Tempo network deployment

[0xDEnYO]

Which Jira task belongs to this PR?

SMAR-130

Why did I implement it this way?

Checklist before requesting a review

• I have performed a self-review of my code
• This pull request is as small as possible and only tackles one problem
• I have added tests that cover the functionality / test the bug
• For new facets: I have checked all points from this list: https://www.notion.so/lifi/New-Facet-Contract-Checklist-157f0ff14ac78095a2b8f999d655622e
• I have updated any required documentation

Checklist for reviewer (DO NOT DEPLOY and contracts BEFORE CHECKING THIS!!!)

• I have checked that any arbitrary calls to external contracts are validated and or restricted
• I have checked that any privileged calls (i.e. storage modifications) are validated and or restricted
• I have ensured that any new contracts have had AT A MINIMUM 1 preliminary audit conducted on by <company/auditor>

[coderabbitai]

Note

Reviews paused

It looks like this branch is under active development. To avoid overwhelming you with review comments due to an influx of new commits, CodeRabbit has automatically paused this review. You can configure this behavior by changing the reviews.auto_review.auto_pause_after_reviewed_commits setting.

Use the following commands to manage reviews:

• @coderabbitai resume to resume automatic reviews.
• @coderabbitai review to trigger a single review.

Use the checkboxes below for quick actions:

• ▶️ Resume reviews
• 🔍 Trigger review

Walkthrough

Adds the tempo network (chainId 4217) across configs and deployments; removes GasZipFacet, GasZipPeriphery, and TokenWrapper from public global configuration; adds getHttpTransportConfig and updates viem transport usage, deployment scripts, and verification/helper behaviors.

Changes

Cohort / File(s)	Summary
Global config cleanup config/global.json	Removed GasZipFacet from coreFacets; removed GasZipPeriphery and TokenWrapper from corePeriphery and whitelistPeripheryFunctions.
New network & mappings config/networks.json, config/permit2Proxy.json, foundry.toml, config/across.json	Added tempo network entry and corresponding permit2Proxy, foundry node/verifier mapping, and across configuration (chainId 4217, rpc/explorer info, dummy wrappedNativeAddress guidance).
Deployment manifests script/deploy/_targetState.json, deployments/tempo.json, deployments/tempo.diamond.json	Added tempo production target state and static deployment/dia mond manifests with facet/periphery address mappings for tempo.
Viem transport helper script/utils/viemScriptHelpers.ts	Added getHttpTransportConfig(rpcUrl: string) to strip embedded credentials and return { url, fetchOptions? } (Basic auth header when creds present).
Client / health-check / safe utils script/deploy/healthCheck.ts, script/deploy/safe/safe-utils.ts	Switched to getHttpTransportConfig flow to construct http(url, fetchOptions?) transports; added RPC availability checks and unified provider handling for PublicClient/WalletClient.
Facet deploy handling script/deploy/facets/DeployAcrossFacetV4.s.sol, script/deploy/facets/utils/ScriptBase.sol	Added overload of _getConfigContractAddress(..., allowZeroAddress, allowNonContractAddress) and updated Across deploy to allow dummy (non-contract) wrappedNativeAddress with logging.
Deployment scripts & flags script/deploy/deploySingleContract.sh	Introduced ADDITIONAL_FLAGS for network-specific forge flags (tempo uses --gas-limit 40000000); replaced prior MEGAETH_FLAGS usage and added debug echoes.
Task script argument formats script/tasks/diamondUpdatePeriphery.sh, script/tasks/updateERC20Proxy.sh	Changed universalCast/register invocation argument formatting to combine parameters into single strings (e.g., "$CONTRACT_NAME $ADDR", "$EXECUTOR true").
Helper & verification updates script/helperFunctions.sh	Trimmed Mongo query outputs to isolate JSON, added --no-use-cache to queries, and extended verifyContract to support etherscan verifier with API key, --verifier-url, and explicit --chain-id.
Deploy script target change script/deploy/facets/utils/ScriptBase.sol	Also added docs and explicit returns for new _getConfigContractAddress behavior (allow zero/non-contract addresses).

Estimated code review effort

🎯 4 (Complex) | ⏱️ ~45 minutes

Possibly related PRs

• add isContract check when reading contract addresses from config files #931 — adds/relates to _getConfigContractAddress changes allowing zero/non-contract addresses used by Across deploys.
• Script fixes and staging FeeCollector deployment #1642 — modifies script/tasks/diamondUpdatePeriphery.sh to change registerPeripheryContract argument formatting (same callsite change).
• some improvements on bash helper functions #1273 — updates script/helperFunctions.sh and verification helpers; overlaps with verification and Mongo query changes.

Suggested labels

NewNetwork

🚥 Pre-merge checks | ✅ 1 | ❌ 2

❌ Failed checks (1 warning, 1 inconclusive)

Check name	Status	Explanation	Resolution
Docstring Coverage	⚠️ Warning	Docstring coverage is 50.00% which is insufficient. The required threshold is 80.00%.	Write docstrings for the functions missing them to satisfy the coverage threshold.
Description check	❓ Inconclusive	PR description is incomplete with critical placeholders unfilled: Jira task shows 'SMAR-130' but lacks context, 'Why did I implement it this way?' is entirely empty, and reviewer checklist items are mostly unchecked with no audit details provided.	Complete the 'Why did I implement it this way?' section explaining the implementation rationale. Fill in reviewer checklist with audit dates and auditor names, or confirm why certain items (tests, facet checklist, documentation) are not applicable to this PR.

✅ Passed checks (1 passed)

Check name	Status	Explanation
Title check	✅ Passed	The title 'Tempo network deployment' clearly and specifically describes the main change: adding support for a new network called Tempo across configuration files, deployment manifests, and deployment scripts.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing Touches

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Post copyable unit tests in a comment
• Commit unit tests in branch deploy-network-tempo

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[coderabbitai]

Actionable comments posted: 1

🤖 Prompt for all review comments with AI agents

Verify each finding against the current code and only fix it if needed.

Inline comments:
In `@foundry.toml`:
- Line 170: The networks.json entry for Tempo is using an incompatible Etherscan
config; update the Tempo object so its verification settings match the actual
verifier used in foundry.toml: change "verificationType" from "etherscan" to
"custom" (or replace "explorerApiUrl" with "https://contracts.tempo.xyz" and
adjust any "explorerApi" parameters to Sourcify-compatible format) so
helperFunctions.sh reads the correct verifier; ensure the Tempo entry still
includes chain "4217" and any existing keys (e.g., explorerApiUrl,
verificationType) are updated consistently.

---

Duplicate comments:
In `@config/networks.json`:
- Around line 1152-1154: The network entry uses verificationType "etherscan" and
explorerApiUrl "https://api.etherscan.io/v2/api?chainid=4217" which conflicts
with foundry.toml's verifier = "custom" and url = "https://contracts.tempo.xyz";
update the JSON keys (verificationType, explorerUrl, explorerApiUrl) in the
network block to match the custom verifier used in foundry.toml (e.g., set
verificationType to "custom" and explorerApiUrl to the contracts.tempo.xyz URL
or remove the Etherscan-specific API URL), ensuring consistency between the
network config and foundry.toml's verifier and url settings so both reference
the same custom verification service.

[coderabbitai]

Actionable comments posted: 1

🧹 Nitpick comments (1)

script/deploy/deploySingleContract.sh (1)

261-263: Prefer echoDebug for new deployment diagnostics

Lines 261-263 currently log on every attempt, even in non-debug runs. Consider routing these through echoDebug to keep normal deploy output cleaner.

♻️ Suggested tweak

-    echo "ADDITIONAL_FLAGS: $ADDITIONAL_FLAGS"
-    echo "SKIP_SIMULATION_FLAG: $SKIP_SIMULATION_FLAG"
-    echo "GAS_ESTIMATE_MULTIPLIER: $GAS_ESTIMATE_MULTIPLIER"
+    echoDebug "ADDITIONAL_FLAGS: $ADDITIONAL_FLAGS"
+    echoDebug "SKIP_SIMULATION_FLAG: $SKIP_SIMULATION_FLAG"
+    echoDebug "GAS_ESTIMATE_MULTIPLIER: $GAS_ESTIMATE_MULTIPLIER"

🤖 Prompt for AI Agents

Verify each finding against the current code and only fix it if needed.

In `@script/deploy/deploySingleContract.sh` around lines 261 - 263, The script
currently prints ADDITIONAL_FLAGS, SKIP_SIMULATION_FLAG, and
GAS_ESTIMATE_MULTIPLIER unconditionally, cluttering non-debug output; change
those three echo calls to use the debug helper echoDebug instead (replace echo
"ADDITIONAL_FLAGS: $ADDITIONAL_FLAGS", echo "SKIP_SIMULATION_FLAG:
$SKIP_SIMULATION_FLAG", and echo "GAS_ESTIMATE_MULTIPLIER:
$GAS_ESTIMATE_MULTIPLIER" with echoDebug "ADDITIONAL_FLAGS: $ADDITIONAL_FLAGS",
echoDebug "SKIP_SIMULATION_FLAG: $SKIP_SIMULATION_FLAG", and echoDebug
"GAS_ESTIMATE_MULTIPLIER: $GAS_ESTIMATE_MULTIPLIER") so these diagnostics are
emitted only when debugging is enabled.

🤖 Prompt for all review comments with AI agents

Verify each finding against the current code and only fix it if needed.

Inline comments:
In `@script/tasks/updateERC20Proxy.sh`:
- Line 30: The call to universalCast in updateERC20Proxy.sh hardcodes the
environment as "production"; change the argument used for the env/key path to
the ENVIRONMENT variable (e.g., replace the literal "production" with
"$ENVIRONMENT" or "${ENVIRONMENT}") so the script respects the passed
environment; verify that ENVIRONMENT is exported or set earlier in the script
(or provide a sensible default) before the universalCast "send" invocation that
references ERC20PROXY and setAuthorizedCaller.

---

Nitpick comments:
In `@script/deploy/deploySingleContract.sh`:
- Around line 261-263: The script currently prints ADDITIONAL_FLAGS,
SKIP_SIMULATION_FLAG, and GAS_ESTIMATE_MULTIPLIER unconditionally, cluttering
non-debug output; change those three echo calls to use the debug helper
echoDebug instead (replace echo "ADDITIONAL_FLAGS: $ADDITIONAL_FLAGS", echo
"SKIP_SIMULATION_FLAG: $SKIP_SIMULATION_FLAG", and echo
"GAS_ESTIMATE_MULTIPLIER: $GAS_ESTIMATE_MULTIPLIER" with echoDebug
"ADDITIONAL_FLAGS: $ADDITIONAL_FLAGS", echoDebug "SKIP_SIMULATION_FLAG:
$SKIP_SIMULATION_FLAG", and echoDebug "GAS_ESTIMATE_MULTIPLIER:
$GAS_ESTIMATE_MULTIPLIER") so these diagnostics are emitted only when debugging
is enabled.

---

ℹ️ Review info

Configuration used: Repository UI

Review profile: CHILL

Plan: Pro

Disabled knowledge base sources:

• Jira integration is disabled

You can enable these sources in your CodeRabbit configuration.

📥 Commits

Reviewing files that changed from the base of the PR and between 1e6b75d and a816310.

📒 Files selected for processing (9)

• config/across.json
• config/networks.json
• deployments/tempo.json
• script/deploy/deploySingleContract.sh
• script/deploy/healthCheck.ts
• script/deploy/safe/safe-utils.ts
• script/tasks/diamondUpdatePeriphery.sh
• script/tasks/updateERC20Proxy.sh
• script/utils/viemScriptHelpers.ts

🚧 Files skipped from review as they are similar to previous changes (1)

• config/networks.json

[coderabbitai]

Actionable comments posted: 2

🤖 Prompt for all review comments with AI agents

Verify each finding against the current code and only fix it if needed.

