Releases: CMTA/CMTAT
Release list
v3.3.0-rc1
Note: This version has not been audited.
Smart contract
Added
- New base contract
CMTATBaseDocument:- Introduced as
contracts/modules/1_CMTATBaseDocument.sol. - Isolates document-management authorization (
_authorizeDocumentManagement) fromCMTATBaseAccessControl. - Composes
DocumentERC1643Moduleon top of the rule-engine base path.
- Introduced as
- Stateful RuleEngine transfer hook support (testing/mocks):
- Added
IRuleTransferHook(contracts/mocks/RuleEngine/interfaces/IRuleTransferHook.sol) to allow rules to update rule-local state on transfer callbacks. - Added
RuleTokenHolderTracker(contracts/mocks/RuleEngine/RuleTokenHolderTracker.sol) to track holder balances/list in rule storage. RuleEngineMocknow wires the holder-tracker rule and executes transfer hooks intransferred(...)paths.
- Added
Changed
- ERC-1643 document identifier format aligned to
bytes32(breaking API change for document functions):- Previous CMTAT variant (e.g.
v3.2.0) usedstringfor document names inIERC1643(getDocument(string),getAllDocuments() -> string[]). - Current implementation uses
bytes32document names (getDocument(bytes32),getAllDocuments() -> bytes32[]) and exposessetDocument(bytes32,string,bytes32)/removeDocument(bytes32)with associated events. - CMTAT terms remain on the modified CMTAT structure:
IERC1643CMTAT.DocumentInfostill usesstring namefor tokenization terms metadata (setTermspath).
- Previous CMTAT variant (e.g.
- Base hierarchy refactor (strict dependency-order levels):
CMTATBaseDocumentat level 1 (contracts/modules/1_CMTATBaseDocument.sol).CMTATBaseAccessControlat level 2 (contracts/modules/2_CMTATBaseAccessControl.sol) and now inheritsCMTATBaseDocument.CMTATBaseAllowlistandCMTATBaseRuleEngineat level 3.CMTATBaseDebtandCMTATBaseERC1404at level 4.CMTATBaseERC20CrossChainat level 5.CMTATBaseERC2612,CMTATBaseERC2771,CMTATBaseDebtEngineat level 6.CMTATBaseERC2771Snapshot,CMTATBaseERC7551Enforcementat level 7.CMTATBaseERC1363,CMTATBaseERC7551at level 8.
CMTATBaseCommonno longer inheritsDocumentERC1643Module.CMTATBaseAccessControlnow defines_authorizeDocumentManagementand enforcesDOCUMENT_ROLE.- Updated impacted imports and deployment references to match the new module numbering/layout.
- ERC20CrossChain burn-path cleanup (no external API change):
- Removed redundant
crosschainBurnoverride fromCMTATBaseERC20CrossChain; level-5 now usesERC20CrossChainModule.crosschainBurndirectly. - Removed redundant sender-aware burn override from
CMTATBaseERC20CrossChain; burn/burnFrom sender-aware flow now relies on the module implementation. - In
ERC20CrossChainModule, simplified internal self-burn routing and renamed helper_burnWithSenderto_burnFromOperatorfor clearer intent.
- Removed redundant
- Meta-tx
_msgDataERC1363 test path adjusted to avoid bytecode-size deployment failures:- Slimmed
CMTATUpgradeableERC1363MsgDataMock.getMsgData()by removing event emission and using aviewreturn path. - Reworked
test/standard/modules/MetaTxMsgDataERC1363.test.jsto validate trusted-forwarder calldata shape directly instead of relying on event parsing.
- Slimmed
Fixed
- Fixed compile-path inconsistencies caused by stale numbered imports after base-level refactor.
- Restored full compilation after engine/mock alignment:
CMTATEngineInitializerMockno longer calls unavailable document-engine initializer on snapshot path.DocumentEngineMocknow implements IERC1643-compatiblesetDocument(bytes32,string,bytes32).
