v4.2

.github/workflows/publish-prerelease.yml

@@ -6,13 +6,13 @@ on:
 
 jobs:
   build:
-    if: 'github.event.release.prerelease'
+    if: "github.event.release.prerelease"
     runs-on: ubuntu-latest
     steps:
       - uses: actions/checkout@v3
       - uses: actions/setup-node@v3
         with:
-          node-version: 16
+          node-version: 18
       - run: npm ci
       - run: npm run build
       - name: Run test coverage
@@ -32,7 +32,7 @@ jobs:
       - uses: actions/checkout@v3
       - uses: actions/setup-node@v3
         with:
-          node-version: 16
+          node-version: 18
           registry-url: https://registry.npmjs.org/
       - run: npm ci
       - run: npm run build
@@ -47,9 +47,9 @@ jobs:
       - uses: actions/checkout@v3
       - uses: actions/setup-node@v3
         with:
-          node-version: 16
+          node-version: 18
           registry-url: https://npm.pkg.github.com/
-          scope: '@tokenysolutions'
+          scope: "@tokenysolutions"
       - run: npm ci
       - run: npm run build
       - run: npm publish --tag beta

.github/workflows/publish-release.yml

@@ -6,13 +6,13 @@ on:
 
 jobs:
   build:
-    if: '!github.event.release.prerelease'
+    if: "!github.event.release.prerelease"
     runs-on: ubuntu-latest
     steps:
       - uses: actions/checkout@v3
       - uses: actions/setup-node@v3
         with:
-          node-version: 16
+          node-version: 18
       - run: npm ci
       - run: npm run build
       - name: Run test coverage
@@ -32,7 +32,7 @@ jobs:
       - uses: actions/checkout@v3
       - uses: actions/setup-node@v3
         with:
-          node-version: 16
+          node-version: 18
           registry-url: https://registry.npmjs.org/
       - run: npm ci
       - run: npm run build
@@ -47,9 +47,9 @@ jobs:
       - uses: actions/checkout@v3
       - uses: actions/setup-node@v3
         with:
-          node-version: 16
+          node-version: 18
           registry-url: https://npm.pkg.github.com/
-          scope: '@tokenysolutions'
+          scope: "@tokenysolutions"
       - run: npm ci
       - run: npm run build
       - run: npm publish

.github/workflows/push_checking.yml

@@ -6,11 +6,11 @@ jobs:
     runs-on: ubuntu-latest
     strategy:
       matrix:
-        node-version: [16.x]
+        node-version: [18.x]
 
     steps:
       - name: Checkout
-        uses: 'actions/checkout@master'
+        uses: "actions/checkout@master"
 
       - name: Set Node.js
         uses: actions/setup-node@v3
@@ -20,6 +20,8 @@ jobs:
         run: npm ci
       - name: Lint Solidity sources
         run: npm run lint:sol
+      - name: Build contracts
+        run: npm run build
       - name: Lint TypeScript sources
         run: npm run lint:ts
 
@@ -28,11 +30,11 @@ jobs:
     runs-on: ubuntu-latest
     strategy:
       matrix:
-        node-version: [16.x]
+        node-version: [18.x]
 
     steps:
       - name: Checkout
-        uses: 'actions/checkout@master'
+        uses: "actions/checkout@master"
 
       - name: Set Node.js
         uses: actions/setup-node@v3

.husky/commit-msg

@@ -1,4 +1 @@
-#!/usr/bin/env sh
-. "$(dirname -- "$0")/_/husky.sh"
-
 node ./scripts/commit-msg.js $1 && npx --no-install commitlint --edit $1

.husky/pre-commit

@@ -1,4 +0,0 @@
-#!/usr/bin/env sh
-. "$(dirname -- "$0")/_/husky.sh"
-
-npx lint-staged

.solcover.js

@@ -4,5 +4,6 @@ module.exports = {
         "_testContracts",
         "roles/permissioning/owner/",
         "roles/permissioning/agent/",
+        "utils",
     ],
 };

.solhint.json

@@ -1,7 +1,7 @@
 {
   "extends": "solhint:recommended",
   "rules": {
-    "compiler-version": ["error", "^0.8.17"],
+    "compiler-version": ["error", "^0.8.26"],
     "func-visibility": ["warn", { "ignoreConstructors": true }],
     "reentrancy": "error",
     "state-visibility": "error",
@@ -21,14 +21,15 @@
     "code-complexity": ["error", 7],
     "function-max-lines": ["error", 50],
     "max-line-length": ["error", 130],
-    "max-states-count": ["error", 15],
+    "max-states-count": ["warn", 15],
     "no-empty-blocks": "error",
     "no-unused-vars": "error",
     "payable-fallback": "error",
     "constructor-syntax": "error",
     "not-rely-on-time": "off",
     "reason-string": "off",
-    "no-global-import": "off"
+    "no-global-import": "off",
+    "gas-custom-errors": "off"
   },
   "plugins": ["prettier"]
 }

CHANGELOG.md

@@ -1,6 +1,105 @@
 # Change Log
 All notable changes to this project will be documented in this file.
 
