Integrate LayerSwap [LayerSwapFacet v1.0.0, ILayerSwapDepository v1.0.0]

[gvladika]

Which Linear task belongs to this PR?

https://linear.app/lifi-linear/issue/EXSC-172/sc-create-layerswapfacet

Why did I implement it this way?

Adds a new LayerSwapFacet that bridges tokens by depositing into the LayerSwap Depository contract on the source chain. The depository forwards funds to a LayerSwap-whitelisted receiver, and LayerSwap completes the bridge on the destination chain off-chain using the requestId correlated with an order created via the LayerSwap API.

• Uses depositNative / depositERC20 on the depository directly. The depository validates the receiver against its own whitelist, so there is no need for on-chain receiver whitelisting in the facet.
• depositoryReceiver is supplied per call by the LI.FI backend (as part of LayerSwapData) so LayerSwap can rotate receivers without redeploying the facet.
• Supports non-EVM destinations via nonEVMReceiver (e.g. Solana), following the existing pattern used elsewhere in the codebase.
• Adds EIP-712 signature verification from an authorized backend signer to cryptographically bind requestId to the destination receiver and other security-critical BridgeData/LayerSwapData fields. Without this binding, a caller could fund a LayerSwap order created for a different destination. Same pattern as UnitFacet / NEARIntentsFacet; backendSigner is read from config/global.json.
• Adds replay protection via diamond storage tracking consumed requestIds (RequestAlreadyProcessed).
• Ships with full unit tests (including 8 signature/replay cases), docs, deploy script, config/layer-swap.json, deployRequirements.json entry, and a viem-based demo script.

Checklist before requesting a review

• I have performed a self-review of my code
• This pull request is as small as possible and only tackles one problem
• I have added tests that cover the functionality / test the bug
• For new facets: I have checked all points from this list: https://www.notion.so/lifi/New-Facet-Contract-Checklist-157f0ff14ac78095a2b8f999d655622e
• I have updated any required documentation

Checklist for reviewer (DO NOT DEPLOY and contracts BEFORE CHECKING THIS!!!)

• I have checked that any arbitrary calls to external contracts are validated and or restricted
• I have checked that any privileged calls (i.e. storage modifications) are validated and or restricted
• I have ensured that any new contracts have had AT A MINIMUM 1 preliminary audit conducted on by <company/auditor>

[coderabbitai]

Warning

Rate limit exceeded

@gvladika has exceeded the limit for the number of commits that can be reviewed per hour. Please wait 39 minutes and 37 seconds before requesting another review.

You’ve run out of usage credits. Purchase more in the billing tab.

⌛ How to resolve this issue?

After the wait time has elapsed, a review can be triggered using the @coderabbitai review command as a PR comment. Alternatively, push new commits to this PR.

We recommend that you space out your commits to avoid hitting the rate limit.

🚦 How do rate limits work?

CodeRabbit enforces hourly rate limits for each developer per organization.

Our paid plans have higher rate limits than the trial, open-source and free plans. In all cases, we re-allow further reviews after a brief timeout.

Please see our FAQ for further information.

ℹ️ Review info

⚙️ Run configuration

Configuration used: Repository UI

Review profile: CHILL

Plan: Pro

Run ID: cd5745df-e40a-4dde-be1c-f797da3985d9

📥 Commits

Reviewing files that changed from the base of the PR and between 441985b and 4bd3011.

📒 Files selected for processing (3)

• deployments/arbitrum.staging.json
• src/Facets/LayerSwapFacet.sol
• test/solidity/Facets/LayerSwapFacet.t.sol

Walkthrough

This PR adds LayerSwap integration by introducing configuration files, deployment scripts, and deployment address registration. It establishes per-network depository addresses and environment-scoped backend signer selection, enabling automated deployment of LayerSwapFacet across chains via Forge deployment scripts.

Changes

LayerSwap Facet Deployment Configuration

Layer / File(s)	Summary
LayerSwap depository configuration config/layerswap.json	Per-network depository address mappings for LayerSwap protocol integration.
Facet deployment script and requirements script/deploy/facets/DeployLayerSwapFacet.s.sol, script/deploy/resources/deployRequirements.json	DeployScript loads depository and backend signer from config/layerswap.json and config/global.json, selecting environment via fileSuffix; deployRequirements.json registers both constructor arguments with zero-address validation.
Staged deployment address registration deployments/arbitrum.staging.json	Adds LayerSwapFacet facet address entry after deployment.

