Add Vaultcraft App

[Andreadinenno]

Entry type

New addition

App info

URL: https://app.vaultcraft.io/

Manifest.json URL: https://app.vaultcraft.io/manifest.json

Name: Vaultcraft

Description:
Easily deploy ERC4626 and ERC7540 vaults that can be managed via Gnosis Safe

Icon (PNG, 180x180): https://app.vaultcraft.io/images/tokens/vcx.svg
It's minified via https://tinypng.com: no

Homepage:
Twitter: https://app.vaultcraft.io/manifest.json
GitHub: https://github.com/Popcorn-Limited
Discord: https://discord.com/invite/kgCun7SbkR

App supports batching multiple transactions via Safe: yes

Supported networks

• Mainnet
• Base
• Abitrum
• Optimism
• Fraxtal
• Avalanche
• Polygon
• XLayer
• BNB

Revision checks

• Used smart contracts were audited.
• You have implemented the app using the Safe Apps SDK
• Your Safe App includes a manifest.json file at the root with the required data
• The app can be loaded as a custom Safe App in the Apps section of https://app.safe.global.
• The app auto-connects to the Safe as a wallet
• It doesn't try to connect to the browser wallet (e.g. MetaMask)
• You are able to trigger and execute one transaction with a Safe.
• RPC requests are optimized (not triggering many requests in a very short time period).

Audit document

https://github.com/Popcorn-Limited/audit-04-24
https://github.com/Popcorn-Limited/audit2

Code for review

https://github.com/Popcorn-Limited/

Team information

Company: Popcorn Limited

Official website: https://vaultcraft.io/

Point of contact:

Telegram: t.me/vaultcraft

[kirkkonen]

This app was reviewed and approved by the product team.

[Andreadinenno]

What are the next steps here?

[parius]

Tech team needs to review the code and audit results and QA to test it

[iamacook]

@Andreadinenno, thank you for the submission.

We’ve reviewed the code and have a few points for clarification and adjustment:

1. Could you confirm the test and review process for the project? We noticed that contributors are responsible for their own PRs and are merging without review. Additionally, we observed that there are currently no tests in the project.
2. Could you update the manifest.json to use "Safe" instead of "Gnosis".

Additionally, to support the submission, could you:

1. Provide an example flow to test batch support?
2. Confirm your Twitter/audit links, as they were not provided. We found the following via Google:
   • Twitter
   • Audits

We look forward to your response.

[RedVeil]

@iamacook Thank you for your feedback!
To your clarifications and adjusments:

1. We review our PRs but minor fixes are often reviewed in person and pushed to main to react quickly to user feedback.
2. Updated it.

For the additional questions:

1. Do you mean a sample to show multicall-write support or what do you refer to with batch support?
2. Those are the correct links :) Sorry for not including them before.

[iamacook]

@RedVeil, thank you for the clarifications.

Do you mean a sample to show multicall-write support or what do you refer to with batch support?

What's the easiest way to trigger a multicall? The flows I looked at were stepped, ergo not batchable.

I am otherwise satisfied and happy to pass this onto QA. cc @francovenica

[RedVeil]

@iamacook Ah damn you are right. With the solver transactions in between for zaps it will be hard for us to make it properly batchable. I guess we marked that wrong in the PR. Apologies for that.

[RedVeil]

@iamacook What's the status on this? Do you need smth else from us?

[francovenica]

@RedVeil The QA team will check if there are compatibility issues between your app and the Safe app. Feedback will be reported here
Once all that feedback is fixed (or if there is no feedback at all) the app will be approved

[francovenica]

I've been visiting the app (never did a tx so far) and I got to the point that I get this error in the console.
Because of this the different sections I try to visit now load forever.
I didn't had this issue with other apps we have in the Safe

"message": "Monthly capacity limit exceeded. Visit https://dashboard.alchemyapi.io/settings/billing to upgrade your scaling policy for continued service."

[PooyaRaki]

@RedVeil We are awaiting your response to proceed with the process.

[RedVeil]

@RedVeil We are awaiting your response to proceed with the process.

We had that issue momentarily since a huge increase in traffic came from an OKX campaign. We upgraded Alchemy and its working ever since smoothly. Just answering now since i was out for a few days.

[PooyaRaki]

We had that issue momentarily since a huge increase in traffic came from an OKX campaign. We upgraded Alchemy and it's working ever since smoothly. Just answering now since i was out for a few days.

cc @francovenica

[francovenica]

We reviewed the app and we have several issues.
1 - The main issue is that a lot of features here open the app in a new tab, making them not longer connected with the safe. This is not only in the app but to other applications, like OpenSea for that NFT in the homepage and OpenOcean for the Staking feature

2 - You have a lot of options to change networks. Most safes currently are only deployed in one network, and even if they are deployed in other networks, a safe cannot simply "switch networks". So all those buttons are not allowed here

3 - Bridging is the same problem, since usually you bridge to the same safe in a different network that, again, probably has not been deployed beyond the current network it is deployed. Also one of those bridges opens an app called Portal even after opening in the current safe doesn't auto connect to it

Given all this issues I don't think we can finally accept this app into our safe. If at some point you want to address this issues at least for the safe environment you can submit the app again for review

Some gifs and snapshots showcasing what I mentioned above: