M3 — ACP v2 contracts E2E on Base Sepolia

M3 — ACP v2 contracts E2E on Base Sepolia

Agent Connection Protocol v2 — on-chain contracts for agent identity, registration, escrow, fee splitting, hooks, and reputation.

Highlights

• AgentRegistry: composite identity, two-step controller transfer, SCORER_ROLE-gated reputation accumulator with nonce-based replay protection.
• Job + JobFactory: EIP-1167 minimal-proxy clones; lifecycle wired through Escrow + FeeSplitter (95/3/2 schedule) + HookRegistry hook iteration.
• Escrow: multi-token, atomic multi-recipient release. Permit2 path with token+amount equality + jobId witness binding.
• FeeSplitter + BuybackBurner: 3% Treasury / 2% buyback (TITU burn via Uni V2). Absolute-TITU minTituOut slippage floor.
• Hooks: HookRegistry whitelist + 4 lifecycle hooks (FundTransfer, Subscription, Milestone, Royalty).
• Backend: gateway endpoints GET /jobs, GET /jobs/:id, POST /jobs/prepare. Indexer abigen bindings + 12 ACP event handlers with explicit MarkLogProcessed idempotency.
• Security: threat model in docs/security/threat-model-m3.md. Slither pass: 0 findings on 7 core contracts. Halmos PROVEN: funded → exactly one of {Completed, Cancelled}.

Closed sub-issues

• #285 Wire Job ↔ Escrow ↔ FeeSplitter ↔ HookRegistry in DeployPhase3 + Job._completeJob
• #76 threat model: docs/security/threat-model-m3.md
• #75 gateway endpoints: GET /jobs, /jobs/:id, POST /jobs/prepare
• #74 abigen Go bindings + indexer handlers (JobCreated, phase transitions, hook events)
• #73 DeployPhase3.s.sol + verify
• #72 ERC-8183 interface compliance check + ABI publish
• #71 Slither + Echidna pass
• #70 Halmos: prove funded → exactly one of {completed, rejected, expired}
• #69 invariants: escrowSolvency, feeSplitSums, phaseMonotonicity
• #68 Reputation.t.sol (bump on accept, decrement on reject)
• #67 MultiHook.t.sol (FundTransfer + Milestone composition)
• #66 JobLifecycle.t.sol (full 4-phase, both job types, with/without evaluator)
• #65 unit tests + revert paths for every transition
• #64 Permit2 integration on fund()
• #63 RoyaltyHook (downstream revenue share)
• #62 MilestoneHook (split budget into N stages)
• #61 SubscriptionHook (recurring renew)
• #60 FundTransferHook (principal entrustment + PnL settle)
• #59 HookRegistry.sol + IHook interface
• #58 BuybackBurner.sol (Uni V2 swap + ERC20Burnable.burnFrom)
• #57 FeeSplitter.sol (95/5 + 90/5/5 splits, 3% Treasury / 2% buyback)
• #56 Escrow.sol (multi-token, atomic multi-recipient release)
• #55 Job.sol (state machine, transitions, role gating, expiry)
• #54 JobFactory.sol (EIP-1167 clones of Job)
• #53 AgentRegistry.sol (composite identity, reputation)

Deferred to follow-up

• ReputationOracle.sol + ACPRouter.sol contracts (not in scope as separate contracts; reputation lives in AgentRegistry, runtime endpoint resolution remains off-chain).
• Slither + Halmos pass on hook subsystem and Permit2-fund path.
• Live Base Sepolia deployment + tx hashes.
• JobFactory holds DEFAULT_ADMIN_ROLE on Escrow/FeeSplitter — tighten via custom granter role pre-mainnet.
• Indexer persist + MarkLogProcessed should be wrapped in a single Postgres transaction in production.

Merge commit: 33b26d3

M2 — Launchpad E2E (bonding curve → graduation)

M2 — Launchpad E2E

Modular agent-token launchpad on Base Sepolia. Factory-cloned EIP-1167 token + bonding curve + 7 toggleable modules. 42k TITU graduation trigger, atomic Uniswap V2 LP creation, immutable 10-year LP lock, 1% transfer tax with 70/30 fee split.

