d-bis/proxmox
4
0
Fork 0
Code Issues Pull Requests Actions 1 Packages Projects Releases Wiki Activity
Files
master
proxmox/docs/00-meta/ADDITIONAL_RECOMMENDATIONS_TABLE.md
defiQUG 2a6d3cfc7f
Some checks failed
Deploy to Phoenix / deploy (push) Has been cancelled
Details
Update submodule references and improve CI workflow 
- Update submodule references for explorer-monorepo and smom-dbis-138 to latest commits.
- Modify CI workflow to include shellcheck installation and enforce error severity for script checks.
- Update contract addresses in configuration and documentation to reflect the new canonical addresses for CCIPWETH9Bridge and CCIP Router.
- Revise integration test documentation to align with updated contract addresses and deployment statuses.

Made-with: Cursor
2026-03-24 22:50:52 -07:00

254 lines
15 KiB
Markdown
Raw Permalink Blame History

This file contains ambiguous Unicode characters
This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.
# All Additional Recommendations — Consolidated Table
**Purpose:** Single reference for every additional recommendation (tasks, fixes, optional work, and improvements) across the repo.
**Sources:** [TODOS_CONSOLIDATED.md](TODOS_CONSOLIDATED.md), [REQUIRED_FIXES_GAPS_AND_DEPLOYMENTS_LIST.md](REQUIRED_FIXES_GAPS_AND_DEPLOYMENTS_LIST.md), [OPERATOR_READY_CHECKLIST.md](OPERATOR_READY_CHECKLIST.md), [ALL_RECOMMENDATIONS_AND_IMPROVEMENTS_LIST.md](ALL_RECOMMENDATIONS_AND_IMPROVEMENTS_LIST.md), [COMPLETE_REQUIRED_OPTIONAL_RECOMMENDED_INDEX.md](COMPLETE_REQUIRED_OPTIONAL_RECOMMENDED_INDEX.md).
---
## 1. Immediate / blocking (verified remaining)
| # | Recommendation | Description | Command / doc |
|---|----------------|-------------|---------------|
| V2 | Add liquidity (Chain 138 PMM) | Fund deployer with WETH/cUSDT/cUSDC (or mint); then run AddLiquidityPMMPoolsChain138. | [TOKENS_AND_NETWORKS_MINTABLE_TO_DEPLOYER](../11-references/TOKENS_AND_NETWORKS_MINTABLE_TO_DEPLOYER.md), [ADD_LIQUIDITY_PMM_CHAIN138_RUNBOOK](../03-deployment/ADD_LIQUIDITY_PMM_CHAIN138_RUNBOOK.md) |
| V3 | RPC 2101 read-only | If host I/O errors: make RPC writable, then health-check. | `./scripts/maintenance/make-rpc-vmids-writable-via-ssh.sh` then `./scripts/maintenance/health-check-rpc-2101.sh` |
| V4 | Wemix / Celo CCIP bridges | Celo done; Wemix needs 0.4 WEMIX. Cronos: set CRONOS_RPC + CCIP_ROUTER_CRONOS, run deploy-bridges. | [CONFIG_READY_CHAINS_COMPLETION_RUNBOOK](../07-ccip/CONFIG_READY_CHAINS_COMPLETION_RUNBOOK.md) |
| V5 | LINK relay, E2E 502s, operator run | **E2E 502s** ✅ Fixed 2026-03-06. **Operator run** ✅ Run 2026-03-06. **LINK support** ⏳ Pending — [RELAY_BRIDGE_ADD_LINK_SUPPORT_RUNBOOK](../07-ccip/RELAY_BRIDGE_ADD_LINK_SUPPORT_RUNBOOK.md). | `./scripts/run-all-operator-tasks-from-lan.sh` |
| V6 | External (Ledger, Trust, CoinGecko/CMC, on-ramps) | Third-party submissions and outreach. | §5 below; [ADD_CHAIN138_TO_LEDGER_LIVE](../04-configuration/ADD_CHAIN138_TO_LEDGER_LIVE.md), etc. |
---
## 2. Pre-deploy / first (before any Chain 138 deploy)
| # | Recommendation | Description | Command / doc |
|---|----------------|-------------|---------------|
| 0a | Deployer gas check | Use Core RPC only for balance/gas. | `RPC_URL_138=http://192.168.11.211:8545 ./scripts/deployment/check-deployer-balance-chain138-and-funding-plan.sh` |
| 0a2 | Deployer gas auto-route | Swap/bridge deployer ERC-20 to native gas where below threshold (138, Protocolink chains, Wemix). | `./scripts/deployment/deployer-gas-auto-route.sh`; [DEPLOYER_GAS_AUTO_ROUTE_RUNBOOK](../03-deployment/DEPLOYER_GAS_AUTO_ROUTE_RUNBOOK.md) |