+## [4.2.0]
+
+### Added
+
+- Introduced **Token Listing Restrictions Module**: Investors can determine which tokens they can receive by whitelisting or blacklisting them
+  Token issuers can choose the listing type they prefer for their tokens:
+  WHITELISTING: investors must whitelist/allow the token address in order to receive it.
+  BLACKLISTING: investors can receive the token by default. If they do not want to receive it, they need to blacklist/disallow it.
+
+- Introduced **Investor Country Cap Module**: to limit the number of identities per country.
+  - The module allows the token owner to set a maximum number of identities per country.
+
+- **Default Allowance Mechanism**:
+  - Introduced a new feature allowing the contract owner to set certain addresses as trusted external smart contracts, enabling them to use `transferFrom` without requiring an explicit allowance from users. By default, users are opted in, allowing these contracts to have an "infinite allowance". Users can opt-out if they prefer to control allowances manually.
+  - Added custom errors and events to provide better feedback and traceability:
+    - Custom errors: `DefaultAllowanceAlreadyEnabled`, `DefaultAllowanceAlreadyDisabled`, `DefaultAllowanceAlreadySet`.
+    - Events: `DefaultAllowance`, `DefaultAllowanceDisabled`, `DefaultAllowanceEnabled`.
+  - Enhanced the `allowance` function to return `type(uint256).max` for addresses with default allowance enabled, unless the user has opted out.
+
+- **Eligibility Checks Toggle**:
+  - Added the ability for the token owner to enable or disable eligibility checks on the `IdentityRegistry` contract.
+  - **`disableEligibilityChecks`**: Allows the token owner to disable eligibility checks, making all addresses automatically verified by the `isVerified` function.
+  - **`enableEligibilityChecks`**: Allows the token owner to re-enable eligibility checks, restoring the full verification process.
+  - Introduced custom errors and events:
+    - Custom errors: `EligibilityChecksDisabledAlready`, `EligibilityChecksEnabledAlready`.
+    - Events: `EligibilityChecksDisabled`, `EligibilityChecksEnabled`.
+  - This feature provides flexibility for issuers to launch tokens with or without eligibility checks, based on their needs.
+
+- **ERC-165 Interface Implementation**:
+  - Implemented ERC-165 support across all major contracts in the suite, allowing them to explicitly declare the interfaces they support. This enhancement improves interoperability and makes it easier for external contracts and tools to interact with T-REX contracts.
+  - Each contract now implements the `supportsInterface` function to identify the supported interfaces, ensuring compliance with ERC-165 standards.
+  - In addition to implementing ERC-165, the ERC-3643 interfaces were organized into a new directory, with each interface inheriting from the original ERC-3643 standard interface. This setup allows for future expansion and maintains uniformity across the suite:
+    - `IERC3643`, `IERC3643IdentityRegistry`, `IERC3643Compliance`, `IERC3643ClaimTopicsRegistry`, `IERC3643TrustedIssuersRegistry`, `IERC3643IdentityRegistryStorage`
+  - For contracts that extend the ERC-3643 standard with new functions, `supportsInterface` now checks for both the new interface ID and the original ERC-3643 interface ID.
+  - For interfaces that did not change, `supportsInterface` checks for the ERC-3643 interface ID directly, omitting the empty version-specific interface to avoid redundancy.
+
+- **Add and Set Module in a Single Transaction**:
+  - Introduced the `addAndSetModule` function in the `ModularCompliance` contract, allowing the contract owner to add a new compliance module and interact with it in a single transaction.
+  - This function supports adding a module and performing up to 5 interactions with the module in one call, streamlining the setup process for compliance modules.
+
+- **Granular Agent Permissioning**:
+  - Introduced a new system to provide more granular control over agent roles on the token contract.
+  - **Default Behavior**: By default, agents can perform all actions (mint, burn, freeze tokens, freeze wallets, recover tokens, pause, unpause).
+  - **Restricting Permissions**: Token owners can now restrict specific roles for agents using the `setAgentRestrictions` function.
+    - Permissions can be restricted on actions like minting, burning, freezing, recovering, etc.
+    - Custom restrictions are stored in the `TokenRoles` struct.
+    - The `AgentRestrictionsSet` event is emitted whenever restrictions are updated for an agent.
