🔨 contracts: support hyperlane on redeployer

[itofarina]

Summary by CodeRabbit

• New Features

  • Deployable/upgradeable EXA routers, router setup flows, and a governance scheduling flow to propose/grant bridge roles.

• Tests

  • New multi-domain integration tests covering round-trip transfers and access-control reverts; many gas snapshot updates; tightened a deployment expectation to zero supply.

• Chores

  • Added mailbox/exactly account mappings, updated dev dependencies and import remappings, and adjusted build settings.

• Style/Docs

  • Minor spelling dictionary and changelog additions.

---

[changeset-bot]

🦋 Changeset detected

Latest commit: ac57e92

The changes in this PR will be included in the next version bump.

This PR includes changesets to release 0 packages

When changesets are added to this PR, you'll see the packages that this PR includes changesets for and the associated semver types

Not sure what this means? Click here to learn what changesets are.

Click here if you're a maintainer who wants to add another changeset to this PR

[coderabbitai]

Warning

Rate limit exceeded

@itofarina has exceeded the limit for the number of commits that can be reviewed per hour. Please wait 49 minutes and 56 seconds before requesting another review.

Your organization is not enrolled in usage-based pricing. Contact your admin to enable usage-based pricing to continue reviews beyond the rate limit, or try again in 49 minutes and 56 seconds.

⌛ How to resolve this issue?

After the wait time has elapsed, a review can be triggered using the @coderabbitai review command as a PR comment. Alternatively, push new commits to this PR.

We recommend that you space out your commits to avoid hitting the rate limit.

🚦 How do rate limits work?

CodeRabbit enforces hourly rate limits for each developer per organization.

Our paid plans have higher rate limits than the trial, open-source and free plans. In all cases, we re-allow further reviews after a brief timeout.

Please see our FAQ for further information.

ℹ️ Review info

⚙️ Run configuration

Configuration used: Organization UI

Review profile: ASSERTIVE

Plan: Pro

Run ID: 174e1ce9-e7f2-4205-8f87-8891075449d6

📥 Commits

Reviewing files that changed from the base of the PR and between 476de3b and ac57e92.

📒 Files selected for processing (3)

• contracts/.gas-snapshot
• contracts/script/Redeployer.s.sol
• contracts/test/HypEXA.t.sol

Walkthrough

Adds Hyperlane/mailbox addresses and remappings, pins/updates dev dependencies, refreshes gas snapshots, extends the Redeployer script with EXA/router deploy & upgrade + role scheduling, adds a forked multi-chain HypEXA test suite, tweaks one Redeployer test expectation, and introduces minor config/wordlist files; no public signatures were removed.

Changes

Cohort / File(s)	Summary
Dependencies & Config contracts/package.json, contracts/remappings.txt, package.json, cspell.json	Pinned @exactly/protocol to a commit, added @hyperlane-xyz/core, added remappings for Hyperlane/Exactly imports, switched pnpm build config to onlyBuiltDependencies, and added spellcheck words.
Deployment Metadata contracts/deploy.json	Added accounts.exactly entries and accounts.mailbox addresses for chains 10, 137, and 8453.
Redeployer / Scripts contracts/script/Redeployer.s.sol	Added new external functions: deployEXAImpl(), upgradeEXA(address), deployRouter(address), setupRouter(uint32), proposeBridgeRole(address,bytes32); adjusted deploy flow to capture admin and call initialize2; introduced router-related reverts.
Tests — New contracts/test/HypEXA.t.sol	New forked HypEXATest suite deploying/configuring routers across OP/BASE/POLYGON with round-trip transfer tests and BRIDGE_ROLE revoke/propose scheduling tests.
Tests — Updated contracts/test/Redeployer.t.sol	Adjusted test_deployEXA_deploysAtSameAddress_onBase to assert totalSupply() == 0 post-deploy.
Gas Snapshots contracts/.gas-snapshot	Refreshed and added numerous gas baseline entries (ExaAccountFactoryTest, ExaPluginTest, HypEXATest, RedeployerTest) — only snapshot value changes.
Changelog / Metadata .changeset/beige-sails-worry.md	Added an empty changeset placeholder file.