| 0b | Core RPC = IP:port | In smom-dbis-138/.env use `RPC_URL_138=http://192.168.11.211:8545`, not FQDN. | [RPC_ENDPOINTS_MASTER](../04-configuration/RPC_ENDPOINTS_MASTER.md) |
| 0c | Test all contracts | Run full or unit-only test suite before deploy. | `./scripts/deployment/test-all-contracts-before-deploy.sh` (optionally `--no-match "Fork|Mainnet|Integration|e2e"`) |
| 0 | Preflight | RPC, dotenv, nonce, optional cost. | `./scripts/deployment/preflight-chain138-deploy.sh [--cost]` |
---
## 3. High priority
| # | Recommendation | Description | Command / doc |
|---|----------------|-------------|---------------|
| 1 | Wemix token addresses | Confirm WETH, USDT, USDC on scan.wemix.com; update token-mapping and WEMIX_TOKEN_VERIFICATION.md. | `./scripts/validation/validate-config-files.sh` |
| 2 | Gnosis, Celo, Wemix CCIP bridges | Per chain: RPC, CCIP Router, LINK, WETH9/WETH10; DeployWETHBridges; add 138↔chain; fund LINK. | [CONFIG_READY_CHAINS_COMPLETION_RUNBOOK](../07-ccip/CONFIG_READY_CHAINS_COMPLETION_RUNBOOK.md) |
---
## 4. Medium priority
| # | Recommendation | Description | Command / doc |
|---|----------------|-------------|---------------|
| 3 | LINK support on Mainnet relay | Option A or B per runbook; implement, deploy, fund LINK; set relaySupported for LINK in token-mapping. | [RELAY_BRIDGE_ADD_LINK_SUPPORT_RUNBOOK](../07-ccip/RELAY_BRIDGE_ADD_LINK_SUPPORT_RUNBOOK.md) |
| 4 | Run "from anywhere" checks | Run completable tasks periodically. | `./scripts/run-completable-tasks-from-anywhere.sh` |
| 5 | Placeholders (code) | Canonical addresses, AlltraAdapter setBridgeFee, smart accounts kit, quote FABRIC_CHAIN_ID, .bak — doc in REQUIRED_FIXES_UPDATES_GAPS. | [REQUIRED_FIXES_UPDATES_GAPS](../REQUIRED_FIXES_UPDATES_GAPS.md) |
| 6 | API keys | Sign up per reports/API_KEYS_REQUIRED.md; add to .env. | reports/API_KEYS_REQUIRED.md |
---
## 5. When you have LAN / Proxmox + secrets
| # | Recommendation | Description | Command / doc |
|---|----------------|-------------|---------------|
| 7 | Blockscout verification | Verify contracts on Blockscout after deploy. | `./scripts/run-all-operator-tasks-from-lan.sh` or `./scripts/verify/run-contract-verification-with-proxy.sh` |
| 8 | Fix E2E 502s | ✅ Fixed 2026-03-06 (MIM4U 7810 + address-all-remaining-502s + NPM; E2E 37/37). Re-run if 502s recur. | `./scripts/maintenance/address-all-remaining-502s.sh [--e2e]` |
| 9 | Operator tasks script | Backup, verify, optional deploy/create-vms. | `./scripts/run-all-operator-tasks-from-lan.sh [--deploy] [--create-vms]` |
| 10 | sendCrossChain (real) | When PRIVATE_KEY and LINK ready. | `bash scripts/bridge/run-send-cross-chain.sh 0.01 [recipient]` |
| 11 | NPMplus backup | Requires NPM_PASSWORD in .env. | `bash scripts/verify/backup-npmplus.sh` |
| 12 | Mint tokens to deployer | For liquidity/bridges per TOKENS_AND_NETWORKS_MINTABLE_TO_DEPLOYER. | [TOKENS_AND_NETWORKS_MINTABLE_TO_DEPLOYER](../11-references/TOKENS_AND_NETWORKS_MINTABLE_TO_DEPLOYER.md) |
| — | NPMplus API unreachable | Restart Docker in NPMplus LXCs (10233, 10235). | `./scripts/maintenance/fix-npmplus-services-via-proxmox-ssh.sh` |
| — | E2E from LAN (no DNS) | Use /etc/hosts + system resolver for E2E. | [E2E_DNS_FROM_LAN_RUNBOOK](../04-configuration/E2E_DNS_FROM_LAN_RUNBOOK.md); `E2E_USE_SYSTEM_RESOLVER=1 ./scripts/verify/verify-end-to-end-routing.sh` |
