core.js", + "scripts/verify-on-chain.js" + ] + }, + { + "address": "So11111111111111111111111111111111111111112", + "type": "solana", + "allowlisted": false, + "files": [ + "PROGRAMS_WITH_SIGNATURES.md", + "REPO_ANALYSIS.md", + "get_all_programs.js", + "get_programs_with_signatures.js", + "program_results.json", + "program_signatures.json", + "scripts/claim-assets-simple.sh", + "scripts/claim-assets.js", + "scripts/quicknode-cleanup.js", + "scripts/reannounce-contracts.js", + "search_native_programs.js" + ] + }, + { + "address": "SRMuApVNdxXokk5GT7XD5cUUgXMBCoAz2LHeuAoKWRt", + "type": "solana", + "allowlisted": false, + "files": [ + "scripts/quicknode-cleanup.js", + "scripts/reannounce-contracts.js" + ] + }, + { + "address": "Stake11111111111111111111111111111111111111", + "type": "solana", + "allowlisted": false, + "files": [ + "COMPREHENSIVE_ALLOWLIST_UPDATE.json", + "REPO_ANALYSIS.md", + "get_all_programs.js", + "program_results.json", + "search_native_programs.js" + ] + }, + { + "address": "T1pyyaTNZsKv2WcRAB8oVnk93mLJw2XzjtVYqCsaHqt", + "type": "solana", + "allowlisted": false, + "files": [ + "SOLSCAN_VERIFICATION.md", + "scripts/check-solscan-assets.sh", + "scripts/claim-assets-simple.sh", + "scripts/claim-assets.js", + "scripts/claim-to-treasury.sh" + ] + }, + { + "address": "TokenkegQfeZyiNwAJbNbGKPFXCWuBvf9Ss623VQ5DA", + "type": "solana", + "allowlisted": true, + "files": [ + "ALLOWLIST_ANALYSIS_REPORT.md", + "COMPREHENSIVE_ALLOWLIST_UPDATE.json", + "CryptonoutController/VERCEL_DEPLOYMENT_ALLOWLIST.json", + "PROGRAMS_WITH_SIGNATURES.md", + "REPO_ANALYSIS.md", + "SOLSCAN_VERIFICATION.md", + "VERCEL_DEPLOYMENT_ALLOWLIST.json", + "get_all_programs.js", + "get_programs_with_signatures.js", + "program_results.json", + "program_signatures.json", + "scripts/claim-assets-simple.sh", + "scripts/claim-assets.js", + "scripts/claim-to-treasury.sh", + "search_native_programs.js" + ] + }, + { + "address": "TokenzQdBNbLqP5VEhdkAS6EPFLC1PHnBqCXEpPxuEb", + "type": "solana", + "allowlisted": true, + "files": [ + "ALLOWLIST_ANALYSIS_REPORT.md", + "COMPREHENSIVE_ALLOWLIST_UPDATE.json", + "CryptonoutController/VERCEL_DEPLOYMENT_ALLOWLIST.json", + "VERCEL_DEPLOYMENT_ALLOWLIST.json" + ] + }, + { + "address": "Vote111111111111111111111111111111111111111", + "type": "solana", + "allowlisted": false, + "files": [ + "REPO_ANALYSIS.md", + "get_all_programs.js", + "program_results.json", + "search_native_programs.js" + ] + }, + { + "address": "WENWENvqqNya429ubCdR81ZmD69brwQaaBYY6p3LCpk", + "type": "solana", + "allowlisted": false, + "files": [ + "scripts/quicknode-cleanup.js", + "scripts/reannounce-contracts.js" + ] + }, + { + "address": "xz7wQ8xDhdyP7tQxwdteLYeFfS68tSMNCZ", + "type": "solana", + "allowlisted": false, + "files": [ + "package-lock.json" + ] + }, + { + "address": "yZcddTUn8DPbj11GxnMrNiAnXH14gNs559AsUpNpPgM", + "type": "solana", + "allowlisted": false, + "files": [ + "go.sum" + ] + }, + { + "address": "zhBqbd9tSQFPevg4188JxcgpccCj3t1Jxb29zsBc2R4", + "type": "solana", + "allowlisted": true, + "files": [ + "ALLOWLIST_ANALYSIS_REPORT.md", + "BACKFILL_DEPLOYMENT_SUMMARY.md", + "COMPREHENSIVE_ALLOWLIST_UPDATE.json", + "CryptonoutController/VERCEL_DEPLOYMENT_ALLOWLIST.json", + "DEPLOYMENT_MANIFEST.json", + "VERCEL_DEPLOYMENT_ALLOWLIST.json" + ] + } + ] +} \ No newline at end of file diff --git a/docs/cryptogene_agent_blueprint.md b/docs/cryptogene_agent_blueprint.md new file mode 100644 index 000000000..4a5f48967 --- /dev/null +++ b/docs/cryptogene_agent_blueprint.md @@ -0,0 +1,122 @@ +# CryptoGene Agent Blueprint (Year 2500 Transmission) + +_Transmission from 2500_: this document sketches a production-ready agent architecture inspired by **Agent-R1 (end-to-end RL)** and **SEAL (self-adapting LLMs)**. It provides a blueprint you can implement in this repo without embedding credentials. + +## 1) Mission & Capabilities +**Primary goals** +- Persistent, tool-using LLM agent that can plan, act, and learn from outcomes. +- End-to-end reinforcement learning for policy improvement (Agent‑R1). +- Self-editing and self-adaptation loop that updates prompts, datasets, and policies (SEAL). + +**Core capabilities** +- Multi-step planning and tool execution. +- Long-horizon memory (episodic + semantic). +- Safe execution policies with permissions and audit logs. +- Offline evaluation, continuous learning, and rollback. + +## 2) System Topology (Modules) +``` +User ──► Orchestrator ──► Planner ──► Tool Router ──► Executors + β”‚ β”‚ β”‚ + β”œβ”€β”€β”€β”€β”€β”€β”€β”€β–Ί Memory β”œβ”€β”€β”€β”€β”€β”€β”€β”€β–Ί Evaluator + β”‚ β”‚ β”‚ + └────────► Policy Store β—„β”€β”€β”€β”€β”€β”€β”€β”˜ +``` + +### 2.1 Orchestrator +- Handles session lifecycle, safety gating, and tool budget. +- Maintains environment state and telemetry. + +### 2.2 Planner (Agent-R1) +- Generates action plans and expected outcomes. +- Produces structured actions (tool, args, constraints). +- Optimized via RL: reward from task success, safety, and efficiency. + +### 2.3 Tool Router +- Validates tool inputs (schema, permissions). +- Enforces rate limits and sandboxing. +- Logs tool I/O for training and audits. + +### 2.4 Memory +- **Episodic**: conversation + actions + results. +- **Semantic**: distilled knowledge cards. +- **Procedural**: reusable workflows. + +### 2.5 Evaluator +- Scores outcomes against objectives. +- Produces reward signals for RL and quality metrics. +- Flags unsafe or low-confidence actions. + +### 2.6 Policy Store +- Tracks policy checkpoints and evaluation metrics. +- Supports rollback and A/B testing. +- Manages β€œself-edits” from SEAL-style adaptation. + +## 3) Agent-R1 Training Loop (End-to-End RL) +1. **Initialize policy** with supervised prompts, tool schemas, and a safety baseline. +2. **Collect rollouts** by executing tasks with tool usage. +3. **Compute rewards**: + - Task success + - Safety compliance + - Efficiency (steps/latency) + - Robustness (error recovery) +4. **Update policy** using RL (e.g., PPO) with safety constraints. +5. **Validate** on held-out tasks and adversarial cases. + +## 4) SEAL