superform-xyz · supervaulter · Jan 21, 2026 · Jan 21, 2026 · Jan 22, 2026 · Jan 22, 2026
diff --git a/.github/workflows/claude-code-review.yml b/.github/workflows/claude-code-review.yml
@@ -0,0 +1,56 @@
+name: Claude Code Review
+
+on:
+  pull_request:
+    types: [opened, synchronize]
+    # Optional: Only run on specific file changes
+    # paths:
+    #   - "src/**/*.ts"
+    #   - "src/**/*.tsx"
+    #   - "src/**/*.js"
+    #   - "src/**/*.jsx"
+
+jobs:
+  claude-review:
+    # Optional: Filter by PR author
+    # if: |
+    #   github.event.pull_request.user.login == 'external-contributor' ||
+    #   github.event.pull_request.user.login == 'new-developer' ||
+    #   github.event.pull_request.author_association == 'FIRST_TIME_CONTRIBUTOR'
+
+    runs-on: ubuntu-latest
+    permissions:
+      contents: read
+      pull-requests: write
+      issues: read
+      id-token: write
+
+    steps:
+      - name: Checkout repository
+        uses: actions/checkout@v4
+        with:
+          fetch-depth: 1
+
+      - name: Run Claude Code Review
+        id: claude-review
+        uses: anthropics/claude-code-action@v1
+        with:
+          claude_code_oauth_token: ${{ secrets.CLAUDE_CODE_OAUTH_TOKEN }}
+          prompt: |
+            REPO: ${{ github.repository }}
+            PR NUMBER: ${{ github.event.pull_request.number }}
+
+            Please review this pull request and provide feedback on:
+            - Code quality and best practices
+            - Potential bugs or issues
+            - Performance considerations
+            - Security concerns
+            - Test coverage
+
+            Use the repository's CLAUDE.md for guidance on style and conventions. Be constructive and helpful in your feedback.
+
+            Use `gh pr comment` with your Bash tool to leave your review as a comment on the PR.
+
+          # See https://github.com/anthropics/claude-code-action/blob/main/docs/usage.md
+          # or https://code.claude.com/docs/en/cli-reference for available options
+          claude_args: '--allowed-tools "Bash(gh issue view:*),Bash(gh search:*),Bash(gh issue list:*),Bash(gh pr comment:*),Bash(gh pr diff:*),Bash(gh pr view:*),Bash(gh pr list:*)"'
diff --git a/.github/workflows/claude.yml b/.github/workflows/claude.yml
@@ -0,0 +1,49 @@
+name: Claude Code
+
+on:
+  issue_comment:
+    types: [created]
+  pull_request_review_comment:
+    types: [created]
+  issues:
+    types: [opened, assigned]
+  pull_request_review:
+    types: [submitted]
+
+jobs:
+  claude:
+    if: |
+      (github.event_name == 'issue_comment' && contains(github.event.comment.body, '@claude')) ||
+      (github.event_name == 'pull_request_review_comment' && contains(github.event.comment.body, '@claude')) ||
+      (github.event_name == 'pull_request_review' && contains(github.event.review.body, '@claude')) ||
+      (github.event_name == 'issues' && (contains(github.event.issue.body, '@claude') || contains(github.event.issue.title, '@claude')))
+    runs-on: ubuntu-latest
+    permissions:
+      contents: read
+      pull-requests: write
+      issues: read
+      id-token: write
+      actions: read # Required for Claude to read CI results on PRs
+    steps:
+      - name: Checkout repository
+        uses: actions/checkout@v4
+        with:
+          fetch-depth: 1
+
+      - name: Run Claude Code
+        id: claude
+        uses: anthropics/claude-code-action@v1
+        with:
+          claude_code_oauth_token: ${{ secrets.CLAUDE_CODE_OAUTH_TOKEN }}
+
+          # This is an optional setting that allows Claude to read CI results on PRs
+          additional_permissions: |
+            actions: read
+
+          # Optional: Give a custom prompt to Claude. If this is not specified, Claude will perform the instructions specified in the comment that tagged it.
+          # prompt: 'Update the pull request description to include a summary of changes.'
+
+          # Optional: Add claude_args to customize behavior and configuration
+          # See https://github.com/anthropics/claude-code-action/blob/main/docs/usage.md
+          # or https://code.claude.com/docs/en/cli-reference for available options
+          # claude_args: '--allowed-tools Bash(gh pr:*)'
diff --git a/lib/v2-core b/lib/v2-core
diff --git a/script/ConfigureGovernorAddresses.s.sol b/script/ConfigureGovernorAddresses.s.sol
@@ -0,0 +1,243 @@
+// SPDX-License-Identifier: UNLICENSED
+pragma solidity >=0.8.30;
+
+import { DeployV2Base } from "./DeployV2Base.s.sol";
+import { SuperGovernor } from "../src/SuperGovernor.sol";
+import { console2 } from "forge-std/console2.sol";
+
+/// @title ConfigureGovernorAddresses
+/// @notice Script to register core contract addresses in SuperGovernor
+/// @dev This is a standalone script to set SUPER_VAULT_AGGREGATOR, SUPER_ORACLE, and SUPER_BANK
+///      addresses in SuperGovernor when the deployment script exits early due to all contracts
+///      already being deployed.
+contract ConfigureGovernorAddresses is DeployV2Base {
+    /// @notice Configure SuperGovernor with core contract addresses
+    /// @param env Environment (0 = prod, 1 = test, 2 = staging)
+    /// @param chainId Chain ID for deployment
+    function run(uint256 env, uint64 chainId) external broadcast(env) {
+        _setBaseConfiguration(env, "");
+        _configure(chainId, env);
+    }
+
+    /// @notice Configure SuperGovernor with core contract addresses (with salt namespace)
+    /// @param env Environment (0 = prod, 1 = test, 2 = staging)
+    /// @param chainId Chain ID for deployment
+    /// @param saltNamespace Salt namespace for deployment
+    function run(uint256 env, uint64 chainId, string calldata saltNamespace) external broadcast(env) {
+        _setBaseConfiguration(env, saltNamespace);
+        _configure(chainId, env);
+    }
+
+    function _configure(uint64 chainId, uint256 env) internal {
+        console2.log("=== Configuring SuperGovernor Core Addresses ===");
+        console2.log("Chain ID:", chainId);
+        console2.log("Environment:", env);
+
+        // Read addresses from deployment JSON
+        string memory peripheryJson = _readPeripheryContractsFromOutput(chainId, env);
+
+        if (bytes(peripheryJson).length == 0) {
+            console2.log("ERROR: Could not read periphery deployment file");
+            revert("PERIPHERY_JSON_NOT_FOUND");
+        }
+
+        // Parse addresses from JSON
+        address superGovernor = _safeParseJsonAddress(peripheryJson, ".SuperGovernor");
+        address superVaultAggregator = _safeParseJsonAddress(peripheryJson, ".SuperVaultAggregator");
+        address superOracle = _safeParseJsonAddress(peripheryJson, ".SuperOracle");
+        address superBank = _safeParseJsonAddress(peripheryJson, ".SuperBank");
+        address ecdsappsOracle = _safeParseJsonAddress(peripheryJson, ".ECDSAPPSOracle");
+
+        console2.log("");
+        console2.log("Addresses from deployment file:");
+        console2.log("  SuperGovernor:", superGovernor);
+        console2.log("  SuperVaultAggregator:", superVaultAggregator);
+        console2.log("  SuperOracle:", superOracle);
+        console2.log("  SuperBank:", superBank);
+        console2.log("  ECDSAPPSOracle:", ecdsappsOracle);
+
+        if (superGovernor == address(0)) {
+            console2.log("ERROR: SuperGovernor address not found in deployment file");
+            revert("SUPER_GOVERNOR_NOT_FOUND");
+        }
+
+        SuperGovernor governor = SuperGovernor(superGovernor);
+
+        // Set SuperVaultAggregator
+        if (superVaultAggregator != address(0)) {
+            _setAddressIfNeeded(governor, governor.SUPER_VAULT_AGGREGATOR(), superVaultAggregator, "SUPER_VAULT_AGGREGATOR");
+        } else {
+            console2.log("SKIP: SuperVaultAggregator not in deployment file");
+        }
+
+        // Set SuperOracle
+        if (superOracle != address(0)) {
+            _setAddressIfNeeded(governor, governor.SUPER_ORACLE(), superOracle, "SUPER_ORACLE");
+        } else {
+            console2.log("SKIP: SuperOracle not in deployment file");
+        }
+
+        // Set SuperBank
+        if (superBank != address(0)) {
+            _setAddressIfNeeded(governor, governor.SUPER_BANK(), superBank, "SUPER_BANK");
+        } else {
+            console2.log("SKIP: SuperBank not in deployment file");
+        }
+
+        // Set Active PPS Oracle (ECDSAPPSOracle)
+        if (ecdsappsOracle != address(0)) {
+            _setActivePPSOracleIfNeeded(governor, ecdsappsOracle);
+        } else {
+            console2.log("SKIP: ECDSAPPSOracle not in deployment file");
+        }
+
+        // Set Validator Configuration
+        _setValidatorConfigIfNeeded(governor);
+
+        console2.log("");
+        console2.log("=== Configuration Complete ===");
+    }
+
+    /// @notice Set validator configuration if not already set
+    function _setValidatorConfigIfNeeded(SuperGovernor governor) internal {
+        // Get current validator config
+        (, address[] memory currentValidators,, uint256 currentQuorum) = governor.getValidatorConfig();
+
+        console2.log("");
+        console2.log("Validator Configuration:");
+        console2.log("  Current validator count:", currentValidators.length);
+        console2.log("  Current quorum:", currentQuorum);
+        console2.log("  Expected validator count:", validators.length);
+        console2.log("  Expected quorum:", INITIAL_VALIDATOR_QUORUM);
+
+        // Check if already configured correctly
+        if (currentValidators.length == validators.length && currentQuorum == INITIAL_VALIDATOR_QUORUM) {
+            // Verify all validators match
