fix: fix: red-team.sh V3_FACTORY hardcodes Base mainnet address instead of Sepolia (#854)

bootstrap-light.sh now extracts the Uniswap V3 pool address from DeployLocal.sol deploy output and writes both Pool and V3Factory (Base Sepolia: 0x4752ba5DBc23f44D87826276BF6Fd6b1C372aD24) into deployments-local.json alongside the existing contract addresses. red-team.sh now reads V3_FACTORY and POOL from deployments-local.json instead of hardcoding the Base mainnet factory address (0x33128a8fC17869897dcE68Ed026d694621f6FDfD), and removes the getPool() RPC call that always failed with "contract does not have any code" on the Sepolia fork. Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
2026-03-16 12:02:17 +00:00 · 2026-03-16 12:02:17 +00:00 · a2f89968db
commit a2f89968db
parent 740a871ddc
2 changed files with 18 additions and 13 deletions
--- a/scripts/harb-evaluator/bootstrap-light.sh
+++ b/scripts/harb-evaluator/bootstrap-light.sh
@ -47,13 +47,21 @@ LM=$(echo "$DEPLOY_OUT" | grep -oP 'LiquidityManager deployed: \K0x[a-fA-F0-9]+'

 [[ -n "$LM" ]] || die "Could not extract LiquidityManager address from deploy output"

+POOL=$(echo "$DEPLOY_OUT" | grep -oP 'Pool: \K0x[a-fA-F0-9]+' | head -1)
+[[ -n "$POOL" ]] || die "Could not extract Pool address from deploy output"
+
+# Base Sepolia Uniswap V3 Factory — must match v3Factory constant in DeployLocal.sol
+V3_FACTORY="0x4752ba5DBc23f44D87826276BF6Fd6b1C372aD24"
+
 cat > "$ONCHAIN_DIR/deployments-local.json" << EOF
 {
  "contracts": {
    "Kraiken": "$KRK",
    "Stake": "$STAKE",
    "LiquidityManager": "$LM",
-    "OptimizerProxy": "$OPT"
+    "OptimizerProxy": "$OPT",
+    "Pool": "$POOL",
+    "V3Factory": "$V3_FACTORY"
  }
 }
 EOF
--- a/scripts/harb-evaluator/red-team.sh
+++ b/scripts/harb-evaluator/red-team.sh
@ -45,8 +45,6 @@ RECENTER_PK=0x5de4111afa1a4b94908f83103eb1f1706367c2e68ca870fc3fb9a804cdab365a
 WETH=0x4200000000000000000000000000000000000006
 # Base mainnet SwapRouter02 — https://basescan.org/address/0x2626664c2603336E57B271c5C0b26F421741e481
 SWAP_ROUTER=0x2626664c2603336E57B271c5C0b26F421741e481
-# Base mainnet Uniswap V3 Factory — https://basescan.org/address/0x33128a8fC17869897dcE68Ed026d694621f6FDfD
-V3_FACTORY=0x33128a8fC17869897dcE68Ed026d694621f6FDfD
 # Base mainnet NonfungiblePositionManager — https://basescan.org/address/0x03a520B32c04bf3beef7BEb72E919cF822Ed34F3
 NPM=0x03a520B32c04bf3beef7BEb72E919cF822Ed34F3
 POOL_FEE=10000
@ -78,8 +76,10 @@ KRK=$(jq -r '.contracts.Kraiken'         "$DEPLOYMENTS")
 STAKE=$(jq -r '.contracts.Stake'         "$DEPLOYMENTS")
 LM=$(jq -r '.contracts.LiquidityManager' "$DEPLOYMENTS")
 OPT=$(jq -r '.contracts.OptimizerProxy'  "$DEPLOYMENTS")
+V3_FACTORY=$(jq -r '.contracts.V3Factory' "$DEPLOYMENTS")
+POOL=$(jq -r '.contracts.Pool'            "$DEPLOYMENTS")

-for var in KRK STAKE LM OPT; do
+for var in KRK STAKE LM OPT V3_FACTORY POOL; do
  val="${!var}"
  [[ -n "$val" && "$val" != "null" ]] \
    || die "$var address missing from deployments-local.json — was bootstrap successful?"
@ -89,6 +89,8 @@ log "  KRK:   $KRK"
 log "  STAKE:      $STAKE"
 log "  LM:         $LM"
 log "  OPT:        $OPT"
+log "  V3_FACTORY: $V3_FACTORY"
+log "  Pool:       $POOL"

 # Derive Anvil account addresses from their private keys
 ADV_ADDR=$("$CAST" wallet address --private-key "$ADV_PK")
@ -96,11 +98,6 @@ RECENTER_ADDR=$("$CAST" wallet address --private-key "$RECENTER_PK")
 log "  Adversary: $ADV_ADDR  (account 8)"
 log "  Recenter:  $RECENTER_ADDR  (account 2)"

-# Get Uniswap V3 Pool address
-POOL=$("$CAST" call "$V3_FACTORY" "getPool(address,address,uint24)(address)" \
-       "$WETH" "$KRK" "$POOL_FEE" --rpc-url "$RPC_URL" | sed 's/\[.*//;s/[[:space:]]//g')
-log "  Pool:  $POOL"
-
 # ── 3a. recenter() is now public (no recenterAccess needed) ──
 # Any address can call recenter() — TWAP oracle enforces safety.
 log "recenter() is public — no access grant needed"