Skip to content

Read fee values from kvstore in the escrow contract#3812

Open
portuu3 wants to merge 24 commits intodevelopfrom
escrow-fee-kvstore
Open

Read fee values from kvstore in the escrow contract#3812
portuu3 wants to merge 24 commits intodevelopfrom
escrow-fee-kvstore

Conversation

@portuu3
Copy link
Collaborator

@portuu3 portuu3 commented Mar 4, 2026

Issue tracking

Closes #3811

Context behind the change

  • Core contracts:

    • Update Escrow.setup(...) to remove fee arguments and fetch per-oracle fee from KVStore.get(oracle, "fee").
    • Add/keep parsing and validation in escrow for KVStore fee values:
      • non-empty numeric string required
      • per-oracle max fee enforcement (<= 25)
      • total fees still bounded (<= 100)
    • Add kvstore dependency to escrow deployment path:
      • pass KVStore address to Escrow constructor
      • store KVStore address in EscrowFactory
      • update EscrowFactory.initialize(...) to accept _kvstore
      • add setKVStoreAddress(...) admin method for upgrades.
    • Update interfaces/signatures:
      • IEscrow.setup(...) without fee params
      • EscrowFactory.createFundAndSetupEscrow(...) without fee params.
    • Ensure upgrade compatibility:
      • append storage vars only
      • adjust storage gap accordingly.
    • Update deployment scripts to provide KVStore address when deploying factory.

  • TypeScript SDK:

    • Remove fee argument passing from EscrowClient.setup(...) and createFundAndSetupEscrow(...).
    • Remove client-side fee validation for these methods (fees now validated on-chain via KVStore).
    • Keep config fee fields optional for backward compatibility.
    • Update tests and docs/examples to new signatures.

  • Python SDK:

    • Remove fee argument passing from escrow setup and create_fund_and_setup_escrow.
    • Keep fee fields optional/deprecated in EscrowConfig for compatibility, but ignore them in calls.
    • Update unit tests and docs/examples to reflect new API.

How has this been tested?

  • Deploy on Amoy testnet
  • Run core compile/tests for escrow/factory/staking.
  • Run TS SDK escrow tests + build.
  • Run Python static checks/tests in available environment.
  • Run repo lint and resolve any new lint config dependency gaps.

Release plan

  • Upgrade proxy in all networks and set kvstore address

Potential risks; What to monitor; Rollback plan

  • Contracts incompatibility

portuu3 and others added 6 commits February 20, 2026 10:35
@portuu3
remove HMToken related entities and handlers from subgraph
37c51d4
@flopez7
Add Human HMT statistics subgraph
f7568d2 
- Introduced a dedicated subgraph to index HMToken statistics.
- Updated network configurations for Ethereum, BSC, Polygon, and Sepolia.
- Implemented event handlers for Transfer, Approval, BulkTransfer, and BulkApproval events.
- Created entities for HMTokenStatistics, Holder, UniqueSender, UniqueReceiver, and EventDayData.
- Added tests to validate statistics calculations and daily metrics.
- Included necessary configurations, scripts, and dependencies in package.json.
- Set up ESLint and Prettier configurations for code quality.
-Updated TS SDK with new Subgraph data
@flopez7
integrate HMT subgraph support and update related queries in Python SDK
91d10db
@flopez7
Generated changeset for SDKs
543e99b
@flopez7
Move subgraphs into new /subgraph folder
b494158
@portuu3
Read fee values from kvstore in the escrow contract
a3f4ff2
@portuu3 portuu3 self-assigned this Mar 4, 2026
@vercel
Copy link

vercel bot commented Mar 4, 2026
edited
Loading

The latest updates on your projects. Learn more about Vercel for GitHub.

5 Skipped Deployments
Project Deployment Actions Updated (UTC)
faucet-frontend Ignored Ignored Preview Mar 10, 2026 2:11pm
faucet-server Ignored Ignored Preview Mar 10, 2026 2:11pm
human-app Skipped Skipped Mar 10, 2026 2:11pm
human-dashboard-frontend Skipped Skipped Mar 10, 2026 2:11pm
staking-dashboard Skipped Skipped Mar 10, 2026 2:11pm

Request Review

@portuu3 portuu3 requested review from Dzeranov and dnechay March 4, 2026 13:02
dnechay
dnechay reviewed Mar 4, 2026
View reviewed changes
Copy link
Collaborator

