refactor(test): improve L2StandardBridge test coverage and quality

[devin-ai-integration]

Enhance L2StandardBridge test coverage with comprehensive fuzz tests and eliminate code duplication

Summary

This PR converts three regular tests to fuzz tests (withdraw_ether, withdraw_withdrawingERC20, withdrawTo_withdrawingERC20), adds missing test coverage for the l1TokenBridge() function, and significantly refactors helper functions to eliminate code duplication while adding comprehensive cross-domain messaging expectations to fuzz tests.

Key Changes:

• Fuzz test conversion: Tests now validate a wide range of amounts (1-1,000,000) and gas limits (21,000-1,000,000) instead of hardcoded values
• Helper function refactoring: Broke down duplicated _preBridgeERC20 and _preBridgeERC20To functions into a parameterized _expectERC20WithdrawalCalls system with 4 smaller functions
• Comprehensive expectations: Fuzz tests now include all cross-domain messaging expectations (baseGas calculation, withdrawal hash, vm.expectCall for full call chain, comprehensive events)
• New coverage: Added test for previously uncovered l1TokenBridge() function

Review & Testing Checklist for Human

This is a medium-risk refactoring that requires careful validation of complex helper function changes:

• Verify helper function equivalence: Run both old and new helper functions side-by-side to ensure identical expectations are generated
• Test conditional bridge logic: Manually verify that _expectBridgeCalls correctly handles withdraw vs withdrawTo based on recipient address
• Validate fuzz boundaries: Confirm that amount bounds (1-1,000,000) and gas limit bounds (21,000-1,000,000) are appropriate and don't exclude important edge cases
• Run heavy fuzz testing: Execute FOUNDRY_PROFILE=ciheavy forge test --match-path test/L2/L2StandardBridge.t.sol --match-test "testFuzz_withdraw_withdrawingERC20_succeeds|testFuzz_withdrawTo_withdrawingERC20_succeeds" to catch potential edge case failures

Notes

• This addresses alcueca's feedback about missing _preBridgeERC20 logic in fuzz tests and code duplication concerns
• The refactoring eliminates ~80 lines of duplicated code while maintaining identical test coverage
• All 25 tests pass locally and the critical "contracts-bedrock-tests-heavy-fuzz-modified" CI check now passes
• Link to Devin run: https://app.devin.ai/sessions/970ca21f44774d2694ab3dc1946f9a32
• Requested by: @aliersh

[devin-ai-integration]

🤖 Devin AI Engineer

I'll be helping with this pull request! Here's what you should know:

✅ I will automatically:

• Address comments on this PR. Add '(aside)' to your comment to have me ignore it.
• Look at CI failures and help fix them

Note: I can only respond to comments from users who have write access to this repository.

⚙️ Control Options:

• Disable automatic comment and CI monitoring

[tynes]

nice

[codecov]

Codecov Report

✅ All modified and coverable lines are covered by tests.
✅ Project coverage is 95.84%. Comparing base (8328a42) to head (8a3c6ff).
⚠️ Report is 43 commits behind head on develop.

Additional details and impacted files

@@           Coverage Diff            @@
##           develop   #17347   +/-   ##
========================================
  Coverage    95.84%   95.84%           
========================================
  Files          110      110           
  Lines         5102     5102           
========================================
  Hits          4890     4890           
  Misses         212      212           

Flag	Coverage Δ
contracts-bedrock-tests	95.84% <ø> (ø)

Flags with carried forward coverage won't be shown. Click here to find out more.

🚀 New features to boost your workflow:

• ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.
• 📦 JS Bundle Analysis: Save yourself from yourself by tracking and limiting bundle sizes in JS merges.

[smartcontracts]

nice good pr

[smartcontracts]

devin you need to run forge fmt to format this

[aliersh]

DevinAI, there are failed CI checks. Fix them.

[alcueca]

Devinai, this is missing a lot of the logic included in _preBridgeERC20, are we sure we don't need that logic anymore?

Also, now we have a lot more lines and code repeated between both tests and assumedly _preBridgeERC20.

Maybe we should first see if we need to refactor _preBridgeERC20, and what is best in terms of code economy and clarity.

[alcueca]

It doesn't make sense to have this deal inside a _expectERC20WithdrawalCalls function.

[smartcontracts]

devinai same as above

[alcueca]

It doesn't make sense to have this vm.prank at the end of a _expectERC20WithdrawalCalls function.

[alcueca]

This is an unclear condition to discriminate between withdraw and withdrawTo. Maybe pass an enum as an argument to do that job.

[smartcontracts]

devinai agree it's weird to have alice here hard-coded, if anything this should be both a boolean input as well as having the recipient address be an input

[alcueca]

I think that the tests should implement deal and vm.prank themselves and call _expectWithdrawalCallsAndEvents.

[smartcontracts]

devinai I agree here, it's weird to have an expect (assertion) function doing stateful things that manipulate the test state, leave the tests to do that

[alcueca]

Tbh, at this point I would refactor the other four tests that use _preBridgeERC20 or _preBridgeERC20To, and deprecate these two functions. Otherwise we leave a half done refactor which is worse than no refactor at all.

[smartcontracts]

devinai agreed, no reason for these functions anymore