contracts/hardhat.config.ts (1)

29-35: Verify compile time and bytecode size with viaIR and 10000 runs

The size‐contracts check failed (missing node_modules), and the compile step reported only 1.26 s (likely no real work). Please run the following under contracts/ and share the results to ensure there are no regressions:

• Install dependencies:

  yarn install

• Measure bytecode sizes without recompiling:

  yarn hardhat size-contracts --no-compile

• Clean compile and time it:

  rm -rf cache artifacts
  TIMEFORMAT='compile took %R sec' time yarn hardhat compile

If you observe significant increases in compile times or bytecode sizes (EIP-170 limit concerns), consider lowering optimizer runs (e.g., 200–2000).

contracts/package.json (1)

160-161: Question: is isomorphic-fetch needed on Node 20?

Node 20 has stable global fetch. Adding isomorphic-fetch may be redundant and can introduce polyfill conflicts in some runtimes.

If not strictly needed for browser bundles, consider removing:

   "dependencies": {
     "@chainlink/contracts": "^1.4.0",
     "@kleros/vea-contracts": "^0.7.0",
     "@openzeppelin/contracts": "^5.4.0",
     "@shutter-network/shutter-sdk": "0.0.2",
-    "isomorphic-fetch": "^3.0.0"
   },

If needed in specific scripts, prefer local import over global polyfill.

contracts/CHANGELOG.md (1)

7-15: Mark unreleased changes as “Unreleased” to avoid confusion with published versions.

Labeling 0.13.0 as “Not published yet” while giving it a version can confuse consumers and tools.

Consider:

-## [0.13.0] - 2025-08-07 (Not published yet)
+## [Unreleased]

Move these entries under Unreleased until the tag is published and the package version is bumped.

web/src/public/llms.txt (1)

6-8: Improve sentence structure to avoid repetitive beginnings.

The descriptions are informative, but three consecutive sentences start with "Kleros" which affects readability.

Consider rewording for better flow:

- [Kleros Dispute Cases](https://v2.kleros.builders/#/cases/display/1/desc/all): Provide a platform for viewing and managing decentralized dispute resolution cases.
- [Kleros Decentralized Courts](https://v2.kleros.builders/#/courts): Facilitate decentralized dispute resolution by allowing users to stake tokens, participate as jurors, and view court cases.
- [Kleros Jurors Leaderboard](https://v2.kleros.builders/#/jurors/1/desc/all): Display ranking and statistics of jurors based on coherent voting and rewards in the Kleros decentralized arbitration system.
+ [Kleros Dispute Cases](https://v2.kleros.builders/#/cases/display/1/desc/all): Comprehensive platform for viewing and managing decentralized dispute resolution cases.
+ [Decentralized Courts](https://v2.kleros.builders/#/courts): Enable decentralized dispute resolution by allowing users to stake tokens, participate as jurors, and view court cases.
+ [Jurors Leaderboard](https://v2.kleros.builders/#/jurors/1/desc/all): Rankings and statistics of jurors based on coherent voting and rewards in the decentralized arbitration system.

Configuration used: CodeRabbit UI
Review profile: CHILL
Plan: Pro

Learnt from: kemuru
PR: kleros/kleros-v2#1994
File: web/vite.config.js:26-33
Timestamp: 2025-05-23T17:47:39.947Z
Learning: In Yarn workspace setups, dependencies defined in individual workspace package.json files (like web/package.json) are typically hoisted to the root node_modules directory. This means vite config paths should point to "../node_modules" from workspace directories to access hoisted dependencies, not to local workspace node_modules.

Learnt from: jaybuidl
PR: kleros/kleros-v2#1757
File: prettier-config/package.json:7-7
Timestamp: 2024-11-21T23:16:14.816Z
Learning: As of November 2024, ESLint v9.15.0 has been released and is acceptable to use in the project.

Learnt from: jaybuidl
PR: kleros/kleros-v2#1757
File: web-devtools/package.json:36-40
Timestamp: 2024-11-21T23:20:28.163Z
Learning: TypeScript-ESLint v8.15.0 is compatible with both ESLint v8 and v9.

