update FeeVault

[tac0turtle]

constructor to accept additional parameters for deployment configuration

Description

Type of Change

• Bug fix (non-breaking change which fixes an issue)
• New feature (non-breaking change which adds functionality)
• Breaking change (fix or feature that would cause existing functionality to not work as expected)
• Documentation update
• Performance improvement
• Refactoring

Related Issues

Fixes #(issue)

Checklist

• I have performed a self-review of my code
• I have commented my code, particularly in hard-to-understand areas
• I have made corresponding changes to the documentation
• My changes generate no new warnings
• I have added tests that prove my fix is effective or that my feature works
• New and existing unit tests pass locally with my changes
• Any dependent changes have been merged and published

Testing

Additional Notes

[claude]

Claude finished @tac0turtle's task —— View job

---

Code Review Complete

Reviewing the FeeVault constructor refactoring changes:

• Read repository guidelines and understand project structure
• Analyze FeeVault.sol constructor changes
• Review deployment script modifications
• Examine test updates
• Check README documentation changes
• Provide comprehensive feedback on code quality, security, and best practices

Overall Assessment

This PR successfully refactors the FeeVault deployment from a multi-step configuration process to a single-transaction atomic deployment. The changes are well-structured and maintain backward compatibility for administrative functions.

✅ Strengths

1. Atomic Deployment: Constructor now accepts all configuration parameters, eliminating deployment races and simplifying the process
2. Good Parameter Validation: Constructor includes proper validation for _owner and _bridgeShareBps (contracts/src/FeeVault.sol:48-49)
3. Comprehensive Test Coverage: Tests properly validate the new constructor and edge cases
4. Clear Documentation: README is well-updated with environment variable explanations and deployment instructions
5. Consistent Validation: Similar validation patterns used throughout (e.g., zero address checks, BPS limits)

🚨 Critical Issues

1. Missing CREATE2 Address Verification (contracts/script/DeployFeeVault.s.sol:24-26)

   • The deployment script no longer verifies that the contract deploys at the predicted address
   • This is a critical safety check for deterministic deployments to prevent deployment at unexpected addresses
   • Impact: High - Could lead to deploying at wrong address due to constructor arg changes

2. Inconsistent Zero Address Validation (contracts/src/FeeVault.sol:57)

   • Constructor validates _owner but not _otherRecipient, while setOtherRecipient() requires non-zero (contracts/src/FeeVault.sol:123)
   • Impact: Medium - Could deploy with zero otherRecipient but prevent setting it later

🔧 Recommendations

1. Re-add CREATE2 verification in deployment script:

// After deployment, verify address matches prediction
require(address(feeVault) == computedAddress, "FeeVault: address mismatch");

2. Consistent validation in constructor:

// Add validation for otherRecipient if bridgeShareBps < 10000
if (_bridgeShareBps < 10000) {
    require(_otherRecipient != address(0), "FeeVault: other recipient required");
}

3. Consider adding event emission for all constructor parameters for better traceability

🔍 Minor Issues

1. Magic number in test (contracts/test/FeeVault.t.sol:45): 10000 should use a named constant for clarity
2. Constructor logic (contracts/src/FeeVault.sol:56): The ternary operation _bridgeShareBps == 0 ? 10000 : _bridgeShareBps could be clearer with a comment explaining the default behavior

🎯 Security & Performance

• Security: Good overall security practices with proper access control and validation
• Performance: No performance concerns, gas usage is reasonable for deployment
• Best Practices: Follows Solidity best practices with events, modifiers, and clear function separation

🧪 Test Coverage

Excellent test coverage including:

• Constructor validation
• All administrative functions
• Edge cases and error conditions
• Fund splitting scenarios
• Access control

The refactoring significantly improves the deployment experience while maintaining security and functionality. Address the critical CREATE2 verification issue and consider the validation consistency improvements before merging.

[gemini-code-assist]

Summary of Changes

Hello @tac0turtle, I'm Gemini Code Assist¹! I'm currently reviewing this pull request and will post my feedback shortly. In the meantime, here's a summary to help you and other reviewers quickly get up to speed!

This pull request significantly refactors the deployment and initialization of the FeeVault smart contract. By extending the FeeVault constructor to accept all necessary configuration parameters upfront, it transitions from a multi-step, post-deployment configuration approach to a more atomic and efficient single-transaction deployment. This change streamlines the contract's setup, improves deployment predictability, and updates all related scripts and tests to ensure consistency and correctness with the new initialization pattern.

