[ADHOC] chore(evm): set up deploy logic for LimitedSignerValidator

packages/evm/README.md

@@ -4,64 +4,64 @@
 
 1. Update foundry using `foundryup`
 2. Make sure you have all `.env` variables added:
-    
+
     ```jsx
     BOOST_FEE_RECIPIENT=
     BOOST_DEPLOYMENT_SALT=
     ETHERSCAN_API_KEY=
     MAIN_ETHERSCAN_API_KEY=
     ```
-    
+
 3. Note the current deployed addresses in `packages/evm/deploys`
-    
+
     The currently deployed addresses will be ordered based on network ID.
-    
+
     If there is a file representing a deployment on the network you’ll be deploying to take note of the current address.
-    
+
     If there is **not** a file representing a deployment on that network you have to create one inside the `pacakges/evm/deploys`  with `touch <networkid>.json` for example:
-    
+
     `cd packages/evm/deploys`
-    
+
     `touch 31337.json`
-    
+
 4. [OPTIONAL] Deploy Core Contracts
-    
+
     We use `--watch` to ensure contracts are verified and `--slow` to make sure transactions complete before starting the next broadcast. This helps avoid nonce issues.
-    
+
     <aside>
     💡
-    
+
     In the vast majority of cases you WILL NOT want to redeploy core and registry. Make absolutely sure you know what you’re doing before doing this step.
-    
+
     </aside>
-    
+
     To deploy the core contracts to the `Sepolia testnet`, use the following command:
-    
+
     ```solidity
     forge script script/solidity/Deploy.s.sol:CoreDeployer -f https://eth-sepolia.g.alchemy.com/v2/YOUR_ALCHEMY_API_KEY --broadcast --verify --private-key "YOUR_PRIVATE_KEY" --watch --slow
     ```
-    
+
     In order to deploy to another network simply switch the RPC you're broadcasting against.
-    
+
 5. Deploy Module Contracts
 We use `--watch` to ensure contracts are verified and `--slow` to make sure transactions complete before starting the next broadcast. This helps avoid nonce issues.
-    
+
     To deploy the module contracts to the `Sepolia testnet`, use the following command:
-    
+
     ```solidity
     forge script script/solidity/Deploy_Modules.s.sol:ModuleBaseDeployer -f https://eth-sepolia.g.alchemy.com/v2/YOUR_ALCHEMY_API_KEY --broadcast --verify --private-key "YOUR_PRIVATE_KEY"` --watch --slow
     ```
-    
+
     It may be necessary to set the verifier URL and some verifiers may require a different API key:
-    
+
     ```solidity
-    
+
     forge script script/solidity/Deploy.s.sol:CoreDeployer -f https://base-sepolia.g.alchemy.com/v2/KEY--broadcast --verify --private-key “KEY” —watch  --etherscan-api-key **KEY** --verifier-url https://api-sepolia.basescan.org/api
-    
+
     ```
-    
+
     **see the end of these steps for a table of known verifier URLs**
-    
+
 
 We use `--watch` to ensure contracts are verified and `--slow` to make sure transactions complete before starting the next broadcast. This helps avoid nonce issues.
 
@@ -83,3 +83,15 @@ https://book.getfoundry.sh/reference/forge/forge-script#options
 | arb-mainnet | [`https://api.arbiscan.io/api`](https://api.arbiscan.io/api) |
 | opt-mainnet | [`https://api-optimistic.etherscan.io/api`](https://api-optimistic.etherscan.io/api) |
 | base-mainnet | [`https://api.basescan.org/api`](https://api.basescan.org/api) |
+
+## Security Model
+
+`SignerValidator` limits claims on individual claim data, which can allow for multiple
+claims of the same incentive by a given address, as long as a unique action is signed off
+by the Signer.
+
+`LimitedSignerValidator` hard caps the claim quantity for a given incentive
+regardless of the validity of individual action requests presented to the signer.
+
+Most incentives hard-cap each address to one claim, but `ERC20PeggedVariableCriteriaIncentive`
+does not, by design.

packages/evm/script/solidity/Deploy_Modules.s.sol

@@ -26,6 +26,7 @@ import {SimpleAllowList} from "contracts/allowlists/SimpleAllowList.sol";
 import {SimpleDenyList} from "contracts/allowlists/SimpleDenyList.sol";
 
 import {SignerValidator} from "contracts/validators/SignerValidator.sol";
+import {LimitedSignerValidator} from "contracts/validators/LimitedSignerValidator.sol";
 
 /// @notice this script deploys and registers budgets, actions, and incentives
 contract ModuleBaseDeployer is ScriptUtils {
@@ -59,6 +60,7 @@ contract ModuleBaseDeployer is ScriptUtils {
         _deployPointsIncentive(registry);
         _deployAllowListIncentive(registry);
         _deploySignerValidator(registry);
+        _deployLimitedSignerValidator(registry);
         _deploySimpleAllowList(registry);
         address denyList = _deploySimpleDenyList(registry);
         _deployOpenAllowList(registry, SimpleDenyList(denyList));
@@ -203,6 +205,15 @@ contract ModuleBaseDeployer is ScriptUtils {
         _registerIfNew(newDeploy, string(abi.encodePacked("SignerValidator", signerValidator)), signerValidator, registry, ABoostRegistry.RegistryType.VALIDATOR);
     }
 
+    function _deployLimitedSignerValidator(BoostRegistry registry) internal returns (address limitedSignerValidator) {
+        bytes memory initCode = type(LimitedSignerValidator).creationCode;
+        limitedSignerValidator = _getCreate2Address(initCode, "");
+        console.log("LimitedSignerValidator: ", limitedSignerValidator);
+        deployJson = deployJsonKey.serialize("LimitedSignerValidator", limitedSignerValidator);
+        bool newDeploy = _deploy2(initCode, "");
+        _registerIfNew(newDeploy, string(abi.encodePacked("LimitedSignerValidator",  limitedSignerValidator)),  limitedSignerValidator, registry, ABoostRegistry.RegistryType.VALIDATOR);
+    }
+
     function _deploySimpleAllowList(BoostRegistry registry) internal returns (address simpleAllowList) {
         bytes memory initCode = type(SimpleAllowList).creationCode;
         simpleAllowList = _getCreate2Address(initCode, "");