Inline comments:
In `@script/helperFunctions.sh`:
- Around line 1841-1843: The new etherscan branch appends --etherscan-api-key
without validating that the referenced API_KEY env var is set, which lets
verification run with an empty key; update the etherscan branch (the block that
checks VERIFICATION_TYPE == "etherscan" and mutates VERIFY_CMD) to validate the
dynamic API key (${!API_KEY:-}) before appending: check if the value is
non-empty (e.g., [[ -n "${!API_KEY:-}" ]]) and if empty call the existing
error/exit flow used elsewhere, otherwise append "--verifier" "etherscan" and
"--etherscan-api-key" "${!API_KEY}" to VERIFY_CMD so the required-key check is
enforced exactly as in the other verification paths.
- Around line 214-215: The sed pattern used to strip consola prefixes is too
strict and can drop valid JSON; update the trimming to match a JSON object or
array even if preceded by whitespace by changing the sed regex used when
assigning MONGO_RESULT to look for a leading optional whitespace followed by
either "{" or "[" (i.e., match /^[[:space:]]*[{[]/,$ ) instead of /^[{]/,$ so
indented or single-line JSON is preserved; apply the same adjusted pattern to
the other two occurrences flagged (the similar sed usages around lines 362-363
and 682-683) so all prefix-stripping uses the relaxed regex and only removes
non-JSON leading text.

---

ℹ️ Review info

Configuration used: Repository UI

Review profile: CHILL

Plan: Pro

Disabled knowledge base sources:

• Jira integration is disabled

You can enable these sources in your CodeRabbit configuration.

📥 Commits

Reviewing files that changed from the base of the PR and between a816310 and 0b99ac9.

📒 Files selected for processing (3)

• config/networks.json
• foundry.toml
• script/helperFunctions.sh

[coderabbitai]

Actionable comments posted: 1

🧹 Nitpick comments (2)

script/deploy/facets/utils/ScriptBase.sol (1)

38-79: Logic is sound; consider using the existing custom error.

The new overload correctly implements the flag-based behavior:

1. Early return for allowed zero addresses
2. Early return for allowed non-contract addresses (e.g., dummy address(1) for tempo)
3. Contract-code check with revert otherwise

However, the custom error NotAContract(string key) defined at line 12 is unused. The code uses revert(string.concat(...)) instead, which is less gas-efficient and inconsistent with the error definition.

♻️ Optional: Use the existing custom error for consistency

         // check if address contains code
         if (!LibAsset.isContract(contractAddress))
-            revert(
-                string.concat(key, " in file ", path, " is not a contract")
-            );
+            revert NotAContract(key);

         return contractAddress;
     }

🤖 Prompt for AI Agents

Verify each finding against the current code and only fix it if needed.

In `@script/deploy/facets/utils/ScriptBase.sol` around lines 38 - 79, The function
_getConfigContractAddress currently reverts with a concatenated string when the
address has no contract code; replace that string-based revert with the existing
custom error NotAContract(string key) to save gas and keep errors
consistent—locate the contract-code check in _getConfigContractAddress and
change the revert(...) to revert NotAContract(key), leaving the early-return
logic for allowZeroAddress and allowNonContractAddress intact.

config/networks.json (1)

1143-1163: Configuration looks correct; minor devNotes inconsistency.

The tempo network entry is properly structured with all required fields. The dummy wrappedNativeAddress of address(1) correctly works with the allowNonContractAddress=true flag in DeployAcrossFacetV4.s.sol.