@dnechay dnechay left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Don't forget to add changesets

Dzeranov
Dzeranov reviewed Mar 4, 2026
View reviewed changes
@portuu3 portuu3 requested review from Dzeranov and dnechay March 4, 2026 16:41
@vercel vercel bot temporarily deployed to Preview – human-dashboard-frontend March 5, 2026 12:21 Inactive
@vercel vercel bot temporarily deployed to Preview – human-app March 5, 2026 12:21 Inactive
@vercel vercel bot temporarily deployed to Preview – staking-dashboard March 5, 2026 12:21 Inactive
dnechay
dnechay reviewed Mar 5, 2026
View reviewed changes
Copy link
Collaborator

@dnechay dnechay left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

lgtm in general, some minor questions

@vercel vercel bot temporarily deployed to Preview – human-dashboard-frontend March 5, 2026 14:14 Inactive
@vercel vercel bot temporarily deployed to Preview – human-app March 5, 2026 14:14 Inactive
@vercel vercel bot temporarily deployed to Preview – human-app March 9, 2026 11:36 Inactive
@vercel vercel bot temporarily deployed to Preview – staking-dashboard March 9, 2026 11:36 Inactive
github-advanced-security[bot]
github-advanced-security bot found potential problems Mar 9, 2026
View reviewed changes
@flopez7 flopez7 force-pushed the escrow-fee-kvstore branch from 2355735 to 6226ef1 Compare March 10, 2026 09:08
github-advanced-security[bot]
github-advanced-security bot found potential problems Mar 10, 2026
View reviewed changes
.github/workflows/cd-subgraph-hmt.yaml Outdated

Check warning

Code scanning / CodeQL

Workflow does not contain permissions Medium

Actions job or workflow does not limit the permissions of the GITHUB_TOKEN. Consider setting an explicit permissions block, using the following as a minimal starting point: {contents: read}

Copilot Autofix

AI about 6 hours ago

In general, the fix is to explicitly limit the GITHUB_TOKEN permissions in this workflow to the minimum required. Since this workflow only checks out code and interacts with external services using a secret API key, it can safely run with read-only repository access. The minimal, recommended baseline is contents: read. We can add this either at the workflow root (so it applies to all jobs) or under the specific subgraph job. To avoid changing functionality, we should not grant any unnecessary write scopes.

The single best fix here is to add a top-level permissions: block immediately after the name: (or on:) section, setting contents: read. This will constrain GITHUB_TOKEN for the entire workflow without altering any steps or behavior, because none of them currently rely on elevated GitHub API permissions. Concretely, in .github/workflows/cd-subgraph-hmt.yaml, insert:

permissions:
  contents: read

between the existing name: HMT Subgraph Deployment and on: (or just after on: if you prefer), keeping indentation consistent with other top-level keys.

Suggested changeset 1
.github/workflows/cd-subgraph-hmt.yaml

Autofix patch

Autofix patch
Run the following command in your local git repository to apply this patch
cat << 'EOF' | git apply
diff --git a/.github/workflows/cd-subgraph-hmt.yaml b/.github/workflows/cd-subgraph-hmt.yaml
--- a/.github/workflows/cd-subgraph-hmt.yaml
+++ b/.github/workflows/cd-subgraph-hmt.yaml
@@ -1,5 +1,8 @@
 name: HMT Subgraph Deployment
 
+permissions:
+  contents: read
+
 on:
   workflow_dispatch:
     inputs:
EOF
@@ -1,5 +1,8 @@
name: HMT Subgraph Deployment

