Batch functions

FAQ.md

@@ -0,0 +1,81 @@
+# FAQ
+
+## IDE (Truffle, Hardhat, ...)
+
+> Why do you continue using Truffle instead of migrating to HardHat or Foundry?
+
+**Hardhat VS Truffle**
+
+- Our tests are not working with Hardhat so to migrate to hardhat, we will have to update our tests which will require a lot of works.
+- Moreover, we do not see a use case where hardhat will be better than Truffle.
+- Hardhat has a lot of plugins, but for example, for the coverage, we can run the coverage without be fully compatible with Hardhat.
+
+**Truffle VS  Foundry**
+
+-  The plugin "upgrades plugin" by OpenZeppelin is not available with Foundry and it is a very good tool to check the proxy implementation and perform automatic tests. See [https://docs.openzeppelin.com/upgrades-plugins/1.x/](https://docs.openzeppelin.com/upgrades-plugins/1.x/)
+-  The tests for the gasless module (MetaTx) will be difficult to write in Solidity, see [https://github.com/CMTA/CMTAT/blob/master/test/common/MetaTxModuleCommon.js](https://github.com/CMTA/CMTAT/blob/master/test/common/MetaTxModuleCommon.js)
+- OpenZeppelin, the main libraries we use, have their tests mainly written in JavaScript, so it provides good examples for our tests
+- But for performance, we have seen indeed that Foundry is better than Truffle, notably to test the Snapshot Module
+
+>  Do you plan to support Foundry in the near Future? I see a CMTAT-Foundry repo. Is it reliable?
+
+No, it is currently not reliable.
+
+We have not planned to export all the tests in their Solidity version, but some tests are available
+
+The repo CMTAT-Foundry will have the latest CMTAT version
+
+Please, note that we provide only a minimal support for the foundry repository as well as Hardhat.
+
+We use Truffle to maintain the project.
+
+>  Hardhat tests: are they really working in v2.3.0?
+
+No, please use Truffle to run the tests
+
+## Modules
+
+>  Why the Snapshot module is not audited in the version v2.3.0?
+
+It was out of scope because it’s not really used yet and will likely be subject to changes soon.
+
+At deployment, this module is not included by default
+
+> What is the status for ERC1404 compatibility?
+
+We have not planned to be fully compatible since this ERC is not an ERC, it is only an EIP. 
+
+To be fully compatible, we have to inherit of ERC20 inside the interface and it will break our architecture.
+
+See [https://erc1404.org/](https://erc1404.org/)
+
+> What is exactly the purpose of the flag parameter in BaseModule?
+> I see that it’s a variable (uint256) to include some information, but I don’t see any use case in the code.
+
+It is just a variable to include some additional information under the form of bit flags.
+It is not used inside the code because it is destined to provide more information on the tokens to the "outside", for example for the token owners.
+
+
+
+>  Question regarding the ValidationModule optional module. 
+>
+> Why is it optional? The module is required by Pauser and Enforcer mandatory modules
+
+- ValidationModule is optional from the legal perspective, but you can ask [email protected] to have a better/clearer information on that.
+- It is the opposite: PauseModule and EnforcementModule are required to use the ValidationModule (but indeed, you actually need the ValidationModule for the functions to be called)
+- If you remove the ValidationModule and want to use the Pause and Enforcement module, you have to call the functions of modules inside the main contracts. It was initially the case but we have changed this behaviour by fixing the CVF-1
+Here an old version: [https://github.com/CMTA/CMTAT/blob/ed23bfc69cfacc932945da751485c6472705c975/contracts/CMTAT.sol#L205](https://github.com/CMTA/CMTAT/blob/ed23bfc69cfacc932945da751485c6472705c975/contracts/CMTAT.sol#L205)
+The PR: [https://github.com/CMTA/CMTAT/pull/153](https://github.com/CMTA/CMTAT/pull/153)
+We could probably move the ValidationModule inside the mandatory modules and think about a better architecture (but probably not for the next release)
+
+## Documentation
+
+> What is the code coverage?
+
+A code coverage is available here: [https://github.com/CMTA/CMTAT/blob/master/doc/general/test/coverage/index.html](https://github.com/CMTA/CMTAT/blob/master/doc/general/test/coverage/index.html)
+
+Normally, you can run the code coverage with `npx hardhat coverage`
+
+Please clone the repository and open the file inside your navigator
+
+You will find a summary of all automatic tests in the file [test.pdf](https://github.com/CMTA/CMTAT/blob/master/doc/general/test/test.pdf)

README.md

@@ -147,7 +147,7 @@ The second audit covered version [2.2](https://github.com/CMTA/CMTAT/releases/ta
 
 Version 2.3 contains the different fixes and improvements related to this audit.
 
-The report is available in [ABDK_CMTA_CMTATRuleEngine_v_1_0.pdf](doc/audits/ABDK_CMTA_CMTATRuleEngine_v_1_0.pdf). 
+The report is available in [ABDK_CMTA_CMTATRuleEngine_v_1_0.pdf](doc/audits/ABDK_CMTA_CMTATRuleEngine_v_1_0/ABDK_CMTA_CMTATRuleEngine_v_1_0.pdf). 
 