Documentation
Changed
- Updated base-module hierarchy and file references in
doc/README.mdto reflect:1_CMTATBaseDocument.sol2_CMTATBaseAccessControl.sol3_CMTATBaseAllowlist.sol3_CMTATBaseRuleEngine.sol4_CMTATBaseDebt.sol4_CMTATBaseERC1404.sol5_CMTATBaseERC20CrossChain.sol6_CMTATBaseERC2612.sol6_CMTATBaseERC2771.sol6_CMTATBaseDebtEngine.sol7_CMTATBaseERC2771Snapshot.sol7_CMTATBaseERC7551Enforcement.sol8_CMTATBaseERC1363.sol8_CMTATBaseERC7551.sol
- Updated
doc/README.mdERC-1643 section to use currentbytes32API signatures (getDocument(bytes32),getAllDocuments() returns (bytes32[])) with compatibility note forIERC1643CMTAT.DocumentInfo.name(string). - Updated contracts tree file
.claude/tree/contracts_tree.txt. - Added technical clarification for freeze-event semantics across standards:
doc/technical/erc-7943-uRWA-integration.mdnow explicitly documents that baseFrozen(account, amount)is a normalized frozen-state update event (including unfreeze updates), while direction should be derived from ERC-3643/7551 directional events.doc/technical/erc-3643-implementation.mdnow documents the event-layering model (Frozenbase state update +TokensFrozen/TokensUnfrozendirectional wrappers).
Testing
Added
- Added dedicated stateful RuleEngine rule test coverage in
test/standard/modules/RuleEngineMockStatefulRule.test.js:- verifies holder-balance tracking and holder-list transitions through transfer hook callbacks.
- Added initializer edge-case tests for
DocumentEngineModuleandSnapshotEngineModule:test/common/DocumentModule/DocumentModuleSetDocumentEngineCommon.js: covers zero-engine assignment and re-initialization revert paths.test/common/SnapshotModuleCommon/SnapshotModuleSetSnapshotEngineCommon.js: covers zero-engine assignment and re-initialization revert paths.
- Added standard initializer branch tests in
test/deployment/deployment.test.js:- manual initialization path, initialization with rule engine, and double-initialize revert.
- Added interface and initializer coverage across deployment test suites:
test/common/CMTATIntegrationCommon.js: extended integration paths.test/deployment/erc721mock.test.js: ERC-721 generic initializer and interface paths.- Light/core, standard, permit, ERC-1363, snapshot, and document deployment suites.
- Added edge-case coverage for core transfer and approve paths:
test/common/ERC20BaseModuleCommon.js: zero-value transfers and explicit approve coverage.test/common/AllowlistModuleCommon.js: explicitcanSend/canReceivematrix including zero-value transfers.
- Extended
test/common/AllowlistModuleCommon.js,test/common/DocumentModule/DocumentModuleCommon.js, andtest/common/ERC20EnforcementModuleCommon.jswith additional edge-case tests.
Fixed
- Removed hardcoded
gasLimit: 30_000_000override fromdeployCMTATERC1363Standaloneintest/deploymentUtils.js. The explicit override exceeded the Prague/Fusaka per-transaction gas cap (FUSAKA_TRANSACTION_GAS_LIMIT = 16,777,216) enforced by Hardhat ≥ 2.28, causing aProviderErroron every ERC-1363 standalone test run. Auto-estimated gas is well within the cap for this contract.
Documentation
Changed
- Updated test count references in
README.mdanddoc/README.md: 3,078 → 5,630 automated tests. README.md: added hyperlinks to all ERC standard references in the features table; expanded the Supported Financial Instruments table (added Snapshot, DebtEngine, ERC-1363, and UUPS variants; clarified Allowlist entry); added Contract Sizes section with deployed/initcode sizes for all deployment variants; corrected UUPS standalone note.SECURITY.md: expanded responsible disclosure policy.doc/README.mdanddoc/SUMMARY.md: updated module-level documentation and surya reports to reflect current hierarchy and coverage results.- Updated code coverage reports in
doc/test/coverage/after full test run.
v3.2.0
Note: This version has not been audited.
Issue
- Known issue for this release
Frozen tokens may exceed balance and break active-balance assumptions (medium) - Operator/Spender Identity Lost in RuleEngine Hooks (burn/mint/cross-chain) (low)
Smart contract
Added
- Support of ERC-7943 (#337):
- New functions
setFrozenTokensandcanTransactin the enforcement module. - New error
ERC7943InsufficientUnfrozenBalanceinERC20EnforcementModule. - Emit ERC-7943 enforcement events (
TokensFrozen,TokensUnfrozen). - ERC-7943 ERC-165 interface ID support.
- New functions
- New dedicated deployment variant with DebtEngine support (see Removed section for rationale).
- IRuleEngine: ERC-165 support added (#342) to enable interface compliance checks.
- New interface
IRuleEngineERC1404inheriting from bothIERC1404ExtendandIRuleEngine. - Library contracts
RuleEngineInterfaceIdandERC1404ExtendInterfaceIdto store ERC-165 interface IDs.
