Merge branch 'main' into certora-squashed

Author: sakulstra

.github/workflows/comment.yml

@@ -2,6 +2,7 @@ name: PR Comment
 
 on:
   workflow_run:
+    # The workflow generating the artifacts
     workflows: [Test]
     types:
       - completed
@@ -12,10 +13,11 @@ permissions:
   checks: read
   statuses: read
   pull-requests: write
-  contents: write
 
 jobs:
   comment:
     uses: bgd-labs/github-workflows/.github/workflows/comment.yml@main
     secrets:
+      # the provided PAT needs write and write permissions on issues and pull requests
+      # the PAT is only really needed when commenting of prs from forks
       READ_ONLY_PAT: ${{ secrets.READ_ONLY_PAT }}

.github/workflows/test.yml

@@ -1,3 +1,6 @@
+# This action runs all common tooling for foundry repos
+# It does not comment any results though.
+# If you want to have comments on your repo, also install comment.yml
 name: Test
 
 concurrency:
@@ -7,77 +10,13 @@ concurrency:
 on:
   pull_request:
   push:
-    branches:
-      - main
+    branches: [main]
 
 jobs:
   lint:
-    name: lint
-    runs-on: ubuntu-latest
-    steps:
-      - uses: actions/checkout@v4
-
-      - uses: actions/setup-node@0a44ba7841725637a19e28fa30b79a866c81b0a6
-        with:
-          node-version-file: .nvmrc
-          cache: "npm"
-
-      - name: install
-        run: npm ci --prefer-offline --no-audit
-
-      - name: lint
-        run: npm run lint
-
+    uses: bgd-labs/github-workflows/.github/workflows/foundry-lint-prettier.yml@main
   test:
-    name: Foundry build n test
-    runs-on: ubuntu-latest
-    env:
-      FOUNDRY_PROFILE: ci
-    steps:
-      - uses: actions/checkout@v4
-        with:
-          submodules: recursive
-
-      - uses: actions/setup-node@0a44ba7841725637a19e28fa30b79a866c81b0a6
-        with:
-          node-version-file: .nvmrc
-          cache: "npm"
-
-      - name: Install node dependencies
-        run: npm ci --prefer-offline --no-audit
-
-      - name: Run Foundry setup
-        uses: bgd-labs/github-workflows/.github/actions/foundry-setup@4f16d15e380bbcf7e3933698c08b9fd34e967f78
-
-      - name: Run Forge tests
-        uses: bgd-labs/github-workflows/.github/actions/foundry-test@4f16d15e380bbcf7e3933698c08b9fd34e967f78
-
-      - name: Run Gas report
-        uses: bgd-labs/github-workflows/.github/actions/foundry-gas-report@4f16d15e380bbcf7e3933698c08b9fd34e967f78
-
-      - name: Cleanup
-        # This test will currently fail on coverage due to the gas limit beaing breached with optimizer disabled
-        run: rm tests/deployments/DeploymentsGasLimits.t.sol
-
-      - name: Run Lcov report
-        uses: bgd-labs/github-workflows/.github/actions/foundry-lcov-report@4f16d15e380bbcf7e3933698c08b9fd34e967f78
-
-      - name: Save PR number
-        if: github.event_name == 'pull_request' || github.event_name == 'pull_request_target'
-        env:
-          PR_NUMBER: ${{ github.event.number }}
-        run: |
-          mkdir -p ./pr
-          echo $PR_NUMBER > /tmp/content/pr_number.txt
-
-      - uses: actions/upload-artifact@v4
-        with:
-          name: content
-          path: /tmp/content
-
-      # we let failing tests pass so we can log them in the comment, still we want the ci to fail
-      - name: Post test
-        if: ${{ env.testStatus != 0 }}
-        run: |
-          echo "tests failed"
-          exit 1
+    uses: bgd-labs/github-workflows/.github/workflows/foundry-test.yml@main
+# only when the repo has zksync code
+#  test-zk:
+#    uses: bgd-labs/github-workflows/.github/workflows/foundry-test-zk.yml@main

.gitignore

@@ -33,3 +33,7 @@ broadcast/
 certora-logs
 certora_debug_log.txt
 resource_errors.json
+
+# invariants
+_corpus/
+crytic-export/

.prettierignore

@@ -3,3 +3,6 @@ lib
 cache
 node_modules
 report
+_corpus
+crytic-export
+snapshots

LICENSE

@@ -10,8 +10,8 @@ Parameters
 Licensor:             Aave DAO, represented by its governance smart contracts
 
 
-Licensed Work:        Aave v3.2
-                      The Licensed Work is (c) 2024 Aave DAO, represented by its governance smart contracts
+Licensed Work:        Aave v3.3
+                      The Licensed Work is (c) 2025 Aave DAO, represented by its governance smart contracts
 
 Additional Use Grant: You are permitted to use, copy, and modify the Licensed Work, subject to
                       the following conditions:

Makefile

@@ -33,6 +33,7 @@ coverage :
 	make coverage-report
 	make coverage-badge
 
+
 # Utilities
 download :; cast etherscan-source --chain ${chain} -d src/etherscan/${chain}_${address} ${address}
 git-diff :
@@ -42,14 +43,44 @@ git-diff :
 
 # Deploy
 deploy-libs-one	:;
-	forge script scripts/misc/LibraryPreCompileOne.sol --rpc-url ${chain} --ledger --mnemonic-indexes ${MNEMONIC_INDEX} --sender ${LEDGER_SENDER} --verify --slow --broadcast
+	FOUNDRY_PROFILE=${chain} forge script scripts/misc/LibraryPreCompileOne.sol --rpc-url ${chain} --ledger --mnemonic-indexes ${MNEMONIC_INDEX} --sender ${LEDGER_SENDER} --slow --broadcast
 deploy-libs-two	:;
-	forge script scripts/misc/LibraryPreCompileTwo.sol --rpc-url ${chain} --ledger --mnemonic-indexes ${MNEMONIC_INDEX} --sender ${LEDGER_SENDER} --verify --slow --broadcast
+	FOUNDRY_PROFILE=${chain} forge script scripts/misc/LibraryPreCompileTwo.sol --rpc-url ${chain} --ledger --mnemonic-indexes ${MNEMONIC_INDEX} --sender ${LEDGER_SENDER} --slow --broadcast
 
 deploy-libs :
 	make deploy-libs-one chain=${chain}
 	npx catapulta-verify -b broadcast/LibraryPreCompileOne.sol/${chainId}/run-latest.json
 	make deploy-libs-two chain=${chain}
 	npx catapulta-verify -b broadcast/LibraryPreCompileTwo.sol/${chainId}/run-latest.json
 
-gas-report :; forge test --fuzz-runs 50 --gas-report
+# Gas reports
+gas-report :; forge test --mp 'tests/gas/*.t.sol' --isolate
+
+
+# Invariants
+echidna:
+	echidna tests/invariants/Tester.t.sol --contract Tester --config ./tests/invariants/_config/echidna_config.yaml --corpus-dir ./tests/invariants/_corpus/echidna/default/_data/corpus
+
+echidna-assert:
+	echidna tests/invariants/Tester.t.sol --contract Tester --test-mode assertion --config ./tests/invariants/_config/echidna_config.yaml --corpus-dir ./tests/invariants/_corpus/echidna/default/_data/corpus
+
+echidna-explore:
+	echidna tests/invariants/Tester.t.sol --contract Tester --test-mode exploration --config ./tests/invariants/_config/echidna_config.yaml --corpus-dir ./tests/invariants/_corpus/echidna/default/_data/corpus
+
+# Medusa
+medusa:
+	medusa fuzz --config ./medusa.json
+
+# Echidna Runner
+
+HOST = power-runner
+LOCAL_FOLDER = ./
+REMOTE_FOLDER = ./echidna-runner
+REMOTE_COMMAND = cd $(REMOTE_FOLDER)/aave-v3-origin && make echidna > process_output.log 2>&1
+REMOTE_COMMAND_ASSERT = cd $(REMOTE_FOLDER)/aave-v3-origin && make echidna-assert > process_output.log 2>&1
+
+echidna-runner:
+	tar --exclude='./tests/invariants/_corpus' -czf - $(LOCAL_FOLDER) | ssh $(HOST) "export PATH=$$PATH:/root/.local/bin:/root/.foundry/bin && mkdir -p $(REMOTE_FOLDER)/aave-v3-origin && tar -xzf - -C $(REMOTE_FOLDER)/aave-v3-origin && $(REMOTE_COMMAND)"
+
+echidna-assert-runner:
+	tar --exclude='./tests/invariants/_corpus' -czf - $(LOCAL_FOLDER) | ssh $(HOST) "export PATH=$$PATH:/root/.local/bin:/root/.foundry/bin && mkdir -p $(REMOTE_FOLDER)/aave-v3-origin && tar -xzf - -C $(REMOTE_FOLDER)/aave-v3-origin && $(REMOTE_COMMAND_ASSERT)"

README.md

@@ -106,6 +106,19 @@ The following are the security procedures historically applied to Aave v3.X vers
 
 <br>
 
+**-> Aave v3.3 - January 2025**
+
+#### Deficit tracking & Liquidation optimizations
+
+- [Certora](./audits/2024-11-07_Certora_Aave-v3.3.0.pdf)
+- [StErMi](./audits/2024-10-22_StErMi_Aave-v3.3.pdf)
+- [Oxorio](./audits/2025-01-29_Oxorio_Aave-v3.3.0.pdf)
+- [Sherlock](./audits/2025-01-22_Sherlock_Aave-v3.3.0.pdf)
+
+In addition, Enigma Dark has adapted the Foundry-based fuzzing [invariant suite](./tests/invariants) to the Aave v3.3 codebase.
+
+<br>
+
 ### Bug bounty
 
 This repository will be subjected to [this bug bounty](https://immunefi.com/bounty/aave/) once the Aave Governance upgrades the smart contracts in the applicable production instances.