OpenZeppelin
Add RLP and TrieProof libraries
Requires:
- https://github.com/OpenZeppelin/openzeppelin-contracts/pull/5189
- https://github.com/OpenZeppelin/openzeppelin-contracts/pull/5724
- https://github.com/OpenZeppelin/openzeppelin-contracts/pull/5725
PR Checklist
- [ ] Tests
- [ ] Documentation
- [ ] Changeset entry (run
npx changeset add)
🦋 Changeset detected
Latest commit: 371595d3959a96a030060dd03ae74e6082d5aedd
The changes in this PR will be included in the next version bump.
This PR includes changesets to release 1 package
| Name | Type |
|---|---|
| openzeppelin-solidity | Minor |
Not sure what this means? Click here to learn what changesets are.
Click here if you're a maintainer who wants to add another changeset to this PR
![changeset-bot[bot] avatar](https://avatars.githubusercontent.com/in/28616?v=4 "Published by a pub.dev verified publisher"){kind=small}
Hi @0xClandestine, so in there is an open discussion in #5189, some open issues in https://github.com/OpenZeppelin/openzeppelin-contracts/pull/5724 and https://github.com/OpenZeppelin/openzeppelin-contracts/pull/5725
I would appreciate help in advancing any of these PRs, as of now we're attending the 5.4 audit release and these are 5.5 candidates. For this particular PR, we're missing test, je 😅
This PR must be updated if any of #5792 or #5726 is merged. Essentially replacing these RLP private functions and string's equal
Walkthrough
This change adds a new RLP Solidity library (encoding/decoding, item types, errors, encoder helpers). The Memory library gains a public Slice type and slice utilities with bounds checks. The Bytes library introduces a memory-only Accumulator with push/shift/flatten operations. Solidity pragma updates to ^0.8.24 appear in ERC4626.sol and Memory.sol. Stateless.sol imports RLP. README is updated to reference RLP. New tests cover Bytes.Accumulator, Memory.Slice, and comprehensive RLP encode/decode in Solidity and JavaScript. A changeset declares a minor version bump and mentions the new RLP library.
Suggested labels
ignore-changeset
Pre-merge checks and finishing touches
❌ Failed checks (1 warning)
| Check name | Status | Explanation | Resolution |
|---|---|---|---|
| Docstring Coverage | ⚠️ Warning | Docstring coverage is 0.00% which is insufficient. The required threshold is 80.00%. | You can run @coderabbitai generate docstrings to improve docstring coverage. |
✅ Passed checks (2 passed)
| Check name | Status | Explanation |
|---|---|---|
| Title Check | ✅ Passed | The title "Add RLP library" is concise and accurately reflects the primary change in the changeset — the addition of contracts/utils/RLP.sol and its accompanying tests and docs references — so it clearly summarizes the PR's main purpose for a reviewer scanning history. |
| Description Check | ✅ Passed | The pull request description lists required dependent PRs, notes outstanding checklist items (tests, documentation, changeset), and provides contextual guidance, so it is directly related to the changeset and not off-topic. |
✨ Finishing touches
- [ ] 📝 Generate Docstrings
🧪 Generate unit tests
- [ ] Create PR with unit tests
- [ ] Post copyable unit tests in a comment
[!TIP]
👮 Agentic pre-merge checks are now available in preview!
Pro plan users can now enable pre-merge checks in their settings to enforce checklists before merging PRs.
- Built-in checks – Quickly apply ready-made checks to enforce title conventions, require pull request descriptions that follow templates, validate linked issues for compliance, and more.
- Custom agentic checks – Define your own rules using CodeRabbit’s advanced agentic capabilities to enforce organization-specific policies and workflows. For example, you can instruct CodeRabbit’s agent to verify that API documentation is updated whenever API schema files are modified in a PR. Note: Upto 5 custom checks are currently allowed during the preview period. Pricing for this feature will be announced in a few weeks.
Please see the documentation for more information.
Example:
reviews: pre_merge_checks: custom_checks: - name: "Undocumented Breaking Changes" mode: "warning" instructions: | Pass/fail criteria: All breaking changes to public APIs, CLI flags, environment variables, configuration keys, database schemas, or HTTP/GraphQL endpoints must be documented in the "Breaking Change" section of the PR description and in CHANGELOG.md. Exclude purely internal or private changes (e.g., code not exported from package entry points or explicitly marked as internal).Please share your feedback with us on this Discord post.
Comment @coderabbitai help to get the list of available commands and usage tips.
![coderabbitai[bot] avatar](https://avatars.githubusercontent.com/in/347564?v=4 "Published by a pub.dev verified publisher"){kind=small}
We should decide weither we are ok with the following feature:
- Memory slices (in memory.sol ?)
- Bytes accumulator (in bytes.sol ? in a dedicated file under struct ?)
- RLP encoder interface (uses Bytes accumulator)
Overall, we should also discuss naming of the functions in RLP.sol.
No dependency changes detected. Learn more about Socket for GitHub.
👍 No dependency changes detected in pull request
![socket-security[bot] avatar](https://avatars.githubusercontent.com/in/156372?v=4 "Published by a pub.dev verified publisher"){kind=small}
The only thing left to discuss is the error to use in _decodeLength. See https://github.com/OpenZeppelin/openzeppelin-contracts/pull/5680#discussion_r2356559020
Once that's done I think the PR should be good. The main problem may be the coverage hit but we may be fine with that (?)