---
## 6. Token deployments (remaining)
| # | Recommendation | Description | Ref |
|---|----------------|-------------|-----|
| T2 | Optional cCADT | Uncomment in DeployCompliantFiatTokens.s.sol when needed. | TOKEN_CONTRACT_DEPLOYMENTS_REMAINING §1.2 |
| T3 | cAUSDT | Deploy or env when Alltra compliant USD defined. | TOKEN_CONTRACT_DEPLOYMENTS_REMAINING §1.3 |
| T4 | ACADT (651940) | When Alltra adds CAD token. | TOKEN_CONTRACT_DEPLOYMENTS_REMAINING §2 |
| T5 | cW* on public chains | Deploy/bridge cW* per chain; PMM edge pools per pool-matrix. | TOKEN_CONTRACT_DEPLOYMENTS_REMAINING §3 |
| T6 | D-WIN W on 138/651940 | Optional; extend DeployISO4217WSystem. | TOKEN_CONTRACT_DEPLOYMENTS_REMAINING §4 |
| T7 | Vault ac*/vdc*/sdc* | After new base tokens; extend DeployAcVdcSdcVaults. | TOKEN_CONTRACT_DEPLOYMENTS_REMAINING §5 |
---
## 7. Low priority / planned
| # | Recommendation | Description | Ref |
|---|----------------|-------------|-----|
| 12 | AddressMapper on other chains | Deploy via DeployAddressMapperOtherChain; set mapper in smart-contracts-master. | OPTIONAL_DEPLOYMENTS_START_HERE §A |
| 13 | DODO PMM liquidity on 138 | Pools deployed; add liquidity and document. | ADD_LIQUIDITY_PMM_CHAIN138_RUNBOOK, LIQUIDITY_POOLS_MASTER_MAP |
| 14 | Mainnet trustless stack | Lockbox138 + InboxETH, BondManager, LiquidityPoolETH; fund liquidity. | OPTIONAL_DEPLOYMENTS_START_HERE §C |
---
## 8. External / third-party
| # | Recommendation | Description | Doc |
|---|----------------|-------------|-----|
| 15 | Ledger | Tally form submitted; await response; sign and integrate. | [ADD_CHAIN138_TO_LEDGER_LIVE](../04-configuration/ADD_CHAIN138_TO_LEDGER_LIVE.md) |
| 16 | Trust Wallet | PR to trustwallet/wallet-core with Chain 138. | [ADD_CHAIN138_TO_TRUST_WALLET](../04-configuration/ADD_CHAIN138_TO_TRUST_WALLET.md) |
| 17 | Consensys | Outreach for Swaps/Bridge. | [CONSENSYS_OUTREACH_PACKAGE](../../metamask-integration/docs/CONSENSYS_OUTREACH_PACKAGE.md) |
| 18 | CoinGecko/CMC | Submit chain and tokens. | [COINGECKO_SUBMISSION_GUIDE](../04-configuration/coingecko/CMC_COINGECKO_SUBMISSION_RUNBOOK.md) |
| — | Chainlist / on-ramps | PR-ready and off-ramp docs. | [pr-ready/README](../04-configuration/pr-ready/README.md), [REPOSITORIES_AND_PRS_CHAIN138](REPOSITORIES_AND_PRS_CHAIN138.md) |
---
## 9. Operator checklist (R1R24)
| # | Recommendation | When |
|---|----------------|------|
| R1 | Verify every deployed contract on Blockscout | After each deployment |
| R2 | Keep CONTRACT_ADDRESSES_REFERENCE and ADDRESS_MATRIX_AND_STATUS updated | When new contracts deployed/deprecated |
| R3 | Run check-contracts-on-chain-138.sh; fix MISSING/EMPTY | Periodically or after deploy |
| R4 | Use canonical CCIPWETH9Bridge (`0xcacfd227A040002e49e2e01626363071324f820a`); do not use deprecated | Always |
| R5 | Never commit .env or private keys; rotate if exposed | Always |
| R6R7 | API keys in .env; restrict deployer and RPC admin | Access review |
| R8R9 | Set RPC_URL_138; use GAS_PRICE on Chain 138 | Before deploy / every forge script |
| R10R11 | Phased core deploy order; manage nonce if tx stuck | Deploy order / troubleshooting |
| R12R15 | Keep runbooks in sync; document addresses; consider single deploy→verify script | After script/URL changes; per-chain |
| R16R19 | Env per environment; monitor bridge/oracle; Blockscout up; run forge test before deploy | Config / health / pre-deploy |
