Implement a maximum minting cap or require multi-signature approval for bulk mints.

[aniket866]

Addressed Issues:

Closes #35

See issue #35 for more details

Checklist

• My PR addresses a single issue, fixes a single bug or makes a single improvement.
• My code follows the project's code style and conventions.
• If applicable, I have made corresponding changes or additions to the documentation.
• If applicable, I have made corresponding changes or additions to tests.
• My changes generate no new warnings or errors.
• I have joined the Stability Nexus's Discord server and I will share a link to this PR with the project maintainers there.
• I have read the Contribution Guidelines.
• Once I submit my PR, CodeRabbit AI will automatically review it and I will address CodeRabbit's comments.

AI Usage Disclosure

Check one of the checkboxes below:

• This PR does not contain AI-generated code at all.
• This PR contains AI-generated code. I have tested the code locally and I am responsible for it.

I have used the following AI models and tools: TODO

⚠️ AI Notice - Important!

We encourage contributors to use AI tools responsibly when creating Pull Requests. While AI can be a valuable aid, it is essential to ensure that your contributions meet the task requirements, build successfully, include relevant tests, and pass all linters. Submissions that do not meet these standards may be closed without warning to maintain the quality and integrity of the project. Please take the time to understand the changes you are proposing and their impact.

@Zahnentferner

Summary by CodeRabbit

• New Features
  • Introduced configurable maximum supply limit for tokens. Token minting will now be prevented once the configured maximum supply threshold is reached, providing enhanced supply control.

[coderabbitai]

Warning

Rate limit exceeded

@aniket866 has exceeded the limit for the number of commits that can be reviewed per hour. Please wait 18 minutes and 33 seconds before requesting another review.

⌛ How to resolve this issue?

After the wait time has elapsed, a review can be triggered using the @coderabbitai review command as a PR comment. Alternatively, push new commits to this PR.

We recommend that you space out your commits to avoid hitting the rate limit.

🚦 How do rate limits work?

CodeRabbit enforces hourly rate limits for each developer per organization.

Our paid plans have higher rate limits than the trial, open-source and free plans. In all cases, we re-allow further reviews after a brief timeout.

Please see our FAQ for further information.

📥 Commits

Reviewing files that changed from the base of the PR and between e7ae64d and 0f73fa9.

📒 Files selected for processing (1)

• contracts/src/TNT.sol

📝 Walkthrough

Walkthrough

The TNT token contract now enforces a configurable maximum supply cap. An admin-only setMaxSupply function allows configuration of the limit, and the issueToken function validates that minting operations do not exceed this cap, reverting with a new MaxSupplyReached error if breached.

Changes

Cohort / File(s)	Summary
Max Supply Cap Implementation contracts/src/TNT.sol	Added MaxSupplyReached error, public maxSupply state variable, admin-only setMaxSupply() setter function, and enforcement logic in issueToken to prevent minting beyond the configured cap.

Estimated code review effort

🎯 2 (Simple) | ⏱️ ~8 minutes

Poem

🐰 A cap upon the minting spree,
No more infinite tokens free!
The admin sets the limit tight,
While issueToken checks it right—
Security blooms in the moonlight! 🌙✨

🚥 Pre-merge checks | ✅ 4 | ❌ 1

❌ Failed checks (1 warning)

Check name	Status	Explanation	Resolution
Title check	⚠️ Warning	The PR title describes implementing a maximum minting cap OR multi-signature approval, but the actual changes only implement a maximum supply cap via the maxSupply variable and setter, without multi-signature functionality.	Update the title to accurately reflect the implementation: 'Implement maximum minting cap via maxSupply' or clarify if multi-signature approval is still planned.

✅ Passed checks (4 passed)

Check name	Status	Explanation
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.
Linked Issues check	✅ Passed	The PR implements one of two required solutions (maximum minting cap) from issue #35, which satisfies the OR requirement to prevent unlimited minting and mitigate compromised MINTER_ROLE risks.
Out of Scope Changes check	✅ Passed	All changes are directly related to issue #35: adding maxSupply enforcement, a setter, and error handling for token minting limits. No unrelated modifications detected.
Docstring Coverage	✅ Passed	No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing Touches

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Post copyable unit tests in a comment

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[coderabbitai]

Actionable comments posted: 1

🧹 Nitpick comments (1)

contracts/src/TNT.sol (1)

63-67: Confirm intended “max supply” semantics (lifetime minted vs. active supply).
The check uses _nextTokenId, so revokes/burns won’t free capacity. If you want a cap on circulating supply, track active supply instead and compare that in issueToken.

If active-supply cap is the goal, one approach is:

• Add uint256 public totalSupply;
• Increment in issueToken, decrement in revokeToken and burnToken
• Check if (maxSupply > 0 && totalSupply + 1 > maxSupply) revert MaxSupplyReached();

Please confirm which behavior you want.

🤖 Prompt for AI Agents

Verify each finding against the current code and only fix it if needed.

In `@contracts/src/TNT.sol` around lines 63 - 67, The current maxSupply check in
issueToken uses _nextTokenId, so burned/revoked tokens do not free capacity; if
you intend maxSupply to limit circulating (active) tokens instead of
lifetime-minted tokens, introduce a uint256 public totalSupply, increment
totalSupply in issueToken and decrement it in revokeToken and burnToken, and
change the guard in issueToken to check if (maxSupply > 0 && totalSupply + 1 >
maxSupply) revert MaxSupplyReached(); otherwise confirm you want lifetime-minted
semantics and keep the existing _nextTokenId check.

🤖 Prompt for all review comments with AI agents

Verify each finding against the current code and only fix it if needed.

Inline comments:
In `@contracts/src/TNT.sol`:
- Around line 59-61: The setter setMaxSupply currently allows lowering maxSupply
below already minted tokens (tracked by _nextTokenId), which can block minting;
update setMaxSupply to require the new _maxSupply is at least the number of
tokens already minted (use _nextTokenId to compute minted count) and revert
otherwise, and emit a MaxSupplyChanged (or MaxSupplyUpdated) event with old and
new values for auditability; add the event declaration (e.g.,
MaxSupplyChanged(uint256 old, uint256 updated)) and use it in setMaxSupply while
preserving the onlyRole(DEFAULT_ADMIN_ROLE) guard.

---

Nitpick comments:
In `@contracts/src/TNT.sol`:
- Around line 63-67: The current maxSupply check in issueToken uses
_nextTokenId, so burned/revoked tokens do not free capacity; if you intend
maxSupply to limit circulating (active) tokens instead of lifetime-minted
tokens, introduce a uint256 public totalSupply, increment totalSupply in
issueToken and decrement it in revokeToken and burnToken, and change the guard
in issueToken to check if (maxSupply > 0 && totalSupply + 1 > maxSupply) revert
MaxSupplyReached(); otherwise confirm you want lifetime-minted semantics and
keep the existing _nextTokenId check.

---

ℹ️ Review info

Configuration used: defaults

Review profile: CHILL

Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between 05a195f and e7ae64d.

📒 Files selected for processing (1)

• contracts/src/TNT.sol