Learnt from: Harman-singh-waraich
PR: kleros/kleros-v2#1703
File: web/src/hooks/queries/usePopulatedDisputeData.ts:58-61
Timestamp: 2024-10-14T13:58:25.708Z
Learning: In `web/src/hooks/queries/usePopulatedDisputeData.ts`, the query and subsequent logic only execute when `disputeData.dispute?.arbitrableChainId` and `disputeData.dispute?.externalDisputeId` are defined, so `initialContext` properties based on these values are safe to use without additional null checks.

Learnt from: Harman-singh-waraich
PR: kleros/kleros-v2#1744
File: web/src/hooks/useGenesisBlock.ts:9-31
Timestamp: 2024-11-19T05:31:48.701Z
Learning: In `useGenesisBlock.ts`, within the `useEffect` hook, the conditions (`isKlerosUniversity`, `isKlerosNeo`, `isTestnetDeployment`) are mutually exclusive, so multiple imports won't execute simultaneously, and race conditions are not a concern.

Learnt from: Harman-singh-waraich
PR: kleros/kleros-v2#1703
File: kleros-sdk/src/requests/gqlClient.ts:18-18
Timestamp: 2024-10-24T08:16:02.749Z
Learning: In this TypeScript project, when a file (such as `kleros-sdk/src/requests/gqlClient.ts`) exports only a single entity, it's acceptable to use default exports instead of named exports.

Learnt from: Harman-singh-waraich
PR: kleros/kleros-v2#1703
File: kleros-sdk/src/dataMappings/utils/actionTypes.ts:1-1
Timestamp: 2024-10-22T09:38:20.093Z
Learning: In the TypeScript file `kleros-sdk/src/dataMappings/utils/actionTypes.ts`, the `Abi` type is parsed later in the action functions, so importing `Abi` from `viem` in this file is unnecessary.

Learnt from: Harman-singh-waraich
PR: kleros/kleros-v2#1716
File: web-devtools/src/app/(main)/dispute-template/CustomContextInputs.tsx:29-42
Timestamp: 2024-10-28T05:55:12.728Z
Learning: In the `CustomContextInputs` component located at `web-devtools/src/app/(main)/dispute-template/CustomContextInputs.tsx`, the `DisputeRequestParams` array is used to exclude certain variables from the custom input since they are already provided in a preceding component. Therefore, converting it to a type is unnecessary.

Learnt from: Harman-singh-waraich
PR: kleros/kleros-v2#1846
File: prettier-config/index.js:26-26
Timestamp: 2025-01-23T08:14:47.397Z
Learning: The prettier-plugin-solidity plugin is installed in the kleros-v2 repository, even though it's not visible in the sandbox environment's node_modules (which is expected as node_modules is not committed to the repository).

Learnt from: tractorss
PR: kleros/kleros-v2#1982
File: web/src/pages/Resolver/Landing/index.tsx:0-0
Timestamp: 2025-05-15T06:50:45.650Z
Learning: In the Kleros V2 codebase, it's acceptable to use ESLint disable comments for dependency arrays in useEffect hooks when including certain dependencies (like state that is being updated within the effect) would cause infinite loops.

Learnt from: kemuru
PR: kleros/kleros-v2#1994
File: web/vite.config.js:26-33
Timestamp: 2025-05-23T17:47:39.947Z
Learning: The viteStaticCopy plugin configuration in web/vite.config.js correctly copies Shutter SDK files from the installed node_modules location. The path resolve(__dirname, "../node_modules/shutter-network/shutter-sdk/dist/*") works when dependencies are properly installed, despite initial analysis suggesting otherwise due to sandbox environment limitations.

Learnt from: Harman-singh-waraich
PR: kleros/kleros-v2#1703
File: kleros-sdk/src/sdk.ts:1-3
Timestamp: 2024-10-22T10:23:15.789Z
Learning: In `kleros-sdk/src/sdk.ts`, the `PublicClient` type is used and should not be flagged as unused.

web/src/hooks/useVotingContext.tsx (3)

45-47: Guard usage of disputeKitAddress in address-to-name resolution

If disputeKitAddress is temporarily undefined while disputeData loads, ensure useDisputeKitAddresses tolerates undefined. If not, gate the hook param.