 ### Tools
 

contracts/modules/wrapper/mandatory/BurnModule.sol

@@ -38,6 +38,7 @@ abstract contract BurnModule is ERC20Upgradeable, AuthorizationModule {
      * @dev Destroys `amount` tokens from `account`
      *
      * See {ERC20-_burn}
+     * Emits a {Burn} event
      */
     function forceBurn(
         address account,
@@ -48,5 +49,42 @@ abstract contract BurnModule is ERC20Upgradeable, AuthorizationModule {
         emit Burn(account, amount, reason);
     }
 
+    /**
+     *
+     * @dev batch version of {forceBurn}.
+     *
+     * See {ERC20-_burn} and {OpenZeppelin ERC1155_burnBatch}.
+     *
+     * Emits a {Burn} event by burn action.
+     *
+     * Requirements:
+     * - `tos` and `amounts` must have the same length
+     * - the caller must have the `BURNER_ROLE`.
+     */
+    function forceBurnBatch(
+        address[] calldata accounts,
+        uint256[] calldata amounts,
+        string memory reason
+    ) public onlyRole(BURNER_ROLE) {
+        require(
+            accounts.length > 0,
+            "CMTAT: tos is empty"
+        );
+        // We do not check that amounts is not empty since
+        // this require will throw an error in this case.
+        require(
+            accounts.length == amounts.length,
+            "CMTAT: accounts and amounts length mismatch"
+        );
+
+        for (uint256 i = 0; i < accounts.length; ) {
+            _burn(accounts[i], amounts[i]);
+            emit Burn(accounts[i], amounts[i], reason);
+            unchecked {
+                ++i;
+            }
+        }
+    }
+
     uint256[50] private __gap;
 }

contracts/modules/wrapper/mandatory/ERC20BaseModule.sol

@@ -85,6 +85,42 @@ abstract contract ERC20BaseModule is ERC20Upgradeable {
         return result;
     }
 
+    /**
+     * @notice batch version of transfer
+     * @param tos can not be empty, must have the same length as values
+     * @param values can not be empty
+     * @dev See {OpenZeppelin ERC20-transfer & ERC1155-safeBatchTransferFrom}.
+     *
+     *
+     * Requirements:
+     * - `tos` and `values` must have the same length
+     * - `tos`cannot contain a zero address
+     * - the caller must have a balance cooresponding to the total values
+     */
+    function transferBatch(
+        address[] calldata tos,
+        uint256[] calldata values
+    ) public {
+        require(
+            tos.length > 0,
+            "CMTAT: tos is empty"
+        );
+        // We do not check that values is not empty since
+        // this require will throw an error in this case.
+        require(
+            tos.length == values.length,
+            "CMTAT: tos and values length mismatch"
+        );
+        bool result;
+        for (uint256 i = 0; i < tos.length; ) {
+            result = ERC20Upgradeable.transfer(tos[i], values[i]);
+            require(result, "CMTAT: transfer failed");
+            unchecked {
+                ++i;
+            }
+        }
+    }
+
     /**
      * @dev See {IERC20-approve}.
      *
@@ -106,4 +142,4 @@ abstract contract ERC20BaseModule is ERC20Upgradeable {
     }
 
     uint256[50] private __gap;
-}
+}

contracts/modules/wrapper/mandatory/MintModule.sol

@@ -48,5 +48,41 @@ abstract contract MintModule is ERC20Upgradeable, AuthorizationModule {
         emit Mint(to, amount);
     }
 
+    /**
+     *
+     * @dev batch version of {mint}.
+     *
+     * See {ERC20-_mint} and {OpenZeppelin ERC1155_mintBatch}.
+     *
+     * Emits a {Mint} event.
+     *
+     * Requirements:
+     * - `tos` and `amounts` must have the same length
+     * - the caller must have the `MINTER_ROLE`.
+     */
+    function mintBatch(
+        address[] calldata tos,
+        uint256[] calldata amounts
+    ) public onlyRole(MINTER_ROLE) {
+        require(
+            tos.length > 0,
+            "CMTAT: tos is empty"
+        );
+        // We do not check that amounts is not empty since
+        // this require will throw an error in this case.
+        require(
+            tos.length == amounts.length,
+            "CMTAT: tos and amounts length mismatch"
+        );
+
+        for (uint256 i = 0; i < tos.length; ) {
+            _mint(tos[i], amounts[i]);
+            emit Mint(tos[i], amounts[i]);
+            unchecked {
+                ++i;
+            }
+        }
+    }
+
     uint256[50] private __gap;
 }

doc/modules/presentation/mandatory/burn.md

@@ -26,28 +26,6 @@ This document defines Burn Module for the CMTA Token specification.
 