+            bool allMatch = true;
+            for (uint256 i = 0; i < validators.length; i++) {
+                if (currentValidators[i] != validators[i]) {
+                    allMatch = false;
+                    break;
+                }
+            }
+            if (allMatch) {
+                console2.log("SKIP: Validator configuration already set correctly");
+                return;
+            }
+        }
+
+        // Set validator configuration
+        console2.log("SET: Validator configuration with %s validators", validators.length);
+        governor.setValidatorConfig(
+            INITIAL_VALIDATOR_CONFIG_VERSION,
+            validators,
+            validatorPublicKeys,
+            INITIAL_VALIDATOR_QUORUM,
+            "" // offchainConfig - empty for initial setup
+        );
+        console2.log("SUCCESS: Validator configuration set");
+    }
+
+    /// @notice Set the active PPS oracle if not already set
+    function _setActivePPSOracleIfNeeded(SuperGovernor governor, address expected) internal {
+        // Check if already set correctly
+        try governor.getActivePPSOracle() returns (address current) {
+            if (current == expected) {
+                console2.log("SKIP: Active PPS Oracle already set correctly to %s", current);
+                return;
+            } else {
+                // Already set to different address - requires timelock to change
+                console2.log("WARNING: Active PPS Oracle already set to different address: %s", current);
+                console2.log("WARNING: Use proposeActivePPSOracle + executeActivePPSOracleChange to change it");
+                return;
+            }
+        } catch {
+            // Not set yet - can set directly
+            console2.log("SET: Active PPS Oracle to %s", expected);
+        }
+
+        // Set the active PPS oracle
+        governor.setActivePPSOracle(expected);
+        console2.log("SUCCESS: Active PPS Oracle configured");
+    }
+
+    /// @notice Set an address in SuperGovernor if not already set to the expected value
+    function _setAddressIfNeeded(
+        SuperGovernor governor,
+        bytes32 key,
+        address expected,
+        string memory keyName
+    ) internal {
+        // Check if already set correctly
+        try governor.getAddress(key) returns (address current) {
+            if (current == expected) {
+                console2.log("SKIP: %s already set correctly to %s", keyName, current);
+                return;
+            } else {
+                console2.log("UPDATE: %s from %s to %s", keyName, current, expected);
+            }
+        } catch {
+            console2.log("SET: %s to %s", keyName, expected);
+        }
+
+        // Set the address
+        governor.setAddress(key, expected);
+        console2.log("SUCCESS: %s configured", keyName);
+    }
+
+    /// @notice Read periphery contracts from output files
+    function _readPeripheryContractsFromOutput(uint64 chainId, uint256 env) internal view returns (string memory) {
+        string memory peripheryRoot = vm.projectRoot();
+        string memory chainName = _getChainName(chainId);
+
+        string memory envName;
+        if (env == 0) {
+            envName = "prod";
+        } else if (env == 2) {
+            envName = "staging";
+        } else {
+            envName = "test";
+        }
+
+        string memory outputPath = string(
+            abi.encodePacked(
+                peripheryRoot,
+                "/script/output/",
+                envName,
+                "/",
+                vm.toString(uint256(chainId)),
+                "/",
+                chainName,
+                "-latest.json"
+            )
+        );
+
+        console2.log("Reading from:", outputPath);
+
+        try vm.readFile(outputPath) returns (string memory fileContent) {
+            return fileContent;
+        } catch {
+            console2.log("Failed to read:", outputPath);
+            return "";
+        }
+    }
+
+    /// @notice Get chain name from chain ID
+    function _getChainName(uint64 chainId) internal pure returns (string memory) {
+        if (chainId == 1) return "Ethereum";
+        if (chainId == 8453) return "Base";
+        if (chainId == 999) return "HyperEVM";
+        if (chainId == 10) return "Optimism";
+        if (chainId == 42161) return "Arbitrum";
+        return "Unknown";
+    }
+
+    /// @notice Safely parse an address from JSON
+    function _safeParseJsonAddress(string memory json, string memory key) internal pure returns (address) {
+        try vm.parseJsonAddress(json, key) returns (address addr) {
+            return addr;
+        } catch {
+            return address(0);
+        }
+    }
+}