Possible defensive tweak:

- const { disputeKitName } = useDisputeKitAddresses({ disputeKitAddress });
+ const { disputeKitName } = useDisputeKitAddresses({ disputeKitAddress: disputeKitAddress as `0x${string}` | undefined });

Or add an internal guard in the hook to early-return when the address is undefined.

---

51-83: Pattern is sound; keep hooks stable and gate via enabled

Calling all four hooks with enabled flags preserves hook order and avoids conditional-hook pitfalls. Refetch cadence is centralized via REFETCH_INTERVAL. LGTM.

If you want to remove repetition, you can extract the common query options:

+  const baseQuery = { refetchInterval: REFETCH_INTERVAL as const };
   const classicVoteResult = useReadDisputeKitClassicIsVoteActive({
-    query: {
-      enabled: isEnabled && disputeKitName === DisputeKits.Classic,
-      refetchInterval: REFETCH_INTERVAL,
-    },
+    query: { ...baseQuery, enabled: isEnabled && disputeKitName === DisputeKits.Classic },
     args: hookArgs,
   });

---

84-105: Memo switch is correct; consider exposing a loading flag for the active kit

The selector is correct and dependencies are complete. Optional: expose voteStatusLoading from the active hook to improve UX around the hasVoted read.

Example:

const activeVoteStatusLoading = useMemo(() => {
  switch (disputeKitName) {
    case DisputeKits.Classic: return classicVoteResult.isLoading;
    case DisputeKits.Shutter: return shutterVoteResult.isLoading;
    case DisputeKits.Gated: return gatedVoteResult.isLoading;
    case DisputeKits.GatedShutter: return gatedShutterVoteResult.isLoading;
    default: return false;
  }
}, [disputeKitName, classicVoteResult.isLoading, shutterVoteResult.isLoading, gatedVoteResult.isLoading, gatedShutterVoteResult.isLoading]);

// Optionally export it in the context value

web/src/pages/Cases/CaseDetails/Voting/Shutter/index.tsx (1)

32-39: Behavioral change: commit and reveal can render together—confirm this is intentional

The fragment now allows both <ShutterCommit /> and <Reveal /> to render if both flags are true. If the domain guarantees commit and vote periods are mutually exclusive (as expected), this is fine and equivalent in practice. If not guaranteed, consider restoring exclusivity or adding a runtime assertion.

Option to restore exclusivity:

-  return (
-    <>
-      {shouldShowCommit && (
-        <ShutterCommit {...{ arbitrable, setIsOpen, voteIDs, refetch, dispute, currentPeriodIndex, isGated }} />
-      )}
-      {shouldShowReveal && <Reveal {...{ setIsOpen, voteIDs, isGated }} />}
-    </>
-  );
+  return shouldShowCommit ? (
+    <ShutterCommit {...{ arbitrable, setIsOpen, voteIDs, refetch, dispute, currentPeriodIndex, isGated }} />
+  ) : shouldShowReveal ? (
+    <Reveal {...{ setIsOpen, voteIDs, isGated }} />
+  ) : null;

Additionally, ensure voteIDs can’t be undefined while the component renders. Consider defaulting to an empty array (outside this hunk):

// Above: current line 27
const voteIDs = useMemo(() => drawData?.draws?.map((d) => d.voteIDNum) ?? [], [drawData]);

Configuration used: CodeRabbit UI
Review profile: CHILL
Plan: Pro

Learnt from: Harman-singh-waraich
PR: kleros/kleros-v2#1703
File: web/src/hooks/queries/usePopulatedDisputeData.ts:58-61
Timestamp: 2024-10-14T13:58:25.708Z
Learning: In `web/src/hooks/queries/usePopulatedDisputeData.ts`, the query and subsequent logic only execute when `disputeData.dispute?.arbitrableChainId` and `disputeData.dispute?.externalDisputeId` are defined, so `initialContext` properties based on these values are safe to use without additional null checks.

