Update Base DIA oracle to equity feeds#2
Open
Siddharth2207 wants to merge 8 commits into
Open
Conversation
Point LibDia at the new oracle contract, use 18-decimal prices and ticker keys (AMZN, NVDA, etc.), refresh fork tests and docs, and add a Basescan verification helper script.
WalkthroughThis PR updates the DIA oracle integration to use 18-decimal price precision instead of 8, replaces BTC/USD test fixtures with AMZN and additional ticker symbols, adds pre-commit hook documentation, and updates fork configuration to a newer Base block. All changes are cohesive within a single functional update. ChangesDIA Oracle Decimal Precision and Asset Symbol Update
🎯 3 (Moderate) | ⏱️ ~20 minutes 🚥 Pre-merge checks | ✅ 5✅ Passed checks (5 passed)
✏️ Tip: You can configure your own custom pre-merge checks in the settings. ✨ Finishing Touches🧪 Generate unit tests (beta)
Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out. Comment |
Oracle verification is out of scope for this repository.
![coderabbitai[bot]](https://avatars.githubusercontent.com/in/347564?s=60&v=4){kind=small}
There was a problem hiding this comment.
Actionable comments posted: 6
🤖 Prompt for all review comments with AI agents
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.
Inline comments:
In @.pre-commit-config.yaml:
- Line 1: The .pre-commit-config.yaml is a symlink to a Nix store file which
breaks for non-Nix contributors; either replace the symlink with a portable YAML
config named .pre-commit-config.yaml (a committed static config) or add
documentation to README.md explaining the Nix-based pre-commit setup (describe
flake.nix devShell -> rainix -> pre-commit hooks and steps to enable them).
Update the repo by committing the static YAML or by adding a short "Pre-commit /
Nix" section to README.md with exact commands to enter the dev shell and
install/run pre-commit so cloned repos work for non-Nix users.
In `@script/verify-dia-oracle-base.sh`:
- Around line 18-21: The script currently only validates ETHERSCAN_API_KEY; add
a fail-fast check for required executables by verifying that git, forge, cast,
and npm are available (use command -v or which) and if any are missing print a
clear error to stderr and exit 1. Place this check near the existing
ETHERSCAN_API_KEY validation so missing tools are detected early; reference the
ETHERSCAN_API_KEY check location and ensure the error messages name the missing
executable(s) and use a non-zero exit code.
- Around line 16-27: The script currently allows SPECTRA_REF to default to
"main" (SPECTRA_REF) and skips updating an existing clone (SPECTRA_REPO), which
makes verification nondeterministic; change the logic to require an explicit,
immutable ref (reject empty or "main") or validate SPECTRA_REF looks like a
commit SHA, and when SPECTRA_REPO exists always perform a deterministic sync:
run a git fetch on SPECTRA_REPO and then checkout/reset to the exact SPECTRA_REF
(use git fetch origin && git checkout --force SPECTRA_REF && git reset --hard
origin/SPECTRA_REF or equivalent) so verification always uses the pinned
revision rather than stale repo state. Ensure these steps reference SPECTRA_REF
and SPECTRA_REPO and error out if checkout/reset fails.
In `@src/lib/dia/LibDia.sol`:
- Line 22: Confirm and validate the DIA oracle address used in LibDia.sol: the
constant ORACLE_BASE (typed as IDIAOracleV2) must be verified against official
DIA channels or replaced with a configurable/constructor-injected address so
deployments use an authenticated mainnet address; update ORACLE_BASE only after
confirming the correct address from DIA documentation or governance, and
consider adding a clear comment referencing the source of the verified address
and/or switching IDIAOracleV2 ORACLE_BASE to a constructor/setter-backed value
to avoid hardcoding an unverified address.
In `@test/lib/LibFork.sol`:
- Around line 7-9: Update the block comment in LibFork.sol that currently says
"Tests use vm.warp to set block.timestamp close to the DIA update time" to
instead state that the fork block already has an appropriate timestamp for DIA
staleness checks and that vm.warp is no longer used; locate the comment near the
top of the file (the block starting with "A recent Base block. DIA oracle has
AMZN data...") and replace the vm.warp reference with a brief note that the fork
timestamp suffices for tests.
In `@test/src/lib/dia/LibDia.t.sol`:
- Around line 76-94: Add inline comments above the hardcoded-price tests
(functions testGetPriceAmzn, testGetPriceNvda, testGetPriceCoin,
testGetPriceMstr, testGetPriceTsla and the helper _assertFeedPrice) documenting
the exact oracle contract address (0xCE521b52513242c5094bc56f57887BB2A05B8129),
the fork block used (46061133), the date/time of the snapshot, and the
verification steps to reproduce the values (e.g., how to call the DIA oracle or
use an ethers/viem/eth_getStorageAt/eth_call command against that block and
path), plus a short note on updating values when changing fork block; ensure the
comments include the listed numeric price values and a concise one-line
reproducible command or method to fetch them.
