DRAFT: feat: all networks timelock migration + vaults upgrades

[kostyamospan]

No description provided.

[gemini-code-assist]

Summary of Changes

Hello @kostyamospan, I'm Gemini Code Assist¹! I'm currently reviewing this pull request and will post my feedback shortly. In the meantime, here's a summary to help you and other reviewers quickly get up to speed!

This pull request integrates essential updates for the Base and HyperEVM networks, primarily focusing on contract upgrades. It involves updating network-specific addresses, configuring timelock parameters for secure operations, and enabling comprehensive upgrade capabilities for these chains. The changes ensure that the system is prepared for future deployments and maintains robust security practices.

Highlights

• New Timelock Addresses: Added new timelock contract addresses for both Base and HyperEVM networks within the addresses.ts configuration file.
• Updated Redemption Vault Naming: Renamed the redemptionVault key to redemptionVaultSwapper for the mTBILL configuration on the Base network in addresses.ts.
• Timelock Configuration for Networks: Introduced timelock configurations, including minDelay and proposer addresses, for Base and HyperEVM networks in network-configs.ts.
• Enabled Network Upgrades: Activated all general upgrades for the Base and HyperEVM networks in the upgrade-configs.ts file.
• Refined Validation Logic: Modified the validation condition in timelock.ts from hre.skipValidation !== false to !hre.skipValidation for improved clarity and conciseness.

Using Gemini Code Assist

The full guide for Gemini Code Assist can be found on our documentation page, here are some quick tips.

Invoking Gemini

You can request assistance from Gemini at any point in your pull request via creating an issue comment (i.e. comment on the pull request page) using either /gemini <command> or @gemini-code-assist <command>. Below is a summary of the supported commands.

Feature	Command	Description
Code Review	/gemini review	Performs a code review for the current pull request in its current state.
Pull Request Summary	/gemini summary	Provides a summary of the current pull request in its current state.
Comment	@gemini-code-assist	Responds in comments when explicitly tagged, both in issue comments and review comments.
Help	/gemini help	Displays a list of available commands.

Customization

To customize Gemini Code Assist for GitHub experience, repository maintainers can create a configuration file and/or provide a custom code review style guide (such as PEP-8 for Python) by creating and adding files to a .gemini/ folder in the base of the repository. Detailed instructions can be found here.

Limitations & Feedback

Gemini Code Assist may make mistakes. Please leave feedback on any instances where its feedback is incorrect or counter productive. You can react with 👍 and 👎 on @gemini-code-assist comments. If you're interested in giving your feedback about your experience with Gemini Code Assist for Github and other Google products, sign up here.

You can also get AI-powered code generation, chat, as well as code reviews directly in the IDE at no cost with the Gemini Code Assist IDE Extension.

Footnotes

1. Review the Privacy Notices, Generative AI Prohibited Use Policy, Terms of Service, and learn how to configure Gemini Code Assist in GitHub here. Gemini can make mistakes, so double check it and use code with caution. ↩

[gemini-code-assist]

Code Review

This pull request introduces configurations for new contract upgrades on the base and hyperevm networks. The changes include adding timelock addresses and deployment configurations, and enabling a batch upgrade for vaults on these networks. My review has identified a couple of potential issues related to address reuse across networks which could pose security and maintainability risks. Specifically, a contract address is used for different purposes on different networks, and a proposer address is shared between two networks. I've provided detailed feedback on these points.

[gemini-code-assist]

The address 0x2a8c22E3b10036f3AEF5875d04f8441d4188b656 is being used for multiple different purposes across networks. For example, it's the mBASIS token on main (line 189), and a redemptionVault for mBASIS on sepolia (line 784). Reusing addresses for different contracts, especially a token and a vault, is highly error-prone and can lead to serious issues. It's strongly recommended to verify if this is a copy-paste error and ensure each contract has a unique address appropriate for its function and network.

[gemini-code-assist]

The proposer address 0xB60842E9DaBCd1C52e354ac30E82a97661cB7E89 for the base network is identical to the one used for the katana network (line 16). Reusing a proposer address across different networks can create a single point of failure and security risk. If the proposer key is compromised, it would affect both networks. It is best practice to use distinct proposer addresses for each network to isolate risks.