Self-Adaptation Loop +1. **Generate self-edits**: new prompts, tool policies, or synthetic data. +2. **Local finetune** on self-edits + curated datasets. +3. **Evaluate** on benchmark and regression suite. +4. **Promote** if metrics improve; **rollback** otherwise. + +## 5) Data & Evaluation +**Data sources** +- Tool execution logs (inputs/outputs). +- Human feedback (ratings, corrections). +- Synthetic scenarios (hard cases, edge cases). + +**Evaluation suite** +- Task success rate. +- Safety constraint adherence. +- Robustness to tool failures. +- Cost/latency budgets. + +## 6) Safety & Governance +- Permissioned tools (read/write separation). +- Red-team test tasks with automatic rejection rules. +- Audit trails for all tool actions. +- Emergency stop + rollback. + +## 7) Implementation Checklist +- [ ] Define tool schemas and permissions. +- [ ] Create memory store (vector + structured). +- [ ] Build planner β†’ tool router β†’ executor pipeline. +- [ ] Add evaluator with reward shaping. +- [ ] Log all rollouts for RL + SEAL loops. +- [ ] Add policy registry and checkpointing. + +## 8) Minimal Runtime Config (Example) +```yaml +agent: + name: CryptoGene + planner: agent_r1 + self_adapt: seal + memory: + episodic: true + semantic: true + safety: + require_approval: false + tools: + - name: repo_scan + permissions: read + - name: deploy + permissions: write +``` + +## 9) Next Build Step (Suggested) +- Implement a small **agent harness** (orchestrator + planner + tool router). +- Add a **training log schema** for RL rollouts. +- Create a **self-edit registry** for SEAL updates. + +--- +_Transmission end. Coordinate stardate: 2500.042._ diff --git a/package-lock.json b/package-lock.json index 24bbeea9d..607a5d26e 100644 --- a/package-lock.json +++ b/package-lock.json @@ -8,7 +8,7 @@ "name": "github-mcp-server-deployment", "version": "2.0.0", "devDependencies": { - "@coral-xyz/anchor": "^0.30.1", + "@coral-xyz/anchor": "^0.32.1", "@solana/spl-token": "^0.1.8", "@solana/web3.js": "^1.98.4", "bs58": "^6.0.0" @@ -25,36 +25,34 @@ } }, "node_modules/@coral-xyz/anchor": { - "version": "0.30.1", - "resolved": "https://registry.npmjs.org/@coral-xyz/anchor/-/anchor-0.30.1.tgz", - "integrity": "sha512-gDXFoF5oHgpriXAaLpxyWBHdCs8Awgf/gLHIo6crv7Aqm937CNdY+x+6hoj7QR5vaJV7MxWSQ0NGFzL3kPbWEQ==", + "version": "0.32.1", + "resolved": "https://registry.npmjs.org/@coral-xyz/anchor/-/anchor-0.32.1.tgz", + "integrity": "sha512-zAyxFtfeje2FbMA1wzgcdVs7Hng/MijPKpRijoySPCicnvcTQs/+dnPZ/cR+LcXM9v9UYSyW81uRNYZtN5G4yg==", "dev": true, "license": "(MIT OR Apache-2.0)", "dependencies": { - "@coral-xyz/anchor-errors": "^0.30.1", - "@coral-xyz/borsh": "^0.30.1", + "@coral-xyz/anchor-errors": "^0.31.1", + "@coral-xyz/borsh": "^0.31.1", "@noble/hashes": "^1.3.1", - "@solana/web3.js": "^1.68.0", + "@solana/web3.js": "^1.69.0", "bn.js": "^5.1.2", "bs58": "^4.0.1", "buffer-layout": "^1.2.2", "camelcase": "^6.3.0", "cross-fetch": "^3.1.5", - "crypto-hash": "^1.3.0", "eventemitter3": "^4.0.7", "pako": "^2.0.3", - "snake-case