Merge feat/audit into main branch

.gitmodules

@@ -8,7 +8,7 @@
 [submodule "lib/solady"]
 	path = lib/solady
 	url = https://github.com/vectorized/solady
-	branch = v0.0.92
+	branch = v0.0.123
 [submodule "lib/splits-utils"]
 	path = lib/splits-utils
 	url = https://github.com/0xSplits/splits-utils

.vscode/settings.json

@@ -1,6 +1,6 @@
 {
     "solidity.packageDefaultDependenciesContractsDirectory": "src",
     "solidity.packageDefaultDependenciesDirectory": "lib",
-    "solidity.compileUsingRemoteVersion": "v0.8.17+commit.8df45f5f",
+    "solidity.compileUsingRemoteVersion": "v0.8.19",
     "solidity.defaultCompiler": "remote"
 }

README.md

@@ -69,9 +69,13 @@ This repo can be deployed with `forge create` or running the deployment scripts.
 
 #### Goerli
 
-OptimisticWithdrawalRecipient: https://goerli.etherscan.io/address/0x7b4b2cbbdac4f9b70252503a411574f4ff960e68
+OptimisticWithdrawalRecipient: https://goerli.etherscan.io/address/0xBB3b6CC2882B73eeFb32284Ecc9035839fb2C908
 
-OptimisticWithdrawalRecipientFactory: https://goerli.etherscan.io/address/0xBB3b6CC2882B73eeFb32284Ecc9035839fb2C908
+OptimisticWithdrawalRecipientFactory: https://goerli.etherscan.io/address/0x7b4b2cbbdac4f9b70252503a411574f4ff960e68 
+
+ImmutableSplitControllerFactory: https://goerli.etherscan.io/address/0x64a2c4A50B1f46c3e2bF753CFe270ceB18b5e18f
+
+ImmutableSplitController: https://goerli.etherscan.io/address/0x009894cdA6cB6d99866ca8E04e8EDeabd625712F
 
