`just simulate/sign` prints an invalid tenderly simulation URL

maurelian commented 4 weeks ago

Bug Description

In some user's environments but not others, the just sign and just simulate scripts are outputting tenderly simulation URLs with invalid URL escaping.

Steps to Reproduce

Be me on my machine (or one of the other people who are affected).

cd tasks/eth/015-fallback-permissioned-game
SIMULATE_WITHOUT_LEDGER=1 just \
--dotenv-path $(pwd)/.env \
--justfile ../../../single.just \
simulate

This will print:

  https://dashboard.tenderly.co/oplabs/op-mainnet/simulator/new?network=1&contractAddress=0x9BA6e03D8B90dE867373Db8cF1A58d2F7F006b3A&from=0x42d27eEA1AD6e22Af6284F609847CB3Cd56B9c64&stateOverrides=%5%7"contractAddress":"0x9BA6e03D8B90dE867373Db8cF1A58d2F7F006b3A","storage":%5%7"key":"0x0000000000000000000000000000000000000000000000000000000000000004","value":"0x0000000000000000000000000000000000000000000000000000000000000001"%7%5%7,%7"contractAddress":"0x0000000000000000000000000000000000000000","storage":%5%5%7%5&rawFunctionInput=0x6a761202000000000000000000000000ca11bde05977b3631167028862be2a173976ca110000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000014000000000000000000000000000000000000000000000000000000000000000010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002c0000000000000000000000000000000000000000000000000000000000000014482ad56cb0000000000000000000000000000000000000000000000000000000000000020000000000000000000000000000000000000000000000000000000000000000100000000000000000000000000000000000000000000000000000000000000200000000000000000000000005dc91d01290af474ce21de14c17335a6dee4d2a8000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000600000000000000000000000000000000000000000000000000000000000000044a1155ed9000000000000000000000000beb5fc579115071764c7423a4f12edde41f106ed00000000000000000000000000000000000000000000000000000000000000010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000004100000000000000000000000042d27eea1ad6e22af6284f609847cb3cd56b9c6400000000000000000000000000000000000000000000000000000000000000000100000000000000000000000000000000000000000000000000000000000000

Note that the escape characters used should be %5B and %5D (open/closed square brackets) but the script prints %5 and %5. The same case is with %7B and %7D (curly brackets).

Expected behavior

The scripts should print a properly escaped URL.

maurelian commented 4 weeks ago

Some observations:

I see this issue locally regardless of whether the just command is run in a zsh or bash shell.
The URL is correctly printed in CI: https://app.circleci.com/pipelines/github/ethereum-optimism/superchain-ops/1753/workflows/9c628847-a93d-4bec-8697-c7905570eeb5/jobs/16057/parallel-runs/0/steps/0-102

mds1 commented 3 weeks ago

Using git bisect, I have confirmed https://github.com/foundry-rs/foundry/pull/8543 is the PR that introduced this bug. Before that PR, URLs are properly encoded when logged: https://dashboard.tenderly.co/TENDERLY_USERNAME/TENDERLY_PROJECT/simulator/new?network=10&contractAddress=0xcA11bde05977b3631167028862bE2a173976CA11&from=0x1804c8AB1F12E6bbf3894d4083f33e07309d1f38&stateOverrides=%5B%7B"contractAddress":"0x0a7361e734cf3f0394B0FC4a45C74E7a4Ec70940","storage":%5B%7B"key":"0x0000000000000000000000000000000000000000000000000000000000000004","value":"0x0000000000000000000000000000000000000000000000000000000000000001"%7D%5D%7D,%7B"contractAddress":"0x2501c477D0A35545a387Aa4A3EEe4292A9a8B3F0","storage":%5B%7B"key":"0x0000000000000000000000000000000000000000000000000000000000000004","value":"0x0000000000000000000000000000000000000000000000000000000000000001"%7D,%7B"key":"0x0000000.....

After, you can see the improper URL encoding: https://dashboard.tenderly.co/TENDERLY_USERNAME/TENDERLY_PROJECT/simulator/new?network=10&contractAddress=0xcA11bde05977b3631167028862bE2a173976CA11&from=0x1804c8AB1F12E6bbf3894d4083f33e07309d1f38&stateOverrides=%5%7"contractAddress":"0x0a7361e734cf3f0394B0FC4a45C74E7a4Ec70940","storage":%5%7"key":"0x0000000000000000000000000000000000000000000000000000000000000004","value":"0x0000000000000000000000000000000000000000000000000000000000000001"%7%5%7,%7"contractAddress":"0x2501c477D0A35545a387Aa4A3EEe4292A9a8B3F0","storage":%5%7"key":"0x0000000000000000000000000000000000000000000000000000000000000004","value":"0x0000000000000000000000000000000000000000000000000000000000000001"%7,%7"key":"0x0000000000000000000000000000000000000000000000000000000000000003","value":"0x0000000000000000000000000000000000000000000000000000000000000001"%7,%7"key":"0xe90b7bceb6e7df5418fb78d8ee546e97c83a08bbccc01a0644d599ccd2a7c2e0","value":"0x0000000000.....

For reference, here is where the URL encoding and logging happens: https://github.com/base-org/contracts/blob/1db896f62d5189426efd3dbe28e908fda4a92ebf/script/universal/Simulator.sol#L129-L189

Opened https://github.com/foundry-rs/foundry/issues/8700 to track

ethereum-optimism / superchain-ops

`just simulate/sign` prints an invalid tenderly simulation URL #299