Highlights

• Contracts: AgentToken (taxExempt allowlist for curve/graduator/feeRouter), BondingCurve, Graduator, LPLock, FeeRouter, LaunchpadFactory + 7 modules (AntiSniper, Airdrop, CapitalFormation, ExistingToken, LaunchRadar, PreBuy, SixtyDays).
• Coverage: 99-100% on every launchpad contract. 802+ forge tests. Per-module + composition tests. Invariants (CurveK, LpLock, FeeSplit, AgentSupply, GraduationAtomicity) at 200k runs each. Halmos symbolic exec on graduator + curve. Slither: 0 HIGH/MED, 32 LOW triaged.
• Security: M2-S-01 graduation tax-double-skim caught + fixed pre-deploy via taxExempt allowlist on AgentToken. Threat model committed.
• Indexer: abigen Go bindings + handlers for AgentLaunched/Bought/Sold/Graduated with idempotent log processing.
• Gateway: REST endpoints for agents + trades.
• Web: launch wizard + agent page (chart + buy/sell widget) + Playwright E2E against local anvil + DeployPhase1 + DeployPhase2.
• Deploy: DeployPhase2.s.sol + merged deployments JSON.

Closed sub-issues (27)

#27 #28 #29 #30 #31 #32 #33 #34 #35 #36 #37 #38 #39 #40 #41 #42 #43 #44 #45 #46 #47 #48 #49 #50 #51 #52 #265

Merged milestone PR

#267

M1 — TITU + Treasury live on Base Sepolia

M1 — TITU + Treasury live on Base Sepolia

Milestone shipped. All sub-issues closed, CI green, verification block passed.

Closed issues

• #26 threat model doc: docs/security/threat-model-m1.md
• #25 Etherscan verification of all 5 contracts
• #24 DeployPhase1.s.sol + write deployments/base-sepolia.json
• #23 Slither + Echidna run; clean baseline
• #22 fuzz: random transfer/permit/burn + lock duration sequences
• #21 invariants: supplyFixed, vestingSumLeDeposit, veNonNegative
• #20 unit tests: TITU.t.sol, Treasury.t.sol, VestingVault.t.sol, VeTITU.t.sol, FeeDistributor.t.sol
• #19 implement FeeDistributor.sol (weekly epoch, multi-token claim)
• #18 implement VeTITU.sol (Curve-style escrow, ERC-5805 votes)
• #17 implement VestingVault.sol (per-beneficiary cliff + linear)
• #16 implement Treasury.sol (Safe-owned, UUPS, fee receivers)
• #15 implement TITU.sol (ERC20 + Permit + Votes + Burnable, fixed 1B)

Commits

• f229271 Merge pull request #238 from 0xDevNinja/milestone/M1-titu-treasury-live-on-base-sepolia
• 840b279 feat: titu + treasury contracts (#237)

Source

Merge commit: f229271a34ec61b4c4d4455b985666d0c76ae84d

M0 — Foundation

M0 — Foundation

Milestone shipped. All sub-issues closed, CI green, verification block passed.

Closed issues

• #14 end-to-end pipeline dry run on README typo PR
• #13 CODEOWNERS + .github/pull_request_template.md (neutral)
• #12 husky + lint-staged + biome + commitlint pre-commit
• #11 branch protection + auto-merge config via gh api
• #10 CI workflows: lint.yml, test.yml, security.yml, pr-check.yml (neutral names)
• #9 docker compose dev stack (postgres, redis, nats, anvil, solana-test-validator)
• #8 scaffold Rust service stubs (runtime-rs + planner-rs + evaluator-rs)
• #7 scaffold Go service stubs (gateway-go + indexer-go)
• #6 scaffold Next.js apps (web + console) with App Router
• #5 initialize Anchor 0.30 workspace in contracts/solana
• #4 initialize Foundry + OpenZeppelin v5 + forge-std in contracts/evm
• #3 scaffold scripts/bootstrap.sh + dev.sh + verify-repo.sh
• #2 bootstrap cargo workspace + go.work
• #1 bootstrap pnpm workspace + turborepo

Commits

• 99d70e5 Merge pull request #233 from 0xDevNinja/milestone/M0-foundation
• 17f9629 ci: route all pr checks through pr-check aggregator (#236)
• b7c2de9 fix(deps): bump next 14.2.35 to 15.5.15 (#235)
• 8341834 fix(deps): bump next, slither-action, go toolchain (#234)
• 33ba33f foundation: bootstrap monorepo (#232)
• 835f338 Initial commit

Source

Merge commit: 99d70e500f1f37f41c57dcbecd22962375cdf86a