Learnt from: Harman-singh-waraich
PR: kleros/kleros-v2#1716
File: web-devtools/src/app/(main)/dispute-template/CustomContextInputs.tsx:29-42
Timestamp: 2024-10-28T05:55:12.728Z
Learning: In the `CustomContextInputs` component located at `web-devtools/src/app/(main)/dispute-template/CustomContextInputs.tsx`, the `DisputeRequestParams` array is used to exclude certain variables from the custom input since they are already provided in a preceding component. Therefore, converting it to a type is unnecessary.

Learnt from: tractorss
PR: kleros/kleros-v2#1982
File: web/src/pages/Resolver/Landing/index.tsx:62-62
Timestamp: 2025-05-15T06:50:40.859Z
Learning: In the Landing component, it's safe to pass `dispute?.dispute?.arbitrated.id as 0x${string}` to `usePopulatedDisputeData` without additional null checks because the hook internally handles undefined parameters through its `isEnabled` flag and won't execute the query unless all required data is available.

Learnt from: Harman-singh-waraich
PR: kleros/kleros-v2#1775
File: web/src/pages/Courts/CourtDetails/StakePanel/StakeWithdrawButton.tsx:0-0
Timestamp: 2024-12-09T12:36:59.441Z
Learning: In the `StakeWithdrawButton` component, the transaction flow logic is tightly linked to component updates, so extracting it into a custom hook does not provide significant benefits.

Learnt from: jaybuidl
PR: kleros/kleros-v2#1582
File: web-devtools/src/app/(main)/ruler/SelectArbitrable.tsx:88-90
Timestamp: 2024-10-09T10:22:41.474Z
Learning: Next.js recommends using the `useEffect` hook to set `isClient` and using `suppressHydrationWarning` as a workaround for handling hydration inconsistencies, especially when dealing with data like `knownArbitrables` that may differ between server-side and client-side rendering. This approach is acceptable in TypeScript/React applications, such as in `web-devtools/src/app/(main)/ruler/SelectArbitrable.tsx`.

Learnt from: tractorss
PR: kleros/kleros-v2#1982
File: web/src/pages/Resolver/Parameters/NotablePersons/PersonFields.tsx:64-0
Timestamp: 2025-05-09T13:39:15.086Z
Learning: In PersonFields.tsx, the useEffect hook for address validation intentionally uses an empty dependency array to run only once on component mount. This is specifically designed for the dispute duplication flow when aliasesArray is already populated with addresses that need initial validation.

Learnt from: nikhilverma360
PR: kleros/kleros-v2#1632
File: web/src/components/DisputeView/DisputeInfo/DisputeInfoList.tsx:37-42
Timestamp: 2024-06-27T10:11:54.861Z
Learning: `useMemo` is used in `DisputeInfoList` to optimize the rendering of `FieldItems` based on changes in `fieldItems`, ensuring that the mapping and truncation operation are only performed when necessary.

Learnt from: Harman-singh-waraich
PR: kleros/kleros-v2#1794
File: web/src/hooks/useStarredCases.tsx:13-18
Timestamp: 2024-12-16T17:17:32.359Z
Learning: In `useStarredCases.tsx`, when handling the `starredCases` Map from local storage, direct mutation is acceptable to prevent the overhead of copying, provided it doesn't adversely affect React's render cycle.

Learnt from: Harman-singh-waraich
PR: kleros/kleros-v2#1744
File: web/src/hooks/useGenesisBlock.ts:9-31
Timestamp: 2024-11-19T05:31:48.701Z
Learning: In `useGenesisBlock.ts`, within the `useEffect` hook, the conditions (`isKlerosUniversity`, `isKlerosNeo`, `isTestnetDeployment`) are mutually exclusive, so multiple imports won't execute simultaneously, and race conditions are not a concern.

Learnt from: kemuru
PR: kleros/kleros-v2#1774
File: web/src/components/CasesDisplay/index.tsx:61-61
Timestamp: 2024-12-06T13:04:50.495Z
Learning: In `web/src/components/CasesDisplay/index.tsx`, the variables `numberDisputes` and `numberClosedDisputes` can sometimes be `NaN`, and should default to `0` using logical OR (`||`) to prevent display issues in the `StatsAndFilters` component.