Sequence Diagram

sequenceDiagram
    participant OP as OP Chain
    participant OPRouter as OP Router
    participant Hyperlane as Hyperlane Mailbox
    participant BaseRouter as BASE Router
    participant BASE as BASE Chain
    participant PolyRouter as POLYGON Router

    OP->>OPRouter: transferRemote(amount, remoteDomain, payload)
    OPRouter->>Hyperlane: sendMessage(payload)
    Hyperlane->>BaseRouter: deliverMessage(payload)
    BaseRouter->>BASE: handle(message) -> mint/credit/burn
    BaseRouter->>Hyperlane: (optional) send response
    Hyperlane->>OPRouter: deliverAck/response
    OPRouter->>OP: finalize (update balances/supply)

Loading

Estimated code review effort

🎯 4 (Complex) | ⏱️ ~60 minutes

Possibly related PRs

• ✨ contracts: redeployer #807: Overlapping Redeployer, router and test changes touching Redeployer scripts and cross-chain tests.

Suggested reviewers

• cruzdanilo
• Mateo-Soso

🚥 Pre-merge checks | ✅ 4

✅ Passed checks (4 passed)

Check name	Status	Explanation
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.
Title check	✅ Passed	The title accurately describes the main change: adding Hyperlane support to the Redeployer contract with new router deployment and configuration functions.
Linked Issues check	✅ Passed	Check skipped because no linked issues were found for this pull request.
Out of Scope Changes check	✅ Passed	Check skipped because no linked issues were found for this pull request.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing Touches

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Commit unit tests in branch hyperlane

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[gemini-code-assist]

Summary of Changes

Hello, I'm Gemini Code Assist¹! I'm currently reviewing this pull request and will post my feedback shortly. In the meantime, here's a summary to help you and other reviewers quickly get up to speed!

This pull request significantly enhances the project's interoperability by integrating Hyperlane, a cross-chain communication protocol. The changes enable the EXA token to be bridged and managed across different blockchain domains, expanding its utility and reach. This involved updating core dependencies, modifying deployment processes to include Hyperlane-specific components, and adding comprehensive tests to ensure the robustness of the new cross-chain capabilities.

Highlights

• Hyperlane Integration: Integrated Hyperlane for cross-chain functionality, enabling the EXA token to be transferred and managed across multiple blockchain networks.
• Deployment and Configuration Updates: Introduced new deployment scripts and configuration settings to facilitate the deployment and setup of Hyperlane routers and an Hyperlane-compatible EXA token.
• New Cross-Chain Test Suite: Added a dedicated test suite to verify the end-to-end functionality of cross-chain EXA token transfers via Hyperlane, including round-trip scenarios and access control.
• Dependency Management: Updated project dependencies to include the Hyperlane core library and adjusted existing dependency configurations for compatibility.