Minor note: The devNotes state "DeployAcrossFacetV4.s.sol uses allowZeroAddress for wrappedNativeAddress" but the actual code uses allowNonContractAddress = true (not allowZeroAddress). Consider updating for accuracy:

📝 Suggested devNotes clarification

-    "devNotes": "In order to deploy contract its required to have GAS_MULTIPLIER set to 550 in .env file. If it's more than 550, the deployment for LiFiDEXAggregator will fail with gas limit exceeded error if less than 500 then the deployment for LiFiDEXAggregator will fail with out of gas error. Moreover we use dummy wrapped native address for AcrossFacetV4 because we don't activate the native path (DeployAcrossFacetV4.s.sol uses allowZeroAddress for wrappedNativeAddress so tempo and similar networks can use this dummy value)."
+    "devNotes": "In order to deploy contract its required to have GAS_MULTIPLIER set to 550 in .env file. If it's more than 550, the deployment for LiFiDEXAggregator will fail with gas limit exceeded error if less than 500 then the deployment for LiFiDEXAggregator will fail with out of gas error. Moreover we use dummy wrapped native address for AcrossFacetV4 because we don't activate the native path (DeployAcrossFacetV4.s.sol uses allowNonContractAddress for wrappedNativeAddress so tempo and similar networks can use this dummy value)."

🤖 Prompt for AI Agents

Verify each finding against the current code and only fix it if needed.

In `@config/networks.json` around lines 1143 - 1163, The devNotes for the "tempo"
entry incorrectly says DeployAcrossFacetV4.s.sol uses allowZeroAddress for
wrappedNativeAddress; update the devNotes text to accurately state that
DeployAcrossFacetV4.s.sol uses allowNonContractAddress = true (and mention the
dummy wrappedNativeAddress/address(1) usage) so readers see the correct
deployment flag; reference the "tempo" object, the wrappedNativeAddress field,
and DeployAcrossFacetV4.s.sol with the allowNonContractAddress flag in the
updated note.

🤖 Prompt for all review comments with AI agents

Verify each finding against the current code and only fix it if needed.

Inline comments:
In `@script/helperFunctions.sh`:
- Around line 359-363: The sed extraction for MONGO_RESULT is too broad and
treats lines like "[info] ..." as JSON; update the sed regexp used when setting
MONGO_RESULT to only start extracting when a line begins with '[' followed
(after optional whitespace) by a valid JSON array element character (e.g. ']',
'{', '"', a digit, '-', 'n', 't', or 'f') instead of any '['; modify the sed
pattern in the MONGO_RESULT assignment so it checks the character immediately
after the '[' to ensure it's a JSON array start before printing from that line.

---

Nitpick comments:
In `@config/networks.json`:
- Around line 1143-1163: The devNotes for the "tempo" entry incorrectly says
DeployAcrossFacetV4.s.sol uses allowZeroAddress for wrappedNativeAddress; update
the devNotes text to accurately state that DeployAcrossFacetV4.s.sol uses
allowNonContractAddress = true (and mention the dummy
wrappedNativeAddress/address(1) usage) so readers see the correct deployment
flag; reference the "tempo" object, the wrappedNativeAddress field, and
DeployAcrossFacetV4.s.sol with the allowNonContractAddress flag in the updated
note.

In `@script/deploy/facets/utils/ScriptBase.sol`:
- Around line 38-79: The function _getConfigContractAddress currently reverts
with a concatenated string when the address has no contract code; replace that
string-based revert with the existing custom error NotAContract(string key) to
save gas and keep errors consistent—locate the contract-code check in
_getConfigContractAddress and change the revert(...) to revert
NotAContract(key), leaving the early-return logic for allowZeroAddress and
allowNonContractAddress intact.

---

ℹ️ Review info

⚙️ Run configuration

Configuration used: Repository UI

Review profile: CHILL

Plan: Pro

Run ID: 76b22641-3a67-4916-b040-bc4d431b30c1

📥 Commits

Reviewing files that changed from the base of the PR and between 6833c7d and bd7c7f3.

📒 Files selected for processing (6)

• config/networks.json
• deployments/tempo.diamond.json
• deployments/tempo.json
• script/deploy/facets/DeployAcrossFacetV4.s.sol
• script/deploy/facets/utils/ScriptBase.sol
• script/helperFunctions.sh

🚧 Files skipped from review as they are similar to previous changes (2)

• deployments/tempo.json
• deployments/tempo.diamond.json