Learnt from: Harman-singh-waraich
PR: kleros/kleros-v2#1739
File: web/src/pages/Home/TopJurors/JurorCard/Coherency.tsx:22-26
Timestamp: 2024-11-07T10:48:16.774Z
Learning: In the `Coherency` component (`web/src/pages/Home/TopJurors/JurorCard/Coherency.tsx`), `totalResolvedVotes` is always greater than or equal to `totalCoherentVotes`. When both are zero, `0/0` results in `NaN`, which is acceptable in this context.

Learnt from: Harman-singh-waraich
PR: kleros/kleros-v2#1744
File: web/src/hooks/queries/useHomePageBlockQuery.ts:71-71
Timestamp: 2024-11-19T05:29:56.238Z
Learning: In `web/src/hooks/queries/useHomePageBlockQuery.ts`, the non-null assertions on `blockNumber!` and `genesisBlock!` within `queryFn` are safe because `isEnabled` ensures that `queryFn` only runs when either `blockNumber` or `genesisBlock` is defined.

Learnt from: Harman-singh-waraich
PR: kleros/kleros-v2#1729
File: web/src/layout/Header/navbar/Menu/Settings/Notifications/FormContactDetails/index.tsx:69-69
Timestamp: 2024-10-29T10:13:04.524Z
Learning: In `web/src/layout/Header/navbar/Menu/Settings/Notifications/FormContactDetails/index.tsx`, when the button is disabled, the associated logic won't be reached, and certain code paths may exist for TypeScript purposes.

Learnt from: Harman-singh-waraich
PR: kleros/kleros-v2#1729
File: web/src/layout/Header/navbar/Menu/Settings/Notifications/FormContactDetails/index.tsx:125-127
Timestamp: 2024-10-29T10:14:52.512Z
Learning: In `web/src/layout/Header/navbar/Menu/Settings/Notifications/FormContactDetails/index.tsx`, when `isEmailUpdateable` is false, `user?.emailUpdateableAt` is always defined. Therefore, using the non-null assertion `!` with `user?.emailUpdateableAt!` is acceptable because TypeScript may not infer its definiteness.

Learnt from: jaybuidl
PR: kleros/kleros-v2#1582
File: web-devtools/src/app/(main)/ruler/SelectArbitrable.tsx:98-103
Timestamp: 2024-10-09T10:23:39.325Z
Learning: In `SelectArbitrable.tsx` of the web-devtools project (React/TypeScript), direct DOM manipulation using `child.click()` is acceptable when considered reasonably safe.

Learnt from: jaybuidl
PR: kleros/kleros-v2#1582
File: web-devtools/src/app/(main)/dispute-template/page.tsx:324-360
Timestamp: 2024-10-09T10:17:37.935Z
Learning: In this codebase, prefer using the `??` (nullish coalescing operator) over `||` when handling default values for optional properties in React components.

web/src/pages/Cases/CaseDetails/Voting/Shutter/Commit.tsx (1)

88-91: Tiny readability tweak: trim once

Avoid calling trim on the env value more than necessary.

-      if (!import.meta.env.REACT_APP_SHUTTER_API || import.meta.env.REACT_APP_SHUTTER_API.trim() === "") {
+      const shutterApi = import.meta.env.REACT_APP_SHUTTER_API?.trim();
+      if (!shutterApi) {
         console.error("REACT_APP_SHUTTER_API environment variable is not set or is empty");
-        throw new Error("Cannot commit vote: REACT_APP_SHUTTER_API environment variable is required but not set");
+        // see earlier comment re: return vs throw
+        return;
       }

Configuration used: CodeRabbit UI
Review profile: CHILL
Plan: Pro

contracts/scripts/coverage.sh (1)

24-24: Scope VIA_IR to specific commands to avoid environment leakage

Export works, but scoping the variable per-invocation makes the script more robust if additional steps are added.

