PR: #1 (chore/bootstrap)
Commit: c104b60
File: .gitignore
Problem: .gitignore covers Rust artifacts (/target/, *.rs.bk) but omits standard Foundry output directories:
out/ — compiled contract artifacts (ABI + bytecode JSON)cache/ — Foundry compilation cachebroadcast/ — forge script output containing signed tx JSON (sender, gas params, raw tx hex)
README already references contracts/ with a Foundry suite (forge build && forge test). Without these entries, first forge build / forge script run produces untracked files that a careless git add . will commit.
Impact: broadcast/ leak has operational security implications — records deployment transactions and can aid reconstruction of key usage patterns. out/ and cache/ are bloat/noise.
Fix: Add to .gitignore:
# Foundry
out/
cache/
broadcast/
Or namespaced under contracts/ once the Foundry workspace lands (PR #11 / #36):
contracts/out/
contracts/cache/
contracts/broadcast/
Severity: High — broadcast/ leakage is a security concern.
PR: #1 (chore/bootstrap)
Commit: c104b60
File: .gitignore
Problem: .gitignore covers Rust artifacts (/target/, *.rs.bk) but omits standard Foundry output directories:
out/— compiled contract artifacts (ABI + bytecode JSON)cache/— Foundry compilation cachebroadcast/—forge scriptoutput containing signed tx JSON (sender, gas params, raw tx hex)README already references
contracts/with a Foundry suite (forge build && forge test). Without these entries, firstforge build/forge scriptrun produces untracked files that a carelessgit add .will commit.Impact:
broadcast/leak has operational security implications — records deployment transactions and can aid reconstruction of key usage patterns.out/andcache/are bloat/noise.Fix: Add to .gitignore:
Or namespaced under
contracts/once the Foundry workspace lands (PR #11 / #36):Severity: High — broadcast/ leakage is a security concern.