": "^3.0.4", "superstruct": "^0.15.4", "toml": "^3.0.0" }, "engines": { - "node": ">=11" + "node": ">=17" } }, "node_modules/@coral-xyz/anchor-errors": { - "version": "0.30.1", - "resolved": "https://registry.npmjs.org/@coral-xyz/anchor-errors/-/anchor-errors-0.30.1.tgz", - "integrity": "sha512-9Mkradf5yS5xiLWrl9WrpjqOrAV+/W2RQHDlbnAZBivoGpOs1ECjoDCkVk4aRG8ZdiFiB8zQEVlxf+8fKkmSfQ==", + "version": "0.31.1", + "resolved": "https://registry.npmjs.org/@coral-xyz/anchor-errors/-/anchor-errors-0.31.1.tgz", + "integrity": "sha512-NhNEku4F3zzUSBtrYz84FzYWm48+9OvmT1Hhnwr6GnPQry2dsEqH/ti/7ASjjpoFTWRnPXrjAIT1qM6Isop+LQ==", "dev": true, "license": "Apache-2.0", "engines": { @@ -82,9 +80,9 @@ } }, "node_modules/@coral-xyz/borsh": { - "version": "0.30.1", - "resolved": "https://registry.npmjs.org/@coral-xyz/borsh/-/borsh-0.30.1.tgz", - "integrity": "sha512-aaxswpPrCFKl8vZTbxLssA2RvwX2zmKLlRCIktJOwW+VpVwYtXRtlWiIP+c2pPRKneiTiWCN2GEMSH9j1zTlWQ==", + "version": "0.31.1", + "resolved": "https://registry.npmjs.org/@coral-xyz/borsh/-/borsh-0.31.1.tgz", + "integrity": "sha512-9N8AU9F0ubriKfNE3g1WF0/4dtlGXoBN/hd1PvbNBamBNwRgHxH4P+o3Zt7rSEloW1HUs6LfZEchlx9fW7POYw==", "dev": true, "license": "Apache-2.0", "dependencies": { @@ -95,7 +93,7 @@ "node": ">=10" }, "peerDependencies": { - "@solana/web3.js": "^1.68.0" + "@solana/web3.js": "^1.69.0" } }, "node_modules/@noble/curves": { @@ -351,9 +349,9 @@ "license": "MIT" }, "node_modules/bn.js": { - "version": "5.2.2", - "resolved": "https://registry.npmjs.org/bn.js/-/bn.js-5.2.2.tgz", - "integrity": "sha512-v2YAxEmKaBLahNwE1mjp4WON6huMNeuDvagFZW+ASCuA/ku0bXR9hSMw0XpiqMoA3+rmnyck/tPRSFQkoC9Cuw==", + "version": "5.2.3", + "resolved": "https://registry.npmjs.org/bn.js/-/bn.js-5.2.3.tgz", + "integrity": "sha512-EAcmnPkxpntVL+DS7bO1zhcZNvCkxqtkd0ZY53h06GNQ3DEkkGZ/gKgmDv6DdZQGj9BgfSPKtJJ7Dp1GPP8f7w==", "dev": true, "license": "MIT" }, @@ -495,19 +493,6 @@ "node-fetch": "^2.7.0" } }, - "node_modules/crypto-hash": { - "version": "1.3.0", - "resolved": "https://registry.npmjs.org/crypto-hash/-/crypto-hash-1.3.0.tgz", - "integrity": "sha512-lyAZ0EMyjDkVvz8WOeVnuCPvKVBXcMv1l5SVqO1yC7PzTwrD/pPje/BIRbWhMoPe436U+Y2nD7f5bFx0kt+Sbg==", - "dev": true, - "license": "MIT", - "engines": { - "node": ">=8" - }, - "funding": { - "url": "https://github.com/sponsors/sindresorhus" - } - }, "node_modules/delay": { "version": "5.0.0", "resolved": "https://registry.npmjs.org/delay/-/delay-5.0.0.tgz", @@ -521,17 +506,6 @@ "url": "https://github.com/sponsors/sindresorhus" } }, - "node_modules/dot-case": { - "version": "3.0.4", - "resolved": "https://registry.npmjs.org/dot-case/-/dot-case-3.0.4.tgz", - "integrity": "sha512-Kv5nKlh6yRrdrGvxeJ2e5y2eRUpkUosIW4A2AS38zwSz27zu7ufDwQPi5Jhs3XAlGNetl3bmnGhQsMtkKJnj3w==", - "dev": true, - "license": "MIT", - "dependencies": { - "no-case": "^3.0.4", - "tslib": "^2.0.3" - } - }, "node_modules/dotenv": { "version": "10.0.0", "resolved": "https://registry.npmjs.org/dotenv/-/dotenv-10.0.0.tgz", @@ -664,16 +638,6 @@ "dev": true, "license": "ISC" }, - "node_modules/lower-case": { - "version": "2.0.2", - "resolved": "https://registry.npmjs.org/lower-case/-/lower-case-2.0.2.tgz", - "integrity": "sha512-7fm3l3NAF9WfN6W3JOmf5drwpVqX78JtoGJ3A6W0a6ZnldM41w2fV5D490psKFTpMds8TJse/eHLFFsNHHjHgg==", - "dev": true, - "license": "MIT", - "dependencies": { - "tslib": "^2.0.3" - } - }, "node_modules/ms": { "version": "2.1.3", "resolved": "https://registry.npmjs.org/ms/-/ms-2.1.3.tgz", @@ -681,17 +645,6 @@ "dev": true, "license": "MIT" }, - "node_modules/no-case": { - "version": "3.0.4", - "resolved": "https://registry.npmjs.org/no-case/-/no-case-3.0.4.tgz", - "integrity": "sha512-fgAN3jGAh+RoxUGZHTSOLJIqUc2wmoBwGR4tbpNAKmmovFoWq0OdRkb0VkldReO2a2iBT/OEulG9XSUc10r3zg==", - "dev": true, - "license": "MIT", - "dependencies": { - "lower-case": "^2.0.2", - "tslib": "^2.0.3" - } - }, "node_modules/node-fetch": { "version": "2.7.0", "resolved": "https://registry.npmjs.org/node-fetch/-/node-fetch-2.7.0.tgz", @@ -817,17 +770,6 @@ ], "license": "MIT" }, - "node_modules/snake-case": { - "version": "3.0.4", - "resolved": "https://registry.npmjs.org/snake-case/-/snake-case-3.0.4.tgz", - "integrity": "sha512-LAOh4z89bGQvl9pFfNF8V146i7o7/CqFPbqzYgP+yYzDIDeS9HaNFtXABamRW+AQzEVODcvE79ljJ+8a9YSdMg==", - "dev": true, - "license": "MIT", - "dependencies": { - "dot-case": "^3.0.4", - "tslib": "^2.0.3" - } - }, "node_modules/stream-chain": { "version": "2.2.5", "resolved": "https://registry.npmjs.org/stream-chain/-/stream-chain-2.2.5.tgz", diff --git a/package.json b/package.json index dab5e7bdb..aeaca46b8 100644 --- a/package.json +++ b/package.json @@ -24,7 +24,7 @@ "verify:relayers": "node scripts/verify-relayers-rebates.js" }, "devDependencies": { - "@coral-xyz/anchor": "^0.30.1", + "@coral-xyz/anchor": "^0.32.1", "@solana/spl-token": "^0.1.8", "@solana/web3.js": "^1.98.4", "bs58": "^6.0.0" diff --git a/scripts/scan-contracts.js b/scripts/scan-contracts.js new file mode 100644 index 000000000..8bf516577 --- /dev/null +++ b/scripts/scan-contracts.js @@ -0,0 +1,128 @@ +#!/usr/bin/env node + +/** + * Scans the repository for contract addresses (Solana base58 and EVM 0x) + * and reports their locations plus allowlist coverage. + * + * Usage: + * node scripts/scan-contracts.js [startDir] + * + * Outputs: + * - Prints a summary to stdout + * - Writes a JSON report to contract_scan_results.json + */ + +const fs = require("fs"); +const path = require("path"); + +const ROOT = path.join(__dirname, ".."); +const START_DIR = path.resolve(process.argv[2] || ROOT); +const MAX_FILE_BYTES = 2 * 1024 * 1024; // skip files larger than 2 MB +const EXCLUDED_DIRS = new Set([ + ".git", + "node_modules", + ".next", + "dist", + "build", + "tmp", + "vendor", + ".venv", + "venv", +]); + +const SOLANA_REGEX = /\b[1-9A-HJ-NP-Za-km-z]{32,44}\b/g; +const EVM_REGEX = /\b0x[a-fA-F0-9]{40}\b/g; + +const allowlistSources = [ + path.join(ROOT, "VERCEL_DEPLOYMENT_ALLOWLIST.json"), + path.join(ROOT, "COMPREHENSIVE_ALLOWLIST_UPDATE.json"), +]; + +function loadAllowlist() { + const addresses = new Set(); + for (const