Estimated code review effort

🎯 2 (Simple) | ⏱️ ~10 minutes

🚥 Pre-merge checks | ✅ 5

✅ Passed checks (5 passed)

Check name	Status	Explanation
Title check	✅ Passed	The title clearly and specifically identifies the main change: integration of LayerSwapFacet v1.0.0 and ILayerSwapDepository v1.0.0, matching the substantial new facet additions throughout the changeset.
Description check	✅ Passed	The description provides comprehensive coverage of the PR objectives, implementation rationale, and security considerations, with all author-provided checklist items marked complete; however, the reviewer checklist items (audit verification, external call validation, privileged call validation) remain unchecked as expected for pre-review phase.
Docstring Coverage	✅ Passed	No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.
Linked Issues check	✅ Passed	Check skipped because no linked issues were found for this pull request.
Out of Scope Changes check	✅ Passed	Check skipped because no linked issues were found for this pull request.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing Touches

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Commit unit tests in branch add-layerswap-integration

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[coderabbitai]

Actionable comments posted: 6

🧹 Nitpick comments (1)

test/solidity/Facets/LayerSwapFacet.t.sol (1)

178-191: Add blank line between vm.expectRevert and the reverted call.

Per coding guidelines, there should be a blank line between vm.expectRevert() and the function call that is expected to revert. This applies to multiple test functions in this file.

♻️ Proposed fix

     function testRevert_WhenUsingZeroDepository() public {
         vm.expectRevert(InvalidConfig.selector);
+
         new LayerSwapFacet(address(0));
     }

     function testRevert_WhenDepositoryReceiverIsZero() public {
         validLayerSwapData.depositoryReceiver = address(0);

         vm.startPrank(USER_SENDER);
         usdc.approve(_facetTestContractAddress, bridgeData.minAmount);

         vm.expectRevert(InvalidCallData.selector);
+
         initiateBridgeTxWithFacet(false);
         vm.stopPrank();
     }

Similar changes needed at lines 270-271, 411-412, 423-424, and 435-436.

🤖 Prompt for AI Agents

Verify each finding against the current code and only fix it if needed.

In `@test/solidity/Facets/LayerSwapFacet.t.sol` around lines 178 - 191, Tests
violate coding style by not having a blank line between vm.expectRevert(...) and
the call that should revert; update each affected test (e.g.,
testRevert_WhenUsingZeroDepository, testRevert_WhenDepositoryReceiverIsZero and
the other tests noted around lines 270, 411, 423, 435) to insert a single blank
line between the vm.expectRevert(...) invocation and the subsequent reverted
call (such as new LayerSwapFacet(...) or initiateBridgeTxWithFacet(...)) so the
expectRevert is visually separated from the action.

🤖 Prompt for all review comments with AI agents

Verify each finding against the current code and only fix it if needed.

Inline comments:
In `@config/layer-swap.json`:
- Around line 1-8: This file uses per-network top-level keys but should use the
single-parameter shape: make "layerSwapDepository" the top-level key with
"mainnet" and "arbitrum" as nested properties (i.e.,
.layerSwapDepository.<network>), update any deploy lookup/keyInConfigFile usage
to read that path, and adjust the relevant deploy script and the contract entry
in deployRequirements.json to match the new structure; locate references by the
config key name "layerSwapDepository" and by deployRequirements.json to ensure
all consumers are updated.

In `@docs/LayerSwapFacet.md`:
- Around line 45-51: The implementation lacks an on-chain commitment binding
requestId to the destination receiver and opaque calldata; restore EIP-712 (or
equivalent) signature verification by requiring a backend-signed authorization
that covers requestId, _bridgeData.receiver, and the hash of _layerSwapData
(including _layerSwapData.nonEVMReceiver) before proceeding; add a verifier
utility (e.g., verifyLayerSwapSignature) that checks the EIP-712 signature
against an authorized signer whitelist and call it at the start of the LayerSwap
entrypoint (the function that processes _layerSwapData / depositoryReceiver) to
revert if verification fails.

In `@script/demoScripts/demoLayerSwap.ts`:
- Around line 59-60: The hardcoded Solana receiver constant (SOLANA_NETWORK and
DEFAULT_SOLANA_RECEIVER) must be removed and replaced with a dynamically derived
Solana address from the signer's keypair when `--to SOLANA_MAINNET` and no
`--receiver` is provided; locate references to DEFAULT_SOLANA_RECEIVER
(including the other occurrences around the blocks referenced) and instead
compute the receiver by deriving the signer's public key/base58 address (from
the signer's Keypair or wallet object used in this script) and use that value
wherever DEFAULT_SOLANA_RECEIVER was used (e.g., in the swap/bridge call and
argument defaulting logic), ensuring CLI parsing falls back to the derived
address rather than a hardcoded constant.
- Around line 138-140: destinationChainId currently defaults every non-Solana
destination to 1, which can mismatch args.to (e.g., BASE_MAINNET); update the
logic around destinationChainId (and the related isSolana check) to derive the
LI.FI chain id from args.to when present (use your existing mapping function or
add a map from args.to network name to LI.FI chain id) and only fall back to
Number(args.chainId) or throw/require an explicit --chainId when args.to cannot
be resolved; ensure references to destinationChainId, isSolana, args.to,
args.chainId and LIFI_CHAIN_ID_SOLANA are used so the code validates input and
never silently assumes chainId 1 for non-Solana destinations.
- Around line 109-118: The createLayerSwapSwap function currently calls
fetch(LAYERSWAP_API, ...) without a timeout; replace that call with
fetchWithTimeout from script/utils/fetchWithTimeout.ts, passing the same options
and a 10000 ms timeout (and propagate the returned AbortSignal if the helper
requires it), so the POST to LAYERSWAP_API is bounded to 10 seconds; also add
the necessary import for fetchWithTimeout at the top of the file and keep the
rest of the JSON body/headers logic unchanged.
- Around line 1-10: Rewrite the script to replace all ethers usage with viem:
remove imports of ethers and ERC20__factory/LayerSwapFacet__factory and instead
create viem ContractClients using the ABI for ILiFi/LayerSwapFacet and the viem
provider/signer pattern (follow demoAcrossV4.ts structure and
DEV_WALLET_ADDRESS/provider helpers from demoScriptHelpers.ts); replace any
ethers utils.decode/format calls with viem-compatible helpers. Replace raw
fetch() calls with fetchWithTimeout() from script/utils/fetchWithTimeout.ts.
Remove the hardcoded DEFAULT_SOLANA_RECEIVER constant and derive the Solana
address at runtime using deriveSolanaAddress() from
script/demoScripts/utils/demoScriptHelpers.ts. Add a top JSDoc block describing
the module purpose and usage. Enforce chain ID handling by requiring a --chainId
argument or explicitly validating the provided chainId against the destination
network instead of defaulting to 1. Ensure all references to
LayerSwapFacet/ILiFi use ABI-based viem contract interactions and update
function names accordingly.

---

Nitpick comments:
In `@test/solidity/Facets/LayerSwapFacet.t.sol`:
- Around line 178-191: Tests violate coding style by not having a blank line
between vm.expectRevert(...) and the call that should revert; update each
affected test (e.g., testRevert_WhenUsingZeroDepository,
testRevert_WhenDepositoryReceiverIsZero and the other tests noted around lines
270, 411, 423, 435) to insert a single blank line between the
vm.expectRevert(...) invocation and the subsequent reverted call (such as new
LayerSwapFacet(...) or initiateBridgeTxWithFacet(...)) so the expectRevert is
visually separated from the action.

🪄 Autofix (Beta)

Fix all unresolved CodeRabbit comments on this PR:

• Push a commit to this branch (recommended)
• Create a new PR with the fixes

---

ℹ️ Review info

⚙️ Run configuration

Configuration used: Repository UI

Review profile: CHILL

Plan: Pro

Run ID: 6136f1b1-084e-42bd-ae90-b1c06f42a54f

📥 Commits

Reviewing files that changed from the base of the PR and between 35d68a3 and 1d7bf99.

📒 Files selected for processing (10)

• config/layer-swap.json
• deployments/arbitrum.diamond.staging.json
• deployments/arbitrum.staging.json
• docs/LayerSwapFacet.md
• script/demoScripts/demoLayerSwap.ts
• script/deploy/facets/DeployLayerSwapFacet.s.sol
• script/deploy/facets/UpdateLayerSwapFacet.s.sol
• src/Facets/LayerSwapFacet.sol
• src/Interfaces/ILayerSwapDepository.sol
• test/solidity/Facets/LayerSwapFacet.t.sol

[lifi-action-bot]

🤖 GitHub Action: Security Alerts Review 🔍

🟢 Dismissed Security Alerts with Comments
The following alerts were dismissed with proper comments:

🟢 View Alert - File: src/Facets/LayerSwapFacet.sol
🔹 Reentrant functions which emit events after making an external call may lead to out-of-order events. For more information, visit: http://detectors.olympixdevsectools.com/article/web3-vulnerability/reentrancy-events
🔹 Dismiss Reason: Won't fix
🔹 Dismiss Comment: Facet's entrypoint functions are not reentrant

✅ No unresolved security alerts! 🎉

[lifi-action-bot]

Test Coverage Report

Line Coverage: 88.20% (3254 / 3689 lines)
Function Coverage: 90.67% ( 496 / 547 functions)
Branch Coverage: 71.49% ( 602 / 842 branches)
Test coverage (88.20%) is above min threshold (83%). Check passed.