🪄 Autofix (Beta)
Fix all unresolved CodeRabbit comments on this PR:
- Push a commit to this branch (recommended)
- Create a new PR with the fixes
ℹ️ Review info
⚙️ Run configuration
Configuration used: Organization UI
Review profile: ASSERTIVE
Plan: Pro
Run ID: 0d344cfa-561d-482d-ae0a-6f6b5d00bb8c
📒 Files selected for processing (10)
.pre-commit-config.yamlREADME.mdmeta/DiaSubParserAuthoringMeta.rain.metascript/verify-dia-oracle-base.shsrc/lib/dia/LibDia.solsrc/lib/parse/LibDiaSubParser.soltest/lib/LibFork.soltest/src/concrete/DiaWords.diaPrice.t.soltest/src/lib/dia/LibDia.t.soltest/src/lib/op/LibOpDiaPrice.t.sol
Commit a static .pre-commit-config.yaml so non-Nix contributors can run pre-commit install; git-hooks.nix leaves the file in place when present.
Regenerate DiaWords.pointers.sol after prelude, add slither.config.json (fail_on none), patch LibParse slither directives before static analysis, and annotate new files in REUSE.toml. Co-authored-by: Cursor <cursoragent@cursor.com>
Remove fix-libparse-slither.sh and the custom rainix-sol-static wrapper; configure Slither via slither.config.json. Pin rain.interpreter to a submodule commit that fixes LibParse disable directives for Slither 0.11+. Co-authored-by: Cursor <cursoragent@cursor.com>
Resolve conflicts from soldeer migration: drop submodules and .pre-commit-config.yaml, adopt main slither config, update test imports, and regenerate DiaWords pointers. Co-authored-by: Cursor <cursoragent@cursor.com>
There was a problem hiding this comment.
Actionable comments posted: 2
🤖 Prompt for all review comments with AI agents
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.
Inline comments:
In `@slither.config.json`:
- Line 2: Remove "timestamp" from the detectors_to_exclude value in the slither
configuration so Slither will report timestamp usage by default; keep using the
inline suppression comments ("//slither-disable-next-line timestamp") for
legitimate cases instead of the global suppression in the detectors_to_exclude
key to preserve static analysis coverage for new code.
In `@src/lib/dia/LibDia.sol`:
- Around line 80-82: Guard the stale-check against future timestamps: before
computing block.timestamp - rawTimestamp in LibDia.sol, ensure you handle the
case rawTimestamp > block.timestamp (or compute the delta safely). Update the
stale-check that currently uses rawTimestamp, block.timestamp and staleAfterUint
so it first checks if rawTimestamp > block.timestamp or uses a safe comparison
like rawTimestamp + staleAfterUint < block.timestamp, and then revert with
StaleDiaPrice(rawTimestamp, staleAfterUint) accordingly; this prevents an
underflow panic and preserves the intended custom stale error path.
🪄 Autofix (Beta)
Fix all unresolved CodeRabbit comments on this PR:
- Push a commit to this branch (recommended)
- Create a new PR with the fixes
ℹ️ Review info
⚙️ Run configuration
Configuration used: Organization UI
Review profile: ASSERTIVE
Plan: Pro
Run ID: a7d53b90-e01e-494e-8e70-fbe25b826152
⛔ Files ignored due to path filters (1)
src/generated/DiaWords.pointers.solis excluded by!**/generated/**
📒 Files selected for processing (7)
REUSE.tomlslither.config.jsonsrc/lib/dia/LibDia.solsrc/lib/parse/LibDiaSubParser.soltest/src/concrete/DiaWords.diaPrice.t.soltest/src/lib/dia/LibDia.t.soltest/src/lib/op/LibOpDiaPrice.t.sol
| { | ||
| "detectors_to_exclude": "assembly-usage,solc-version,unused-imports,pragma,different-pragma-directives-are-used,unindexed-event-address,timestamp", | ||
| "filter_paths": "dependencies,test,forge-std" | ||
| "detectors_to_exclude": "assembly-usage,solc-version,unused-imports,pragma,different-pragma-directives-are-used,unindexed-event-address,timestamp", |
There was a problem hiding this comment.
Inconsistent timestamp detector handling contradicts the stated PR approach.
The PR objectives explicitly mention "added //slither-disable-next-line timestamp where intentional", indicating a targeted suppression strategy for legitimate timestamp usage. However, globally excluding the timestamp detector here prevents Slither from flagging any timestamp usage anywhere in the codebase, including potentially problematic new code.
