|
| 1 | +# Improvement Plan |
| 2 | + |
| 3 | +Below is a prioritized list of improvements for the repository. Each item contains a short description and concrete next-steps. |
| 4 | + |
| 5 | +1. **Random-number security (contracts) — WON'T FIX** |
| 6 | + *Reason:* The application is intended solely for local demos/testing with no real value at stake, so integrating a verifiable RNG (e.g. Chainlink VRF) is out-of-scope. |
| 7 | + *Original suggestion:* `contracts/RandomnessProvider.sol` uses block variables that miners can influence. For production deployments a provably-fair RNG must replace it. |
| 8 | + |
| 9 | +2. **Remove hard-coded addresses & network data** |
| 10 | + • Output deployment artifacts (`scripts/initializeChain.js`) to a JSON file or `.env` and have the frontend read them. |
| 11 | + • Support multiple networks (localhost, testnet, mainnet-fork) via environment variables. |
| 12 | + |
| 13 | +3. **Expand smart-contract test coverage** |
| 14 | + • Move Solidity tests to `test/` root. |
| 15 | + • Cover edge-cases: re-entrancy, allowance exhaustion, overflow, unauthorized calls. |
| 16 | + • Add fuzz/invariant tests with Hardhat or Foundry. |
| 17 | + |
| 18 | +4. **Stabilize CI pipeline for chain interactions** |
| 19 | + • Launch Hardhat node in CI with a dedicated step and health-check the JSON-RPC port. |
| 20 | + • Fail the pipeline on linter or coverage regressions. |
| 21 | + • Cache `node_modules` and Hardhat artifacts to speed up builds. |
| 22 | + |
| 23 | +5. **Enforce code-style & linting** |
| 24 | + • Introduce Prettier and a stricter ESLint config (airbnb/next). |
| 25 | + • Remove the spurious `ci` dependency from `package.json`. |
| 26 | + • Run `npm run lint --max-warnings 0` in CI. |
| 27 | + |
| 28 | +6. **Introduce type-safety & refactor helpers** |
| 29 | + • Migrate frontend to TypeScript or add JSDoc annotations. |
| 30 | + • Extract and unit-test helpers like `getRandomWheelNumber` and `getCompleteResultsOfRound`. |
| 31 | + |
| 32 | +7. **Optimise `Roulette.sol` for gas & clarity** |
| 33 | + • Make `_addToSet` `internal` and use a `constant` array for wheel numbers. |
| 34 | + • Avoid loading the entire wheel array into memory each call. |
| 35 | + • Add NatSpec comments for public functions. |
| 36 | + |
| 37 | +8. **Adopt standard ERC-20 implementation for token** |
| 38 | + • Inherit from OpenZeppelin `ERC20` and implement deposit/redeem wrappers. |
| 39 | + • Emit `Transfer` events on mint/burn, add rounding checks. |
| 40 | + |
| 41 | +9. **Improve documentation & licensing** |
| 42 | + • Add a top-level `LICENSE` (MIT) to align with SPDX headers. |
| 43 | + • Extend README with architecture, deployment flow, and security caveats. |
| 44 | + |
| 45 | +10. **Broaden React component & integration tests** |
| 46 | + • Use React-Testing-Library for user-flow tests (placing bets, signing tx). |
| 47 | + • Add snapshot tests for game components. |
| 48 | + • Track coverage and aim for >80% lines/statements. |
0 commit comments