 ### Versioning
 

docs/audit/ObolLidoSplit.md

@@ -0,0 +1,272 @@
+
+[<img width="200" alt="get in touch with Consensys Diligence" src="https://user-images.githubusercontent.com/2865694/56826101-91dcf380-685b-11e9-937c-af49c2510aa0.png">](https://diligence.consensys.net)<br/>
+<sup>
+[[  🌐  ](https://diligence.consensys.net)  [  📩  ](mailto:[email protected])  [  🔥  ](https://consensys.github.io/diligence/)]
+</sup><br/><br/>
+
+
+
+# Solidity Metrics for 'CLI'
+
+## Table of contents
+
+- [Scope](#t-scope)
+    - [Source Units in Scope](#t-source-Units-in-Scope)
+    - [Out of Scope](#t-out-of-scope)
+        - [Excluded Source Units](#t-out-of-scope-excluded-source-units)
+        - [Duplicate Source Units](#t-out-of-scope-duplicate-source-units)
+        - [Doppelganger Contracts](#t-out-of-scope-doppelganger-contracts)
+- [Report Overview](#t-report)
+    - [Risk Summary](#t-risk)
+    - [Source Lines](#t-source-lines)
+    - [Inline Documentation](#t-inline-documentation)
+    - [Components](#t-components)
+    - [Exposed Functions](#t-exposed-functions)
+    - [StateVariables](#t-statevariables)
+    - [Capabilities](#t-capabilities)
+    - [Dependencies](#t-package-imports)
+    - [Totals](#t-totals)
+
+## <span id=t-scope>Scope</span>
+
+This section lists files that are in scope for the metrics report. 
+
+- **Project:** `'CLI'`
+- **Included Files:** 
+    - ``
+- **Excluded Paths:** 
+    - ``
+- **File Limit:** `undefined`
+    - **Exclude File list Limit:** `undefined`
+
+- **Workspace Repository:** `unknown` (`undefined`@`undefined`)
+
+### <span id=t-source-Units-in-Scope>Source Units in Scope</span>
+
+Source Units Analyzed: **`1`**<br>
+Source Units in Scope: **`1`** (**100%**)
+
+| Type | File   | Logic Contracts | Interfaces | Lines | nLines | nSLOC | Comment Lines | Complex. Score | Capabilities |
+| ---- | ------ | --------------- | ---------- | ----- | ------ | ----- | ------------- | -------------- | ------------ | 
+| 📝 | src/lido/ObolLidoSplit.sol | 1 | **** | 117 | 117 | 53 | 46 | 59 | **** |
+| 📝 | **Totals** | **1** | **** | **117**  | **117** | **53** | **46** | **59** | **** |
+
+<sub>
+Legend: <a onclick="toggleVisibility('table-legend', this)">[➕]</a>
+<div id="table-legend" style="display:none">
+
+<ul>
+<li> <b>Lines</b>: total lines of the source unit </li>
+<li> <b>nLines</b>: normalized lines of the source unit (e.g. normalizes functions spanning multiple lines) </li>
+<li> <b>nSLOC</b>: normalized source lines of code (only source-code lines; no comments, no blank lines) </li>
+<li> <b>Comment Lines</b>: lines containing single or block comments </li>
+<li> <b>Complexity Score</b>: a custom complexity score derived from code statements that are known to introduce code complexity (branches, loops, calls, external interfaces, ...) </li>
+</ul>
+
+</div>
+</sub>
+
+
+#### <span id=t-out-of-scope>Out of Scope</span>
+
+##### <span id=t-out-of-scope-excluded-source-units>Excluded Source Units</span>
+
+Source Units Excluded: **`0`**
+
+<a onclick="toggleVisibility('excluded-files', this)">[➕]</a>
+<div id="excluded-files" style="display:none">
+| File   |
+| ------ |
+| None |
+
+</div>
+
+
+##### <span id=t-out-of-scope-duplicate-source-units>Duplicate Source Units</span>
+
+Duplicate Source Units Excluded: **`0`** 
+
+<a onclick="toggleVisibility('duplicate-files', this)">[➕]</a>
+<div id="duplicate-files" style="display:none">
+| File   |
+| ------ |
+| None |
+
+</div>
+
+##### <span id=t-out-of-scope-doppelganger-contracts>Doppelganger Contracts</span>
+
+Doppelganger Contracts: **`0`** 
+
+<a onclick="toggleVisibility('doppelganger-contracts', this)">[➕]</a>
+<div id="doppelganger-contracts" style="display:none">
+| File   | Contract | Doppelganger | 
+| ------ | -------- | ------------ |
+
+
+</div>
+
+
+## <span id=t-report>Report</span>
+
+### Overview
+
+The analysis finished with **`0`** errors and **`0`** duplicate files.
+
+
+
+
+
+#### <span id=t-risk>Risk</span>
+
+<div class="wrapper" style="max-width: 512px; margin: auto">
+			<canvas id="chart-risk-summary"></canvas>
+</div>
+
+#### <span id=t-source-lines>Source Lines (sloc vs. nsloc)</span>
+
+<div class="wrapper" style="max-width: 512px; margin: auto">
+    <canvas id="chart-nsloc-total"></canvas>
+</div>
+
+#### <span id=t-inline-documentation>Inline Documentation</span>