permissions:
contents: read

on:
workflow_dispatch:
inputs:
Copilot is powered by AI and may make mistakes. Always verify output.
.github/workflows/cd-subgraph-human.yaml
Comment on lines +15 to +73
name: Deploy Human Protocol Subgraph
runs-on: ubuntu-latest
strategy:
matrix:
network:
- name: amoy
- name: bsc-testnet
- name: bsc
- name: ethereum
- name: polygon
- name: sepolia
fail-fast: true
max-parallel: 3
steps:
- uses: actions/checkout@v6
- uses: actions/setup-node@v6
with:
node-version-file: .nvmrc
cache: yarn
- name: Filter Networks
id: filter_networks
run: |
INPUT_NETWORKS="${{ github.event.inputs.networks }}"
IFS=',' read -ra NETWORK_LIST <<< "$INPUT_NETWORKS"
echo "Input networks: $INPUT_NETWORKS"
echo "Current matrix network: ${{ matrix.network.name }}"
MATCH=false
for network in "${NETWORK_LIST[@]}"; do
if [[ "${network}" == "${{ matrix.network.name }}" ]]; then
MATCH=true
break
fi
done
echo "Match found: $MATCH"
echo "continue=$MATCH" >> "$GITHUB_OUTPUT"
- name: Install dependencies
if: steps.filter_networks.outputs.continue == 'true'
run: yarn workspaces focus @tools/subgraph-human-protocol
- name: Build packages (scoped)
if: steps.filter_networks.outputs.continue == 'true'
run: yarn workspaces foreach -Rpt --from @tools/subgraph-human-protocol run build
- name: Generate and build Subgraph
if: steps.filter_networks.outputs.continue == 'true'
run: yarn generate && yarn build
working-directory: ./packages/subgraph/human-protocol
env:
NETWORK: ${{ matrix.network.name }}
- name: Authenticate & Deploy
if: steps.filter_networks.outputs.continue == 'true'
env:
API_KEY: ${{ secrets.HP_GRAPH_API_KEY }}
NETWORK: ${{ matrix.network.name }}
LABEL: ${{ github.event.inputs.label }}
working-directory: ./packages/subgraph/human-protocol
run: |
yarn dlx @graphprotocol/graph-cli@0.71.2 \
auth --studio "$API_KEY"
yarn dlx @graphprotocol/graph-cli@0.71.2 \
deploy --studio human-${NETWORK} -l ${LABEL}

Check warning

Code scanning / CodeQL

Workflow does not contain permissions Medium

Actions job or workflow does not limit the permissions of the GITHUB_TOKEN. Consider setting an explicit permissions block, using the following as a minimal starting point: {contents: read}

Copilot Autofix

AI about 6 hours ago

In general, the fix is to add an explicit permissions: block to the workflow (either at the top level or for the specific job) that grants only the minimal permissions required. Since this workflow checks out code and builds/deploys to an external Graph protocol service and does not interact with GitHub resources (issues, PRs, etc.), contents: read is sufficient for GITHUB_TOKEN, and other scopes can be omitted.

The best fix with minimal functional impact is to add a top-level permissions: block right after the name: or on: section in .github/workflows/cd-subgraph-human.yaml, setting contents: read. This will apply to all jobs (there is only subgraph) that do not override permissions. No changes to the steps, environment variables, or external behavior are needed.

Concretely:

  • Edit .github/workflows/cd-subgraph-human.yaml.
  • Insert:
permissions:
  contents: read

after the name: line (line 1) or after the on: block. This documents and enforces least-privilege token usage without changing the workflow logic.

Suggested changeset 1
.github/workflows/cd-subgraph-human.yaml

Autofix patch

Autofix patch
Run the following command in your local git repository to apply this patch
cat << 'EOF' | git apply
diff --git a/.github/workflows/cd-subgraph-human.yaml b/.github/workflows/cd-subgraph-human.yaml
--- a/.github/workflows/cd-subgraph-human.yaml
+++ b/.github/workflows/cd-subgraph-human.yaml
@@ -1,5 +1,8 @@
 name: Human Protocol Subgraph Deployment
 
+permissions:
+  contents: read
+
 on:
   workflow_dispatch:
     inputs:
EOF
@@ -1,5 +1,8 @@
name: Human Protocol Subgraph Deployment

permissions:
contents: read

on:
workflow_dispatch:
inputs:
Copilot is powered by AI and may make mistakes. Always verify output.
@vercel vercel bot temporarily deployed to Preview – human-app March 10, 2026 14:09 Inactive
@vercel vercel bot temporarily deployed to Preview – staking-dashboard March 10, 2026 14:09 Inactive
@vercel vercel bot temporarily deployed to Preview – staking-dashboard March 10, 2026 14:11 Inactive
@vercel vercel bot temporarily deployed to Preview – human-dashboard-frontend March 10, 2026 14:11 Inactive
@vercel vercel bot temporarily deployed to Preview – human-app March 10, 2026 14:11 Inactive
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@dnechay dnechay dnechay left review comments

@Dzeranov Dzeranov Awaiting requested review from Dzeranov

At least 1 approving review is required to merge this pull request.

Assignees

@portuu3 portuu3

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

[Core] Read fee values from kvstore in the escrow contract

4 participants

@portuu3 @dnechay @Dzeranov @flopez7