- New interface
- New base contract CMTATBaseAccessControl (#350).
Changed
- Transfer now reverts with specific errors when the contract is paused or deactivated (#338) to improve error clarity.
- The
approvefunction now reverts when the contract is paused for all deployment variants except Light (#335). - ValidationModule: Optimized code size by removing useless boolean returns.
- Updating contract address comparisons (Solidity v3.2.0).
- Replaced CMTAT library errors with ERC-7943 specific errors.
- Renamed custom errors for consistency.
Fixed
- Wake Arena audit (M1/M2/M3): Removed redundant
CMTATBaseRuleEngine._checkTransferredcalls inCMTATBaseERC20CrossChain._mintOverride,_burnOverride, and_minterTransferOverride. The rule-engine compliance hook was being executed twice per operation; the single authoritative call in theCMTATBaseCommonparent overrides is now sufficient. #354 - Wake Arena audit (I1): Corrected NatSpec comment in
CMTATBaseERC20CrossChain._authorizeSelfBurnwhich incorrectly referencedBURNER_FROM_ROLEinstead ofBURNER_SELF_ROLE.
NatSpec / Comments
- Wake Arena audit (L1): Added clarifying comment in
ERC20BaseModule.transferFromand updatedIERC20Allowance.Spendevent NatSpec to state that the event is not emitted when the allowance is infinite (type(uint256).max), as no deduction occurs in that case. - Wake Arena audit (L2): Added NatSpec warning on
approveinCMTATBaseAllowlistdocumenting the standard ERC-20 allowance race condition and advising callers to set the allowance to zero before assigning a new non-zero value.
Removed
- DocumentEngine and SnapshotEngine removed from constructors and initialization (#343) to simplify deployment and reduce bytecode size.
- DebtDeployment: DebtEngine support removed and moved to a dedicated deployment variant (#339) to reduce contract size and enable additional modules in DebtEngine-based deployments.
- CMTAT
Errorslibrary removed, errors are now defined in their respective interfaces.
Test / Doc / Script
Added
- Missing ERC-2771 integration tests for MetaTx module.
- Script to compute ERC-165 interface IDs (
npm run erc165:interfaceId).
Changed
- Update Solidity version to 0.8.34 in Hardhat config file.
Acknowledge
We would like to thank @amilazz, @Domson97, as well as CMTA Tech Comite for their valuable feedback and contributions to this release. Their input played an important role in improving the project, and we sincerely appreciate their support.
v3.2.0-rc2
Patch
Fix constant value and name for ERC-165 interface
v3.2.0-rc1
Smart contract
- Improve comment
- ValidationModule: Optimized code size by removing useless boolean returns
- Updating contract address comparisons.
- Add library to store interface id for RuleEngine and ERC-1404Extend
Test & Tools
- Add missing test for ERC-2771 functions
_msgData - Add script to compute ERC-165 interface for IRuleEngine and IERC1404Extend
- Add Claude code files
Acknowledge
We would like to thank @amilazz, @Domson97, as well as CMTA Tech Comite for their valuable feedback and contributions to this release. Their input played an important role in improving the project, and we sincerely appreciate their support.
v3.2.0-rc0
Note: This version has not been audited.
Added
- Support of ERC-7943 (#337).
- New dedicated deployment variant with DebtEngine support (see Removed section for rationale).
- IRuleEngine: ERC-165 support added (#342) to enable interface compliance checks.
- New base contract CMTATBaseAccessControl (#350).
Changed
- Transfer now reverts with specific errors when the contract is paused or deactivated (#338) to improve error clarity.
- The
approvefunction now reverts when the contract is paused for all deployment variants except Light (#335). - Update Solidity version to 0.8.33 in Hardhat config file.
Removed
- DocumentEngine and SnapshotEngine removed from constructors and initialization (#343) to simplify deployment and reduce bytecode size.
- DebtDeployment: DebtEngine support removed and moved to a dedicated deployment variant (#339) to reduce contract size and enable additional modules in DebtEngine-based deployments.
v3.1.0
This version is not audited
Known issue for this release:
M01. Double invocation of rule-engine compliance hook in cross-chain overrides #354
Operator/Spender Identity Lost in RuleEngine Hooks (burn/mint/cross-chain) (low)
Fixed
- Misleading NatSpec Comments
- Incorrect error parameters in _unfreezeTokens
- CMTATUpgradeableUUPS contract may be not initializable
- CMTATBaseAllowlist - Redundant State Checks
- Snpashot update - CEI pattern
Added
- New module
CCIPModulewith two functionsgetCCIPAdminandsetCCIPAdmin- Reason: it allows the CCIP admin to enable the CMTAT token in Chainlink CCIP, without the need of requesting assistance to Chainlink.