source of allowlistSources) { + if (!fs.existsSync(source)) continue; + const data = JSON.parse(fs.readFileSync(source, "utf8")); + if (Array.isArray(data.allowlist)) { + data.allowlist.forEach((addr) => addresses.add(addr)); + } + if (Array.isArray(data.master_allowlist)) { + data.master_allowlist.forEach((addr) => addresses.add(addr)); + } + } + return addresses; +} + +function walk(dir, visitor) { + const entries = fs.readdirSync(dir, { withFileTypes: true }); + for (const entry of entries) { + if (entry.isDirectory()) { + if (EXCLUDED_DIRS.has(entry.name)) continue; + walk(path.join(dir, entry.name), visitor); + } else if (entry.isFile()) { + visitor(path.join(dir, entry.name)); + } + } +} + +function scanFile(filePath, allowlist, results) { + try { + const stat = fs.statSync(filePath); + if (stat.size > MAX_FILE_BYTES) return; + const content = fs.readFileSync(filePath, "utf8"); + const matches = [ + ...new Set([ + ...(content.match(SOLANA_REGEX) || []), + ...(content.match(EVM_REGEX) || []), + ]), + ]; + if (!matches.length) return; + + const relativePath = path.relative(ROOT, filePath); + for (const address of matches) { + const type = address.startsWith("0x") ? "evm" : "solana"; + if (!results[address]) { + results[address] = { type, files: new Set() }; + } + results[address].files.add(relativePath); + results[address].allowlisted = allowlist.has(address); + } + } catch { + /* skip unreadable files */ + } +} + +function main() { + const allowlist = loadAllowlist(); + const results = {}; + + walk(START_DIR, (file) => scanFile(file, allowlist, results)); + + const normalized = Object.entries(results).map(([address, data]) => ({ + address, + type: data.type, + allowlisted: Boolean(data.allowlisted), + files: Array.from(data.files).sort(), + })); + + normalized.sort((a, b) => a.address.localeCompare(b.address)); + + const summary = { + scanned_from: START_DIR, + total_addresses: normalized.length, + allowlisted: normalized.filter((r) => r.allowlisted).length, + not_allowlisted: normalized.filter((r) => !r.allowlisted).length, + addresses: normalized, + }; + + const outputPath = path.join(ROOT, "contract_scan_results.json"); + fs.writeFileSync(outputPath, JSON.stringify(summary, null, 2)); + + console.log("Contract scan complete."); + console.log(` Total addresses: ${summary.total_addresses}`); + console.log(` Allowlisted: ${summary.allowlisted}`); + console.log(` Not allowlisted: ${summary.not_allowlisted}`); + console.log(` Report written to ${outputPath}`); +} + +main(); diff --git a/scripts/setup-moralis.js b/scripts/setup-moralis.js index e6c02ebe2..8d947f33c 100755 --- a/scripts/setup-moralis.js +++ b/scripts/setup-moralis.js @@ -8,7 +8,7 @@ const MORALIS_NODE_URL = process.env.MORALIS_NODE_URL || 'https://site2.moralis- console.log('=== MORALIS API SETUP ==='); console.log(''); -console.log('API Key:', MORALIS_API_KEY); +console.log('API Key:', MORALIS_API_KEY ? `(set, length: ${MORALIS_API_KEY.length})` : '(not set)'); console.log('Node URL:', MORALIS_NODE_URL); console.log('');