Changelog

• contracts/.gas-snapshot
  • Updated gas consumption benchmarks for various ExaPluginTest and RedeployerTest functions.
• contracts/deploy.json
  • Added Hyperlane mailbox addresses for Optimism (10), Polygon (137), and Base (8453) domains.
• contracts/package.json
  • Updated the @exactly/protocol dependency to a specific commit hash.
  • Added the @hyperlane-xyz/core dependency for Hyperlane integration.
• contracts/remappings.txt
  • Added a remapping for @exactly/protocol to @openzeppelin/contracts.
  • Configured a remapping for @hyperlane-xyz to its node_modules path.
• contracts/script/Redeployer.s.sol
  • Imported HypERC20Collateral and HypXERC20 from the Hyperlane core library.
  • Modified deployEXA to include an initialize2 call for the EXA token.
  • Added deployEXAImpl to deploy the latest EXA implementation.
  • Implemented upgradeEXA to upgrade an existing EXA proxy.
  • Introduced deployRouter to deploy a HypXERC20 router for cross-chain transfers.
  • Added setupRouter to configure the Hyperlane router with remote domains and grant necessary roles.
• contracts/test/HypEXA.t.sol
  • Added a new test file for HypEXA to validate cross-chain functionality.
  • Included tests for test_roundTrip_opToBaseToOp and test_roundTrip_opToPolygonToBaseToOp to verify token bridging.
  • Added tests to ensure transferRemote and handle revert without the BRIDGE_ROLE.
• contracts/test/Redeployer.t.sol
  • Adjusted the assertion for totalSupply in test_deployEXA_deploysAtSameAddress_onBase to expect zero initial supply.
• cspell.json
  • Added 'hyperlane' and 'XERC' to the spellcheck dictionary.
• package.json
  • Changed neverBuiltDependencies to onlyBuiltDependencies for @exactly/protocol.

Activity

• No specific activity (comments, reviews, or progress updates) has been recorded for this pull request yet.

Using Gemini Code Assist

The full guide for Gemini Code Assist can be found on our documentation page, here are some quick tips.

Invoking Gemini

You can request assistance from Gemini at any point by creating a comment using either /gemini <command> or @gemini-code-assist <command>. Below is a summary of the supported commands on the current page.

Feature	Command	Description
Code Review	/gemini review	Performs a code review for the current pull request in its current state.
Pull Request Summary	/gemini summary	Provides a summary of the current pull request in its current state.
Comment	@gemini-code-assist	Responds in comments when explicitly tagged, both in pull request comments and review comments.
Help	/gemini help	Displays a list of available commands.

Customization

To customize Gemini Code Assist for GitHub experience, repository maintainers can create a configuration file and/or provide a custom code review style guide (such as PEP-8 for Python) by creating and adding files to a .gemini/ folder in the base of the repository. Detailed instructions can be found here.

Limitations & Feedback

Gemini Code Assist may make mistakes. Please leave feedback on any instances where its feedback is incorrect or counter productive. You can react with 👍 and 👎 on @gemini-code-assist comments. If you're interested in giving your feedback about your experience with Gemini Code Assist for Github and other Google products, sign up here.

You can also get AI-powered code generation, chat, as well as code reviews directly in the IDE at no cost with the Gemini Code Assist IDE Extension.

Footnotes

1. Review the Privacy Notices, Generative AI Prohibited Use Policy, Terms of Service, and learn how to configure Gemini Code Assist in GitHub here. Gemini can make mistakes, so double check it and use code with caution. ↩

[sentry]

✅ All tests passed.

[coderabbitai]

♻️ Duplicate comments (3)

contracts/script/Redeployer.s.sol (3)

96-149: ⚠️ Potential issue | 🟠 Major

Run forge fmt on this file to unblock CI.

The pipeline is currently failing nx run @exactly/plugin:test:fmt due to formatting differences in this file.

As per coding guidelines **/*.sol: Follow Solhint rules strictly and use Forge fmt for code formatting.

---

113-121: ⚠️ Potential issue | 🟠 Major

Fail fast when EXA implementation is missing before upgradeEXA.

Line 120 upgrades to address(exa) without checking code presence, which defers failure to a less actionable downstream revert.

Proposed fix

 function upgradeEXA(address proxy) external {
   address admin = acct("admin");
+  if (address(exa).code.length == 0) revert EXAImplementationNotDeployed();
   ProxyAdmin p = ProxyAdmin(address(uint160(uint256(
       vm.load(proxy, bytes32(uint256(keccak256("eip1967.proxy.admin")) - 1))
   ))));
   vm.broadcast(p.owner());
   p.upgradeAndCall(
     ITransparentUpgradeableProxy(proxy), address(exa), abi.encodeCall(EXA.initialize2, (admin))
   );
 }
@@
 error ProxyAdminNotDeployed();
 error TargetNonceTooLow();
+error EXAImplementationNotDeployed();

---

124-130: 🛠️ Refactor suggestion | 🟠 Major

Align CREATE3 salt derivation with token (or remove token from the API).

