trade · iap · May 21, 2026 · May 20, 2026 · May 20, 2026 · May 20, 2026
@@ -3,17 +3,28 @@ language: 'en-US'
 early_access: false
 
 reviews:
-  profile: 'chill'
-  request_changes_workflow: false
+  profile: 'assertive'
+  request_changes_workflow: true
   high_level_summary: true
   review_status: true
   collapse_walkthrough: true
   auto_review:
     enabled: true
     drafts: false
+    ignore_title_keywords:
+      - 'WIP'
+      - 'DO NOT REVIEW'
+    ignore_authors:
+      - 'dependabot[bot]'
+      - 'github-actions[bot]'
   path_filters:
     - '!**/.nvmrc'
     - '!**/pnpm-lock.yaml'
+    - '!**/package-lock.json'
+    - 'contracts/src/**/*.sol'
+    - 'contracts/script/**/*.sol'
+    - 'contracts/test/**/*.sol'
+    - 'circuits/**/*.circom'
     - '.github/workflows/**'
     - '**/*.md'
     - '**/*.yml'
@@ -25,14 +36,20 @@ reviews:
         Focus only on: security vulnerabilities, reentrancy, CEI violations,
         access control issues, integer overflow/underflow, and incorrect error handling.
         Skip style, naming, and minor readability suggestions.
+    - path: 'contracts/test/**/*.sol'
+      instructions: |
+        Focus only on: missing test cases for security-critical paths, incorrect
+        assertions that would pass on a broken implementation, and missing invariant
+        checks. Skip style suggestions.
     - path: 'circuits/**/*.circom'
       instructions: |
         Focus only on: constraint soundness, missing range checks, and
         signal assignment correctness. Skip style suggestions.
     - path: '.github/workflows/**'
       instructions: |
-        Focus only on: secret exposure, injection vulnerabilities, and
-        missing branch enforcement. Skip style suggestions.
+        Focus only on: secret exposure, injection vulnerabilities, unpinned action
+        versions, missing permissions scoping, and missing branch enforcement.
+        Skip style suggestions.
     - path: '**/*.md'
       instructions: |
         Focus on: broken links, incorrect commands, version mismatches,
@@ -52,3 +69,7 @@ chat:
 knowledge_base:
   code_guidelines:
     enabled: true
+    filePatterns:
+      - 'docs/CONTRIBUTING.md'
+      - 'docs/ARCHITECTURE.md'
+      - 'contracts/ARCHITECTURE.md'
@@ -135,7 +135,7 @@ What this script applies:
 - optional production required reviewers by user ID
 - optional direct-push restrictions via `*_PUSH_ALLOW_*` allowlists
 
-## 9) Verify active protections after transfer
+## 9) Verify active protections
 
 Run the verification script with a repo-admin token:
 

@@ -40,7 +40,9 @@ jobs:
       - name: Install shfmt
         run: |
           curl -sSL https://github.com/mvdan/sh/releases/download/v3.10.0/shfmt_v3.10.0_linux_amd64 \
-            -o /usr/local/bin/shfmt && chmod +x /usr/local/bin/shfmt
+            -o /tmp/shfmt
+          echo '1f57a384d59542f8fac5f503da1f3ea44242f46dff969569e80b524d64b71dbc  /tmp/shfmt' | sha256sum -c -
+          install -m 755 /tmp/shfmt /usr/local/bin/shfmt
           shfmt --version
 
       - name: Check shell formatting

@@ -21,8 +21,6 @@ dist-ssr
 supersim-logs/
 
 # Editor directories and files
-.vscode/*
-!.vscode/extensions.json
 .idea
 .DS_Store
 *.suo

@@ -12,8 +12,9 @@
 # MARK_STAGING_DEPLOYER_PRIVATE_KEY GitHub secret. For local rehearsal
 # runs, export PRIVATE_KEY before sourcing this file.
 
-# Use a private RPC endpoint (Alchemy/Infura/QuickNode) to avoid public rate limits.
-RPC_URL=https://sepolia.optimism.io
+# Set RPC_URL to a private endpoint (Alchemy/Infura/QuickNode) to avoid public rate limits.
+# In CI this is injected from the MARK_STAGING_RPC_URL GitHub secret.
+RPC_URL=${MARK_STAGING_RPC_URL:-https://sepolia.optimism.io}
 
 # Owner address (hardware wallet — address only, never the key).
 MARK_RYLA_OWNER=0x0000000000000000000000000000000000000000

@@ -100,3 +100,17 @@ This document lists known limitations and intentional design decisions that audi
 **Required before mainnet:** Monitor `MARKPool` size on every change. If the margin drops below ~100 bytes, extract logic (e.g. bridge-out, fee policy, or root management) into a separate contract.
 
 **Accepted for now because:** The pool domain is pre-production. The settlement layer (which does not use `MARKPool`) is unaffected and can proceed to testnet independently.
+
+---
+
+## KI-9: Vulnerable transitive dependencies in circuits/ dev tooling
+
+**Scope:** `circuits/` — local trusted-setup and witness-test tooling only
+
+**Description:** `circomlibjs >= 0.1.0` depends on `ethers@5`, which pulls in `elliptic <= 6.6.1` (faulty ECDSA signatures, potential key exposure — GHSA-848j-6mx2-7j84) and `ws 8.0.0–8.20.0` (uninitialized memory disclosure — GHSA-58qx-3vcg-4xpx). No non-breaking fix is available: the only upstream resolution (`npm audit fix --force`) downgrades `circomlibjs` to `0.0.8`, which is incompatible with Node 22/24 and breaks `buildPoseidon`.
+
+**Impact:** None — `circuits/` is local developer tooling. It is never deployed, never handles user input, and never runs in CI with untrusted data. The `elliptic` key-exposure vector requires an attacker to obtain both a faulty and a correct signature for the same inputs, which is not possible in this context.
+
+**Accepted because:** No upstream fix is available without a breaking change. The packages are scoped to local trusted-setup (`setup.mjs`) and witness tests (`npm test`). Resolution is blocked on `circomlibjs` releasing a version that drops the `ethers@5` dependency.
+
+**Resolution path:** Replace `circomlibjs` with a lightweight Poseidon library that has no `ethers` dependency, such as `poseidon-lite` or `@zk-kit/poseidon-cipher`. Both provide `buildPoseidon`-equivalent functionality without pulling in `ethers@5`. Before switching, verify the Poseidon implementation produces identical field outputs to what `MARKPool.circom` expects — run the full witness test suite (`npm test` in `circuits/`) to confirm. Target this before mainnet promotion.
@@ -10,7 +10,7 @@ import re
 import sys
 
 apply_governance = Path("scripts/github/apply-governance.sh").read_text()
-branching = Path("BRANCHING.md").read_text()
+branching = Path("docs/BRANCHING.md").read_text()
 checklist = Path(".github/PRODUCTION_GOVERNANCE_CHECKLIST.md").read_text()