Highlights

• Constructor Enhancement: The FeeVault contract's constructor now accepts additional parameters (destinationDomain, recipientAddress, minimumAmount, callFee, bridgeShareBps, otherRecipient) for direct initialization, streamlining contract setup.
• Streamlined Deployment Script: The DeployFeeVault.s.sol script has been updated to pass all configuration parameters directly to the FeeVault constructor, eliminating the need for separate post-deployment set function calls.
• Updated Address Prediction: The ComputeFeeVaultAddress script and the internal computeAddress logic have been revised to correctly predict CREATE2 addresses based on the new constructor's expanded arguments.
• Test Suite Alignment: The FeeVault.t.sol test file has been modified to reflect the new constructor signature, ensuring tests are compatible with the updated contract deployment.

Using Gemini Code Assist

The full guide for Gemini Code Assist can be found on our documentation page, here are some quick tips.

Invoking Gemini

You can request assistance from Gemini at any point by creating a comment using either /gemini <command> or @gemini-code-assist <command>. Below is a summary of the supported commands on the current page.

Feature	Command	Description
Code Review	/gemini review	Performs a code review for the current pull request in its current state.
Pull Request Summary	/gemini summary	Provides a summary of the current pull request in its current state.
Comment	@gemini-code-assist	Responds in comments when explicitly tagged, both in pull request comments and review comments.
Help	/gemini help	Displays a list of available commands.

Customization

To customize Gemini Code Assist for GitHub experience, repository maintainers can create a configuration file and/or provide a custom code review style guide (such as PEP-8 for Python) by creating and adding files to a .gemini/ folder in the base of the repository. Detailed instructions can be found here.

Limitations & Feedback

Gemini Code Assist may make mistakes. Please leave feedback on any instances where its feedback is incorrect or counter productive. You can react with 👍 and 👎 on @gemini-code-assist comments. If you're interested in giving your feedback about your experience with Gemini Code Assist for Github and other Google products, sign up here.

You can also get AI-powered code generation, chat, as well as code reviews directly in the IDE at no cost with the Gemini Code Assist IDE Extension.

Footnotes

1. Review the Privacy Notices, Generative AI Prohibited Use Policy, Terms of Service, and learn how to configure Gemini Code Assist in GitHub here. Gemini can make mistakes, so double check it and use code with caution. ↩

[gemini-code-assist]

Code Review

This pull request refactors the FeeVault contract to accept configuration parameters in its constructor, which simplifies the deployment process. The deployment script and tests have been updated to reflect this change. My review focuses on the correctness and security of the new deployment method. I have found two high-severity issues that should be addressed:

1. The deployment script in DeployFeeVault.s.sol no longer verifies the pre-computed CREATE2 address. This is a critical safety check for deterministic deployments.
2. The FeeVault constructor in FeeVault.sol does not validate that the owner address is non-zero, which could result in deploying an ownerless contract with locked administrative functions.

I have provided specific code suggestions to resolve these issues.

[gemini-code-assist]

The CREATE2 address prediction and verification check has been removed. This is a crucial safety measure to ensure the contract is deployed at the expected address, protecting against unintended changes in bytecode, constructor arguments, or salt. It's highly recommended to re-add this verification within the deployment script.

        // Compute address before deployment
        bytes32 initCodeHash = keccak256(
            abi.encodePacked(
                type(FeeVault).creationCode,
                abi.encode(
                    owner,
                    destinationDomain,
                    recipientAddress,
                    minimumAmount,
                    callFee,
                    bridgeShareBps,
                    otherRecipient
                )
            )
        );
        address predicted = address(
            uint160(uint256(keccak256(abi.encodePacked(bytes1(0xff), address(this), salt, initCodeHash))))
        );
        console.log("Predicted FeeVault address:", predicted);

        vm.startBroadcast();

        // Deploy FeeVault with CREATE2
        FeeVault feeVault = new FeeVault{salt: salt}(
            owner,
            destinationDomain,
            recipientAddress,
            minimumAmount,
            callFee,
            bridgeShareBps,
            otherRecipient
        );
        require(address(feeVault) == predicted, "FeeVault: address mismatch");

        vm.stopBroadcast();

[damiannolan]

Lgtm

[damiannolan]

Why is 10k used here?