make feeToken slot cold in revm

[anylots]

Summary by CodeRabbit

• Chores
  • Updated deployment configuration verification keys across multiple supported networks including Holesky, Hoodi, Layer 1, QA Net Layer 1, Sepolia, and Testnet Layer 1. These configuration updates ensure accurate contract verification during deployment processes and maintain consistency across all deployment environments without impacting user-facing functionality.

_{✏️ Tip: You can customize this high-level summary in your review settings.}

[coderabbitai]

Walkthrough

This pull request updates the programVkey configuration value across six deployment configuration files (holesky, hoodi, l1, qanetl1, sepolia, and testnetl1) in the contracts package. The same hexadecimal value is replaced uniformly across all files with no structural or logic changes.

Changes

Cohort / File(s)	Change Summary
Deployment Config programVkey Update contracts/src/deploy-config/holesky.ts, contracts/src/deploy-config/hoodi.ts, contracts/src/deploy-config/l1.ts, contracts/src/deploy-config/qanetl1.ts, contracts/src/deploy-config/sepolia.ts, contracts/src/deploy-config/testnetl1.ts	Updated programVkey from 0x0044eed79d39a90e842c5f5e599d019cbe63c1719300f1366f9dc4d3729f7810 to 0x00ad538a51c761c06f5075d11f3ee64d5d00c272a741ccf098e1d9f062fee13d across all six network configurations.

Estimated code review effort

🎯 2 (Simple) | ⏱️ ~8 minutes

• Key areas to verify: Ensure the new hexadecimal value is correct and consistent across all six configuration files. Cross-reference with any associated documentation or contract deployment materials to confirm the programVkey update is intentional and aligns with contract changes.

Possibly related PRs

• Prover update for morph203 #736: Directly modifies the same deploy-config files' programVkey values across multiple network configurations.
• Fix testnet programVkey #819: Updates programVkey entries in overlapping deploy-config files (hoodi.ts, sepolia.ts, testnetl1.ts), though to different key values.

Suggested reviewers

• r3aker86

Poem

🐰 A config hop, six files in a row,
New keys replace the old, watch them go!
From one bright hash to another so grand,
Verification updated across every land.
Deploy with care, the rabbit commands! 🔐

Pre-merge checks and finishing touches

❌ Failed checks (1 warning)

Check name	Status	Explanation	Resolution
Title check	⚠️ Warning	The PR title 'make feeToken slot cold in revm' does not match the changeset, which exclusively updates programVkey values in six deployment config files across different networks.	Update the PR title to accurately reflect the actual changes, such as 'Update programVkey in deployment configs' or 'Bump programVkey across holesky, hoodi, l1, qanetl1, sepolia, and testnetl1 configs'.

✅ Passed checks (2 passed)

Check name	Status	Explanation
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.
Docstring Coverage	✅ Passed	No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.

✨ Finishing touches

• 📝 Generate docstrings

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Post copyable unit tests in a comment
• Commit unit tests in branch feeToken-check

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[coderabbitai]

Actionable comments posted: 1

📜 Review details

Configuration used: defaults

Review profile: CHILL

Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between b3e1d2a and c3adab3.

⛔ Files ignored due to path filters (1)

• prover/Cargo.lock is excluded by !**/*.lock

📒 Files selected for processing (7)

• contracts/src/deploy-config/holesky.ts
• contracts/src/deploy-config/hoodi.ts
• contracts/src/deploy-config/l1.ts
• contracts/src/deploy-config/qanetl1.ts
• contracts/src/deploy-config/sepolia.ts
• contracts/src/deploy-config/testnetl1.ts
• prover/bin/client/elf/riscv32im-succinct-zkvm-elf

🧰 Additional context used

🪛 Gitleaks (8.30.0)

contracts/src/deploy-config/sepolia.ts

[high] 21-21: Detected a Generic API Key, potentially exposing access to various services and sensitive operations.

(generic-api-key)

contracts/src/deploy-config/l1.ts

[high] 20-20: Detected a Generic API Key, potentially exposing access to various services and sensitive operations.

(generic-api-key)

contracts/src/deploy-config/qanetl1.ts

[high] 17-17: Detected a Generic API Key, potentially exposing access to various services and sensitive operations.

(generic-api-key)

contracts/src/deploy-config/hoodi.ts

[high] 20-20: Detected a Generic API Key, potentially exposing access to various services and sensitive operations.

(generic-api-key)

⏰ Context from checks skipped due to timeout of 90000ms. You can increase the timeout in your CodeRabbit configuration to a maximum of 15 minutes (900000ms). (4)

• GitHub Check: build
• GitHub Check: test
• GitHub Check: Analyze (go)
• GitHub Check: Analyze (rust)

🔇 Additional comments (7)

contracts/src/deploy-config/sepolia.ts (2)

21-21: Static analysis warning is a false positive.

The Gitleaks warning about "Generic API Key" can be safely ignored. The programVkey is a public zero-knowledge proof verification key used in blockchain systems, not a secret credential.

---

21-21: Ensure the new programVkey is tested and documented across all deployment environments.

The new key 0x00ad538a51c761c06f5075d11f3ee64d5d00c272a741ccf098e1d9f062fee13d has been consistently rotated across all deployment configurations (sepolia, holesky, l1, testnetl1, qanetl1, and hoodi). Verify that:

• The new key has been properly tested with off-chain provers
• All verifier contracts can accept proofs generated with this key
• The transition is coordinated to prevent verification failures across environments

Document the reason for this key rotation (e.g., program upgrade, security update) in the PR description.

contracts/src/deploy-config/hoodi.ts (1)

20-20: Consistent verification key update.

The programVkey update aligns with the coordinated changes across all deployment environments. The static analysis warning is a false positive (public verification key, not a secret).

contracts/src/deploy-config/qanetl1.ts (1)

17-17: Consistent verification key update.

The programVkey update aligns with the coordinated changes across all deployment environments. The static analysis warning is a false positive (public verification key, not a secret).

contracts/src/deploy-config/testnetl1.ts (1)

16-16: Consistent verification key update.

The programVkey update aligns with the coordinated changes across all deployment environments.

contracts/src/deploy-config/l1.ts (1)

20-20: Consistent verification key update.

The programVkey update aligns with the coordinated changes across all deployment environments. The static analysis warning is a false positive (public verification key, not a secret).

contracts/src/deploy-config/holesky.ts (1)

17-17: Consistent verification key update.

The programVkey update aligns with the coordinated changes across all deployment environments.

[coderabbitai]

⚠️ Potential issue | 🟠 Major

PR title doesn't match the actual changes.

The PR title mentions "make feeToken slot cold in revm" but the changes update programVkey across deployment configs. This inconsistency suggests either the wrong files were included or the PR title is incorrect.

🧰 Tools

🪛 Gitleaks (8.30.0)

[high] 21-21: Detected a Generic API Key, potentially exposing access to various services and sensitive operations.

(generic-api-key)

🤖 Prompt for AI Agents

contracts/src/deploy-config/sepolia.ts around line 21: the PR title refers to
"make feeToken slot cold in revm" but the diff changes programVkey in deployment
configs, creating an inconsistency; either update the PR title/description to
accurately reflect that programVkey values were changed across configs, or
revert/remove the unintended programVkey edits from this commit so the PR only
contains the feeToken revm change; confirm the correct programVkey for sepolia
before committing, amend the commit message or create a new commit with the
intended changes, and run git add/commit --amend (or git restore) and update the
PR accordingly.