+  - All agent-scoped functions (e.g., mint, burn) now check the agent’s permissions before executing the transaction, ensuring proper enforcement of these restrictions.
+
+- **Ethers.js Version Upgrade**:
+  - The project was upgraded from **Ethers v5** to **Ethers v6**, introducing several changes to the API and syntax.
+  - **Key Changes**:
+    - Adjusted syntax for contract deployments, interactions, and function calls to comply with Ethers v6.
+    - Replaced deprecated features from v5 with the new Ethers v6 equivalents, ensuring compatibility and future-proofing the project.
+    - Updated test suites and helper functions to use the Ethers v6 `Interface` and `Contract` classes, ensuring smooth testing of the updated code.
+  - This upgrade ensures better performance, enhanced security, and improved developer experience moving forward.
+
+- **Solidity Version Upgrade to 0.8.27**:
+  - Upgraded Solidity version from **0.8.17** to **0.8.27** across all contracts, bringing in multiple new features and improvements:
+    - **File-Level Event Declaration**: Events are now declared at the file level, simplifying code structure and improving readability.
+    - **Custom Errors for Require Statements**: All `require` clauses that previously returned a string reason for failure have been updated to use **custom errors**, making debugging easier and more efficient.
+  - This upgrade provides a cleaner, more efficient error handling process and improves overall code structure without affecting backward compatibility.
+
+- **Utility checker**:
+  - Add a new utility contract to check for freeze status, eligibility and compliance of an address for a token:
+    - Test if the transfer of tokens will fail
+    - Test the eligibility of an address for a token
+    - Test the compliance of an address for a token
+    - Test the freeze status of an address for a token
+
+### Updated
+
+- **Token Recovery Function**:
+  - The `recoveryAddress` function was significantly improved to handle more complex scenarios and prevent potential bugs:
+    - Removed the requirement for the `newWallet` to be a key on the `onchainID`, simplifying the process and reducing potential errors.
+    - Enhanced compatibility with shared identity registry storage, ensuring the function works correctly even when multiple tokens share the same identity registry storage.
+    - Added logic to handle recovery to an existing wallet that is already linked to the investor's identity, addressing scenarios where the `newWallet` is an existing wallet.
+    - The function now accurately updates the identity registry, preventing errors related to attempting to add or remove identities that are already present or absent.
+    - Improved overall logic to ensure smooth and error-free recovery operations, with events (`RecoverySuccess`, `TokensFrozen`, `TokensUnfrozen`, etc.) emitted to provide detailed feedback.
+
+- **Ownership Transfer**:
+  - Implemented a two-step ownership transfer process across all relevant contracts in the suite, using OpenZeppelin's implementation `Ownable2StepUpgradeable`.
+  - This change enhances security by requiring the new owner to accept ownership explicitly, preventing accidental transfers to incorrect or inaccessible addresses.
+  - Added new functions:
+    - `transferOwnership(address newOwner)`: Initiates the ownership transfer process.
+    - `acceptOwnership()`: Allows the pending owner to accept and finalize the ownership transfer.
+  - Introduced a `_pendingOwner` state variable to track the address of the pending new owner.
+  - Updated relevant events to reflect the two-step process:
+    - `OwnershipTransferStarted(address indexed previousOwner, address indexed newOwner)`
+    - `OwnershipTransferred(address indexed previousOwner, address indexed newOwner)`
+  - This change affects all contracts that previously used a single-step ownership transfer, ensuring consistent and secure ownership management across the entire suite.
+
+## [4.1.5]
+
+### Update
+- DvA Transfer Manager contract proxified
+- The DvA manager contract freezes the tokens to be transferred instead of being a vault (so it must be a token agent)
+- Only the token owner (rather than agents) can call setApprovalCriteria, as it is part of the main token settings.
+
 ## [4.1.4]
 
 ### Added
@@ -210,4 +309,4 @@ Version 4.0.0 of TREX has been successfully audited by Hacken [more details here
 - changed required key for roles on AgentManager contract (MANAGEMENT key -> EXECUTION key)
 - changed required key for roles on OwnerManager contract (MANAGEMENT key -> EXECUTION key)
 - import interfaces from openzeppelin instead of local copy
-- contract name : **Storage** -> **TokenStorage**
+- contract name : **Storage** -> **TokenStorage**