 
 
-## Sūrya's Description Report
-
-### Files Description Table
-
-
-| File Name                                  | SHA-1 Hash                               |
-| ------------------------------------------ | ---------------------------------------- |
-| ./modules/wrapper/mandatory/BurnModule.sol | 3547e217049388e5b1a48524255301aac8d301de |
-
-
-### Contracts Description Table
-
-
-|    Contract    |            Type             |                 Bases                 |                |                  |
-| :------------: | :-------------------------: | :-----------------------------------: | :------------: | :--------------: |
-|       └        |      **Function Name**      |            **Visibility**             | **Mutability** |  **Modifiers**   |
-|                |                             |                                       |                |                  |
-| **BurnModule** |       Implementation        | ERC20Upgradeable, AuthorizationModule |                |                  |
-|       └        |      __BurnModule_init      |              Internal 🔒               |       🛑        | onlyInitializing |
-|       └        | __BurnModule_init_unchained |              Internal 🔒               |       🛑        | onlyInitializing |
-|       └        |          forceBurn          |               Public ❗️                |       🛑        |     onlyRole     |
-
 
 ### Legend
 
@@ -64,28 +42,44 @@ This section describes the Ethereum API of Burn Module.
 
 #### `forceBurn(address,uint256,string)`
 
-##### Signature:
+##### Definition
 
 ```solidity
 function forceBurn(address account,uint256 amount,string memory reason) 
 public onlyRole(BURNER_ROLE)
 ```
 
-##### Description:
+##### Description
 
 Redeem the given `amount` of tokens from the given `account`.
 Only authorized users are allowed to call this function.
 
+#### `forceBurnBatch(address[],uint256[],string)  `
+
+##### Definition
+
+```solidity
+function forceBurnBatch(address[] calldata accounts,uint256[] calldata amounts,string memory reason) 
+public onlyRole(BURNER_ROLE)
+```
+
+##### Description
+
+For each account in `accounts`, redeem  the corresponding amount of tokens given by `amounts`.
+Only authorized users are allowed to call this function.
+
+The burn `reason`is the same for all `accounts` which tokens are burnt.
+
 ### Events
 
 #### `Burn(address,uint,string)`
 
-##### Signature:
+##### Definition
 
 ```solidity
 event Burn(address indexed owner, uint256 amount, string reason)
 ```
 
-##### Description:
+##### Description
 
 Emitted when the specified `amount` of tokens was burnt from the specified `account`.

doc/modules/presentation/mandatory/enforcement.md

@@ -14,7 +14,7 @@ This document defines Enforcement Module for the CMTA Token specification.
 
 #### EnforcementModule
 
-![surya_inheritance_EnforcementModule.sol](/home/ryan/Downloads/CM/cmtat-2.3/CMTAT-doc/doc/modules/schema/surya_inheritance/surya_inheritance_EnforcementModule.sol.png)
+![surya_inheritance_EnforcementModule.sol](../../schema/surya_inheritance/surya_inheritance_EnforcementModule.sol.png)
 
 #### EnforcementModuleInternal
 

doc/modules/presentation/mandatory/mint.md

@@ -33,7 +33,7 @@ This document defines Mint Module for the CMTA Token specification.
 
 | File Name                                  | SHA-1 Hash                               |
 | ------------------------------------------ | ---------------------------------------- |
-| ./modules/wrapper/mandatory/MintModule.sol | c0300d093480b66e7a9c5acd1a1c46c34f6221bb |
+| ./modules/wrapper/mandatory/MintModule.sol | 59896c200ba366d171fc377d8b78d757aefbc69d |
 
 
 ### Contracts Description Table
@@ -47,6 +47,7 @@ This document defines Mint Module for the CMTA Token specification.
 |       └        |      __MintModule_init      |              Internal 🔒               |       🛑        | onlyInitializing |
 |       └        | __MintModule_init_unchained |              Internal 🔒               |       🛑        | onlyInitializing |
 |       └        |            mint             |               Public ❗️                |       🛑        |     onlyRole     |
+|       └        |          mintBatch          |               Public ❗️                |       🛑        |     onlyRole     |
 
 
 ### Legend
@@ -56,6 +57,8 @@ This document defines Mint Module for the CMTA Token specification.
 |   🛑    | Function can modify state |
 |   💵    | Function is payable       |
 
+
+
 ## API for Ethereum
 
 This section describes the Ethereum API of Issue Module.
@@ -64,23 +67,37 @@ This section describes the Ethereum API of Issue Module.
 
 #### `mint(address,uint256)`
 
-##### Definition:
+##### Definition
 
 ```solidity
 function mint(address to, uint256 amount) 
 public onlyRole(MINTER_ROLE)
 ```
 
-##### Description:
+##### Description
 
 Create the given `amount` of tokens and allocate them to the given  address`to`.
 Only authorized users are allowed to call this function.
 
+#### `mintBatch(address[],uint256[]) `
+
+##### Definition
+
+```solidity
+function mintBatch(address[] calldata to,uint256[] calldata amounts) 
+public onlyRole(MINTER_ROLE)
+```
+
+##### Description
+
+For each address in `to`, create the corresponding amount of tokens given by `amounts` and allocate them to the given address`to`.
+Only authorized users are allowed to call this function.
+
 ### Events
 
 #### `Mint(address,uint256)`
 
-##### Definition:
+##### Definition
 
 
 ```solidity