Line 129 hardcodes "HypEXA" even though the function accepts a token; that creates deterministic-slot collisions for multi-token use, and Line 145 resolves that same fixed slot.

Proposed refactor

 function deployRouter(address token) external returns (HypXERC20 router) {
@@
-        keccak256(abi.encode("HypEXA")),
+        keccak256(abi.encode("HypEXA", token)),
@@
 function setupRouter(address token, uint32 remoteDomain) external {
   address admin = acct("admin");
-  address router = CREATE3_FACTORY.getDeployed(admin, keccak256(abi.encode("HypEXA")));
+  address router = CREATE3_FACTORY.getDeployed(admin, keccak256(abi.encode("HypEXA", token)));

Also applies to: 145-145

---

ℹ️ Review info

Configuration used: Organization UI

Review profile: ASSERTIVE

Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between adceeef and 7727570.

📒 Files selected for processing (5)

• .changeset/beige-sails-worry.md
• contracts/.gas-snapshot
• contracts/deploy.json
• contracts/script/Redeployer.s.sol
• contracts/test/HypEXA.t.sol

[coderabbitai]

♻️ Duplicate comments (3)

contracts/script/Redeployer.s.sol (3)

121-127: 🛠️ Refactor suggestion | 🟠 Major

deployRouter ignores token in the deterministic salt, making reuse collision-prone.

The function accepts token but always uses the fixed "HypEXA" slot. Reusing it for another token collides on the same CREATE3 address.

Proposed refactor

-        keccak256(abi.encode("HypEXA")),
+        keccak256(abi.encode("HypEXA", token)),
@@
-    address router = CREATE3_FACTORY.getDeployed(admin, keccak256(abi.encode("HypEXA")));
+    address router = CREATE3_FACTORY.getDeployed(admin, keccak256(abi.encode("HypEXA", token)));

Also applies to: 142-142

---

140-146: ⚠️ Potential issue | 🟠 Major

setupRouter should fail fast if the deterministic router address is not deployed.

getDeployed can resolve an address before code exists. Without a code-length guard, role/config steps can silently target an undeployed address path.

Proposed fix

 function setupRouter(address token, uint32 remoteDomain) external {
   address admin = acct("admin");
   address router = CREATE3_FACTORY.getDeployed(admin, keccak256(abi.encode("HypEXA")));
+  if (router.code.length == 0) revert RouterNotDeployed();
   vm.startBroadcast(admin);
   EXA(token).grantRole(keccak256("BRIDGE_ROLE"), router);
   HypXERC20(router).enrollRemoteRouter(remoteDomain, bytes32(uint256(uint160(router))));
   vm.stopBroadcast();
 }
@@
 error TargetNonceTooLow();
+error RouterNotDeployed();

---

113-119: ⚠️ Potential issue | 🟠 Major

upgradeEXA should guard against missing EXA implementation deployment.

The upgrade path uses address(exa) directly; adding an explicit code-length guard gives a clearer, earlier failure mode.

Proposed fix

 function upgradeEXA(address proxy) external {
   address admin = acct("admin");
+  if (address(exa).code.length == 0) revert EXAImplementationNotDeployed();
   ProxyAdmin p =
     ProxyAdmin(address(uint160(uint256(vm.load(proxy, bytes32(uint256(keccak256("eip1967.proxy.admin")) - 1))))));
   vm.broadcast(p.owner());
   p.upgradeAndCall(ITransparentUpgradeableProxy(proxy), address(exa), abi.encodeCall(EXA.initialize2, (admin)));
 }
@@
 error TargetNonceTooLow();
+error EXAImplementationNotDeployed();

---

ℹ️ Review info

Configuration used: Organization UI

Review profile: ASSERTIVE

Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between 7727570 and c7187e5.