| R20R24 | NatSpec on public functions; The Order NPMplus; document blocks #2#6; progress/dry-run/validation; token-mapping single source | Code quality; go-live; scripts; tokens |
**Full list:** [RECOMMENDATIONS_OPERATOR_CHECKLIST.md](RECOMMENDATIONS_OPERATOR_CHECKLIST.md).
---
## 10. Proxmox / validated set (best practices)
| # | Recommendation | Priority | Notes |
|---|----------------|----------|--------|
| 111 | .env permissions, validator keys, SSH key-only, firewall 8006, VLANs, metrics, health/alerting, backup, runbooks | High | [10-best-practices/RECOMMENDATIONS_AND_SUGGESTIONS](../10-best-practices/RECOMMENDATIONS_AND_SUGGESTIONS.md) |
| 1220 | Retry/timeout, structured logging, log collection, resource/network/DB tuning, CI/CD, CLI | Medium | Same |
| 2135 | Auto-scale, progress indicators, --dry-run, config validation, FAQ, script comments | Low / quick wins | Same |
---
## 11. Code quality & scripts
| # | Recommendation | Priority |
|---|----------------|----------|
| 3638 | Shebang, set -euo pipefail + traps, script header template | High/Medium |
| 3943 | Linting (shellcheck, shfmt), script consolidation, shared lib, performance, auto-docs | Medium/Low |
---
## 12. Documentation
| # | Recommendation | Priority |
|---|----------------|----------|
| 4447 | Consolidation, accuracy review, inline/API docs | Medium |
| 6874 | Quick reference cards, decision trees, config templates, examples, glossary, diagrams, TOC | High/Medium/Low |
---
## 13. Security
| # | Recommendation | Priority |
|---|----------------|----------|
| 4852 | Secret audit, input validation, security scanning, RBAC, config validation | High/Medium |
---
## 14. Configuration, testing, monitoring & DX
| # | Recommendation | Priority |
|---|----------------|----------|
| 5367 | Config templates, env standardization, test coverage, CI tests, logging, metrics, health, dev setup, dependency/process docs, backup review | Medium/High |
---
## 15. Infrastructure & deployment phases
| # | Recommendation | Notes |
|---|----------------|------|
| 7578 | VLAN, observability (Prometheus/Grafana/Loki), CCIP fleet, sovereign tenants | Phase 14 |
| 7981 | Besu RPC containers, Hyperledger containers, Blockscout container | High |
---
## 16. Codebase & placeholders
| # | Recommendation | Priority |
|---|----------------|----------|
| 8291 | Security audits (VLT, ISO, BRG), CCIP AMB, dbis_core TS, IRU, canonical env, AlltraAdapter, smart accounts, .bak | Critical/High/Medium/Low |
---
## 17. MetaMask & explorer
| # | Recommendation | Effort |
|---|----------------|--------|
| 92105 | Token-aggregation deploy, API keys, Snap features, CoinGecko, Paymaster, Explorer Wallet link/sync/selector/dark mode, monitoring | 15 min 12 h |
---
## 18. Tezos / Etherlink / CCIP
| # | Recommendation | Category |
|---|----------------|----------|
| 106121 | Etherlink/Jumper/LiFi verification; InitializeRegistry, adapters, relay, DON, metrics, tests | External / contracts / off-chain |
---
## 19. Besu / blockchain
| # | Recommendation | Notes |
|---|----------------|------|
| 122126 | RPC config location, tx pool clearing, tuning, automated monitoring, logging | Phase 23 |
---
## 20. Maintenance (ongoing)
| # | Task | Frequency |
|---|------|-----------|
| 135139 | Explorer sync, RPC health, config API uptime, explorer logs, token list | Daily / weekly / as needed |
Cron: `schedule-daily-weekly-cron.sh --install`; NPMplus: `schedule-npmplus-backup-cron.sh --install`.