Recommendation: Remove timestamp from detectors_to_exclude and rely solely on the inline //slither-disable-next-line timestamp comments for known-safe cases. This preserves static analysis coverage for new timestamp-dependent logic.
🔒 Proposed fix
- "detectors_to_exclude": "assembly-usage,solc-version,unused-imports,pragma,different-pragma-directives-are-used,unindexed-event-address,timestamp",
+ "detectors_to_exclude": "assembly-usage,solc-version,unused-imports,pragma,different-pragma-directives-are-used,unindexed-event-address",📝 Committable suggestion
‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.
Suggested change
| "detectors_to_exclude": "assembly-usage,solc-version,unused-imports,pragma,different-pragma-directives-are-used,unindexed-event-address,timestamp", | |
| "detectors_to_exclude": "assembly-usage,solc-version,unused-imports,pragma,different-pragma-directives-are-used,unindexed-event-address", |
🤖 Prompt for AI Agents
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.
In `@slither.config.json` at line 2, Remove "timestamp" from the
detectors_to_exclude value in the slither configuration so Slither will report
timestamp usage by default; keep using the inline suppression comments
("//slither-disable-next-line timestamp") for legitimate cases instead of the
global suppression in the detectors_to_exclude key to preserve static analysis
coverage for new code.
Comment on lines
+80
to
82
| //slither-disable-next-line timestamp | ||
| if (block.timestamp - rawTimestamp > staleAfterUint) { | ||
| revert StaleDiaPrice(rawTimestamp, staleAfterUint); |
There was a problem hiding this comment.
Guard stale-check arithmetic against future timestamps.
If the oracle returns rawTimestamp > block.timestamp, block.timestamp - rawTimestamp underflows and reverts with a panic instead of the intended custom stale error path.
Suggested fix
- //slither-disable-next-line timestamp
- if (block.timestamp - rawTimestamp > staleAfterUint) {
+ // slither-disable-next-line timestamp
+ if (rawTimestamp > block.timestamp || block.timestamp - rawTimestamp > staleAfterUint) {
revert StaleDiaPrice(rawTimestamp, staleAfterUint);
}🤖 Prompt for AI Agents
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.
In `@src/lib/dia/LibDia.sol` around lines 80 - 82, Guard the stale-check against
future timestamps: before computing block.timestamp - rawTimestamp in
LibDia.sol, ensure you handle the case rawTimestamp > block.timestamp (or
compute the delta safely). Update the stale-check that currently uses
rawTimestamp, block.timestamp and staleAfterUint so it first checks if
rawTimestamp > block.timestamp or uses a safe comparison like rawTimestamp +
staleAfterUint < block.timestamp, and then revert with
StaleDiaPrice(rawTimestamp, staleAfterUint) accordingly; this prevents an
underflow panic and preserves the intended custom stale error path.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
Updates the Base DIA integration from the old demo oracle to DIA’s PushOracleReceiverV2 (Spectra) equity feeds.
Oracle (Base, chain id 8453)
0xB8BF…)PushOracleReceiverV20xCE521b52513242c5094bc56f57887BB2A05B8129"BTC/USD"styleAMZN,NVDA,COIN,MSTR,TSLACode & docs
LibDia: newORACLE_BASE,DIA_DECIMALS = -18, ticker key docs.LibDiaSubParser, anddia-priceauthoring meta updated for equity tickers and 18-decimal prices.DiaWords.pointers.soland meta after contract changes.Tests
46061133with snapshot assertions for all five tickers.dia-price/LibOpDiaPricetests use"AMZN"instead of"BTC/USD".vm.warp).Tooling / CI
.pre-commit-config.yaml(trailing whitespace, shellcheck, prettier, optionalforge fmtwhenforgeis onPATH).slither.config.jsonfor static analysis (excludes deps/tests; filters interpreter submodule libs).rain.interpretersubmodule bumped tof2ede963(branchfix/slither-libparse-018871e) — fixes Slither 0.11+LibParsedisable directives.//slither-disable-next-line timestampon intentional staleness check inLibDia.getPriceNoOlderThan.REUSE.tomlannotations for.pre-commit-config.yamlandscript/**.Removed
script/verify-dia-oracle-base.sh(oracle verification is out of scope for this repo).Links
Test plan
nix develop -c rainix-sol-test(fork tests against Base RPC)nix develop -c rainix-sol-staticnix develop -c rainix-sol-legal(reuse lint)nix develop -c rain-dia-prelude && forge script ./script/BuildPointers.sol && forge fmtthengit diff --exit-code(git-clean)dia-price("AMZN" 3600)Summary by CodeRabbit
New Features
Documentation
Chores