📒 Files selected for processing (5)

• .changeset/beige-sails-worry.md
• contracts/.gas-snapshot
• contracts/deploy.json
• contracts/script/Redeployer.s.sol
• contracts/test/HypEXA.t.sol

[devin-ai-integration]

Devin Review found 1 new potential issue.

View 7 additional findings in Devin Review.

[devin-ai-integration]

🚩 onlyBuiltDependencies restricts install scripts to @exactly/protocol only

The change from "neverBuiltDependencies": [] (empty blocklist — all packages can run scripts) to "onlyBuiltDependencies": ["@exactly/protocol"] (allowlist — only @exactly/protocol runs scripts) is a significant behavioral shift. This blocks install/build scripts for ALL other dependencies including the newly added @hyperlane-xyz/core. This is likely intentional since @exactly/protocol changed from an npm published package (^0.2.22) to a git commit reference (exactly/protocol#5833408) that needs a build step, and @hyperlane-xyz/core is a Solidity library that typically doesn't need post-install scripts. However, if any future dependency requires build scripts, they would silently fail to run.

---

Was this helpful? React with 👍 or 👎 to provide feedback.

[coderabbitai]

Caution

Failed to replace (edit) comment. This is likely due to insufficient permissions or the comment being deleted.

Error details

{}

[coderabbitai]

Caution

Failed to replace (edit) comment. This is likely due to insufficient permissions or the comment being deleted.

Error details

{}

[chatgpt-codex-connector]

💡 Codex Review

Here are some automated review suggestions for this pull request.

Reviewed commit: 476de3b6c0

ℹ️ About Codex in GitHub

Codex has been enabled to automatically review pull requests in this repo. Reviews are triggered when you

• Open a pull request for review
• Mark a draft as ready
• Comment "@codex review".

If Codex has suggestions, it will comment; otherwise it will react with 👍.

When you sign up for Codex through ChatGPT, Codex can also answer questions or update the PR, like "@codex address that feedback".

[chatgpt-codex-connector]

Route setup through a signer account instead of exactly

setupRouter sends the enrollment transaction with vm.broadcast(acct("exactly")), but for the supported OP/Base configs this account is the protocol owner Safe, not a key-controlled EOA. In real forge script --broadcast runs, this sender cannot be signed, so enrollRemoteRouter never lands on-chain even though fork tests pass (tests can impersonate any address). Use a signer-controlled updater path (or governance proposal flow) for enrollment instead of broadcasting directly from the owner Safe.

Useful? React with 👍 / 👎.

[chatgpt-codex-connector]

Avoid broadcasting EXA upgrades from ProxyAdmin.owner()

upgradeEXA uses vm.broadcast(p.owner()) as the sender. On deployments where the proxy admin owner is a contract wallet (e.g., timelock/safe), this makes the upgrade path non-executable in production because there is no private key to sign from that address; only fork-style impersonation succeeds. This function should route upgrades through a proposer/executor governance flow or require an actual signer account.

Useful? React with 👍 / 👎.

[devin-ai-integration]

Devin Review found 1 new potential issue.

View 12 additional findings in Devin Review.

[devin-ai-integration]

🚩 No deploy.json entry for exactly account on Polygon (chain 137)

The new exactly account in contracts/deploy.json:15-18 only has entries for chains 10 (OP) and 8453 (Base), but not for 137 (Polygon). The mailbox entry at contracts/deploy.json:47-49 does include Polygon. If deployRouter or setupRouter were called on Polygon in production, acct("exactly") would fall through to the default key lookup, which also doesn't exist for exactly, causing a revert in the JSON parsing. The test handles this correctly with set("exactly", makeAddr("exactly")) at contracts/test/HypEXA.t.sol:43. This is likely intentional if the exactly multisig hasn't been established on Polygon yet, but worth confirming.

---

Was this helpful? React with 👍 or 👎 to provide feedback.