---
## 21. E2E flow waves (full parallel)
| Wave | Tasks | Run |
|------|--------|-----|
| E0 | RPC writable, TransactionMirror, deployer funded, Core RPC | Operator |
| E1 | PMM pools create, register, add liquidity (138) | run-pmm-full-parity Phase 1 |
| E2 | CCIP config and fund bridges | complete-config, fund-ccip-bridges-with-link |
| E3 | Token-aggregation env, bridge routes, token mapping, quote API | Code/Op |
| E4 | Blockscout verify, E2E routing, explorer E2E, token-aggregation health | Op/LAN |
| E5 | cUSDT/cUSDC and PMM on L2s; token-aggregation new chains | run-pmm-full-parity Phase 2 |
| E6 | Bridge UI, test bridge, destination DEX, quote UI, E2E test | Code/Op |
| E7 | Update PMM_DEX_ROUTING_STATUS; runbooks | Doc |
Script: `./scripts/run-e2e-flow-tasks-full-parallel.sh [--dry-run]`. Ref: [TASKS_TO_INCREASE_ALL_E2E_FLOWS](TASKS_TO_INCREASE_ALL_E2E_FLOWS.md).
---
## 22. Operator quick reference (run before deploy)
| Step | Command |
|------|--------|
| 1 | `./scripts/deployment/preflight-chain138-deploy.sh [--cost]` |
| 2 | `./scripts/deployment/test-all-contracts-before-deploy.sh` (or `--no-match "Fork|Mainnet|Integration|e2e"`) |
| 3 | `RPC_URL_138=http://192.168.11.211:8545 ./scripts/deployment/check-deployer-balance-chain138-and-funding-plan.sh` |
| 4 | If stuck nonce: `./scripts/clear-all-transaction-pools.sh` then wait 60s |
| 5 | If RPC read-only: `./scripts/maintenance/make-rpc-vmids-writable-via-ssh.sh` then `./scripts/maintenance/health-check-rpc-2101.sh` |
---
## References
- **Single task list:** [TODOS_CONSOLIDATED.md](TODOS_CONSOLIDATED.md)
- **Copy-paste commands:** [OPERATOR_READY_CHECKLIST.md](OPERATOR_READY_CHECKLIST.md)
- **Required fixes & gaps:** [REQUIRED_FIXES_GAPS_AND_DEPLOYMENTS_LIST.md](REQUIRED_FIXES_GAPS_AND_DEPLOYMENTS_LIST.md)
- **139+ recommendations (full):** [ALL_RECOMMENDATIONS_AND_IMPROVEMENTS_LIST.md](ALL_RECOMMENDATIONS_AND_IMPROVEMENTS_LIST.md)
- **Execution plan:** [COMPLETE_REQUIRED_OPTIONAL_RECOMMENDED_INDEX.md](COMPLETE_REQUIRED_OPTIONAL_RECOMMENDED_INDEX.md)
- **Remaining deployments:** [REMAINING_DEPLOYMENTS_FOR_FULL_NETWORK_COVERAGE.md](../03-deployment/REMAINING_DEPLOYMENTS_FOR_FULL_NETWORK_COVERAGE.md)
Reference in New Issue View Git Blame Copy Permalink