- Add explicit support of ERC-5679 for minting and burning
- Reason: this ERC was already supported in v3.0.0 but not through a dedicated interface and ERC-165 identifier.
- Details:
IERC7551BurnandIERC7551Mintwill inherits from respectively the burn and mint part of ERC-5679.
- In
ERC7551Module, the functionsetTermsemits theTermsevent- Reason: meet the specification of the draft ERC ERC-7551.
- Create specific module
ERC20CrossChainfor cross-chain transfers (ERC-7802 and other burn/mint related function), code previously put inCMTATBaseCrossChain.
Changed
-
Rename
BaseModuleintoVersionModule- Reason: This module contains only the CMTAT version. This avoid also the confusion with CMTAT Base modules.
-
Access control: in wrapper modules, all access control is made through internal functions. These functions must be now implemented in CMTAT base module
- Reason: this allows to use a different access control (e.g. ownership or Access Manager) by implementing a new CMTAT Base module without the need of modifying wrapper modules.
-
Cross-Chain
- Move cross-chain functionalities (ERC-7802) from
CMTATBaseCrossChainto a new moduleERC20CrossChain. - The allowance is no longer required to burn tokens to follow Optimism Superchain ERC20 and OpenZeppelin implementation
See ERC20BridgeableUpgradeable.so & SuperchainERC20.sol. See issue 328#issuecomment-3455923837
- Move cross-chain functionalities (ERC-7802) from
Library
- Update Openzeppelin standard and upgradeable version to v5.5.0
Documentation (README)
- Reference the new draft version of ERC-7551
- Reference ERC-5679 as supported ERC by CMTAT
- Add section to explain cross-chain bridge support (Chainlink CCIP and ERC-7802 mainly)
- Add summary tab for CMTAT framework functionalities to help build CMTAT version for other blockchains
- Add audit reports made by Nethermind Audit Agents
Acknowledge
We would like to thank @amilazz, @Domson97, as well as CMTA Tech Comite for their valuable feedback and contributions to this release. Their input played an important role in improving the project, and we sincerely appreciate their support.
v3.0.0
Major release audited by Halborn
Known issues for this release:
- Misleading NatSpec Comments
- Incorrect error parameters in _unfreezeTokens
- CMTATUpgradeableUUPS contract may be not initializable
- CMTATBaseAllowlist - Redundant State Checks
- Snpashot update - CEI pattern
- Operator/Spender Identity Lost in RuleEngine Hooks (burn/mint/cross-chain) (low)
Difference with v.3.0.0 rc version:
- Improved comments and documentation
- See changelogs of the rc versions for details.
Main changes with the last audited release (v2.3.0):
Added
- Add support for several new ERC standard, including:
- Add several functions to optimize contract call: ERC-3643
batchMint, ERC-3643batchBurn, ERC-3643batchTransfer(restricted) - Rename some functions
burninstead offorceBurn
- Add ERC-3643 function
forcedTransfer - Add several new engines: DebtEngine, SnapshotEngine and DocumentEngine
- Add several new deployment version:
- CMTAT Proxy and standalone
- CMTAT for ERC-1363 (proxy and standalone)
- CMTAT for deployment with UUPS proxy
- CMTAT ERC-7551 for better compatibility with ERC-7551
Updated
- Update Solidity (0.8.30) & OpenZeppelin version (v.5.4.0)
- Update several function names to be compatible with ERC-3643
Acknowledge
We would like to thank @amilazz, as well as CMTA Tech Comite for their valuable feedback and contributions to this release. Their input played an important role in improving the project, and we sincerely appreciate their support.
v3.0.0-rc7
- Add missing compliance check (pause, address freeze and RuleEngine) for
batchTransfer- Create a virtual function
_minterTransferOverridein ERC20MintModule. - This function is then overridden in
CMTATBaseCommonto perform the required check
- Create a virtual function
- Add the same check for
batchMint/batchBurnfor CMTAT core (light) version by updatingCMTATBaseCore - Add several tests to check these modification
v3.0.0-rc6
- Perform recommendations from the audit report (Halborn)
- Main change: add a new ERC-1404 code if the contract is deactivated
v3.0.0-rc5
- Add & improve Solidity Natspec comment
-- Few improvement as a result (e.g rename return variables) - Improve & update documentation