+
+- **Comment-to-Source Ratio:** On average there are`1.15` code lines per comment (lower=better).
+- **ToDo's:** `0` 
+
+#### <span id=t-components>Components</span>
+
+| 📝Contracts   | 📚Libraries | 🔍Interfaces | 🎨Abstract |
+| ------------- | ----------- | ------------ | ---------- |
+| 1 | 0  | 0  | 0 |
+
+#### <span id=t-exposed-functions>Exposed Functions</span>
+
+This section lists functions that are explicitly declared public or payable. Please note that getter methods for public stateVars are not included.  
+
+| 🌐Public   | 💰Payable |
+| ---------- | --------- |
+| 3 | 0  | 
+
+| External   | Internal | Private | Pure | View |
+| ---------- | -------- | ------- | ---- | ---- |
+| 2 | 3  | 0 | 1 | 0 |
+
+#### <span id=t-statevariables>StateVariables</span>
+
+| Total      | 🌐Public  |
+| ---------- | --------- |
+| 7  | 4 |
+
+#### <span id=t-capabilities>Capabilities</span>
+
+| Solidity Versions observed | 🧪 Experimental Features | 💰 Can Receive Funds | 🖥 Uses Assembly | 💣 Has Destroyable Contracts | 
+| -------------------------- | ------------------------ | -------------------- | ---------------- | ---------------------------- |
+| `0.8.19` |  | **** | **** | **** | 
+
+| 📤 Transfers ETH | ⚡ Low-Level Calls | 👥 DelegateCall | 🧮 Uses Hash Functions | 🔖 ECRecover | 🌀 New/Create/Create2 |
+| ---------------- | ----------------- | --------------- | ---------------------- | ------------ | --------------------- |
+| **** | **** | **** | **** | **** | **** | 
+
+| ♻️ TryCatch | Σ Unchecked |
+| ---------- | ----------- |
+| **** | **** |
+
+#### <span id=t-package-imports>Dependencies / External Imports</span>
+
+| Dependency / Import Path | Count  | 
+| ------------------------ | ------ |
+| solady/utils/Clone.sol | 1 |
+| solmate/tokens/ERC20.sol | 1 |
+| solmate/utils/SafeTransferLib.sol | 1 |
+| src/interfaces/IwstETH.sol | 1 |
+
+#### <span id=t-totals>Totals</span>
+
+##### Summary
+
+<div class="wrapper" style="max-width: 90%; margin: auto">
+    <canvas id="chart-num-bar"></canvas>
+</div>
+
+##### AST Node Statistics
+
+###### Function Calls
+
+<div class="wrapper" style="max-width: 90%; margin: auto">
+    <canvas id="chart-num-bar-ast-funccalls"></canvas>
+</div>
+
+###### Assembly Calls
+
+<div class="wrapper" style="max-width: 90%; margin: auto">
+    <canvas id="chart-num-bar-ast-asmcalls"></canvas>
+</div>
+
+###### AST Total
+
+<div class="wrapper" style="max-width: 90%; margin: auto">
+    <canvas id="chart-num-bar-ast"></canvas>
+</div>
+
+##### Inheritance Graph
+
+<a onclick="toggleVisibility('surya-inherit', this)">[➕]</a>
+<div id="surya-inherit" style="display:none">
+<div class="wrapper" style="max-width: 512px; margin: auto">
+    <div id="surya-inheritance" style="text-align: center;"></div> 
+</div>
+</div>
+
+##### CallGraph
+
+<a onclick="toggleVisibility('surya-call', this)">[➕]</a>
+<div id="surya-call" style="display:none">
+<div class="wrapper" style="max-width: 512px; margin: auto">
+    <div id="surya-callgraph" style="text-align: center;"></div>
+</div>
+</div>
+
+###### Contract Summary
+
+<a onclick="toggleVisibility('surya-mdreport', this)">[➕]</a>
+<div id="surya-mdreport" style="display:none">
+ Sūrya's Description Report
+
+ Files Description Table
+
+
+|  File Name  |  SHA-1 Hash  |
+|-------------|--------------|
+| src/lido/ObolLidoSplit.sol | e60ac5c37593dd7b11dc04af62baa7b122e98ed5 |
+
+
+ Contracts Description Table
+
+
+|  Contract  |         Type        |       Bases      |                  |                 |
+|:----------:|:-------------------:|:----------------:|:----------------:|:---------------:|
+|     └      |  **Function Name**  |  **Visibility**  |  **Mutability**  |  **Modifiers**  |
+||||||
+| **ObolLidoSplit** | Implementation | Clone |||
+| └ | <Constructor> | Public ❗️ | 🛑  |NO❗️ |
+| └ | splitWallet | Public ❗️ |   |NO❗️ |
+| └ | distribute | External ❗️ | 🛑  |NO❗️ |
+| └ | rescueFunds | External ❗️ | 🛑  |NO❗️ |
+
+
+ Legend
+
+|  Symbol  |  Meaning  |
+|:--------:|-----------|
+|    🛑    | Function can modify state |
+|    💵    | Function is payable |
+
+
+</div>
+____
+<sub>
+Thinking about smart contract security? We can provide training, ongoing advice, and smart contract auditing. [Contact us](https://diligence.consensys.net/contact/).
+</sub>
+
+