Minimal change within this context:

-export VIA_IR=false

Then run the commands with scoped env:

VIA_IR=false yarn build
VIA_IR=false yarn hardhat coverage --solcoverjs ./.solcover.js --temp artifacts --show-stack-traces --testfiles "test/**/*.ts"

Configuration used: CodeRabbit UI
Review profile: CHILL
Plan: Pro

contracts/src/gateway/interfaces/IHomeGateway.sol (1)

5-9: Missing import for IArbitratorV2 breaks compilation

This interface references IArbitratorV2 in the CrossChainDisputeIncoming event (Line 21) but does not import it. Indirect imports via IArbitrableV2 do not bring IArbitratorV2 into scope. This will fail to compile.

Apply this diff to add the missing import:

 import "@openzeppelin/contracts/token/ERC20/IERC20.sol";
 import "@kleros/vea-contracts/src/interfaces/gateways/ISenderGateway.sol";
 import "../../arbitration/interfaces/IArbitrableV2.sol";
+import "../../arbitration/interfaces/IArbitratorV2.sol";

Also applies to: 20-21

contracts/src/gateway/interfaces/IHomeGateway.sol (1)

66-66: NatSpec tag typo

Use @return for NatSpec consistency.

-    /// return The fee token.
+    /// @return The fee token.

contracts/src/arbitration/interfaces/IEvidence.sol (1)

8-10: Fix typos in NatSpec for clarity

Minor spelling corrections improve readability in docs.

-    /// @param _externalDisputeID Unique identifier for this dispute outside Kleros. It's the submitter responsability to submit the right external dispute ID.
-    /// @param _party The address of the party submiting the evidence. Note that 0x0 refers to evidence not submitted by any party.
+    /// @param _externalDisputeID Unique identifier for this dispute outside Kleros. It's the submitter's responsibility to submit the right external dispute ID.
+    /// @param _party The address of the party submitting the evidence. Note that 0x0 refers to evidence not submitted by any party.

Configuration used: CodeRabbit UI
Review profile: CHILL
Plan: Pro

contracts/scripts/generateMetrics.sh (3)

7-7: Pin the CLI package for reproducibility.

Unpinned dlx introduces non-deterministic outputs across environments. Pin solidity-code-metrics to a known-good version.

Example:

• Define: SCM_PKG='solidity-code-metrics@'
• Invoke: yarn dlx "$SCM_PKG" …

If you prefer, I can propose a specific version based on what you use in CI.

---

7-23: Future-proof file selection; avoid missing new contracts.

The curated list risks drifting as new dispute kits/components are added. Consider generating the list dynamically and excluding mocks/tests.

Alternative snippet:

# Build a deterministic, filtered list of .sol files
mapfile -t FILES < <(find "$SOURCE_DIR" -type f -name '*.sol' \
  ! -path '*/mocks/*' ! -path '*/test/*' | sort)

TMP_OUT="$(mktemp)"
yarn dlx solidity-code-metrics "${FILES[@]}" >"$TMP_OUT"
mv "$TMP_OUT" "$OUTPUT_FILE"

This keeps metrics current as the codebase evolves (e.g., with multiple dispute kits).

---

1-1: Optional: Add a usage header and a Yarn availability check.

Helps DX and avoids cryptic failures if yarn dlx isn’t available (Yarn Classic).

Example preflight:

command -v yarn >/dev/null || { echo "yarn is required"; exit 127; }

And a brief header comment on output location and how to override OUTPUT_FILE.

Configuration used: CodeRabbit UI
Review profile: CHILL
Plan: Pro

contracts/src/arbitration/arbitrables/DisputeResolver.sol (2)

110-120: Critical: Unknown arbitrator dispute IDs can silently target dispute 0

If _arbitratorDisputeID is not mapped, arbitratorDisputeIDToLocalID[_arbitratorDisputeID] returns 0 and will index disputes[0]. This can wrongly mark and emit a ruling for dispute 0. Guard against unknown IDs using a sentinel offset mapping.

Apply this diff within rule():

-        uint256 localDisputeID = arbitratorDisputeIDToLocalID[_arbitratorDisputeID];
-        DisputeStruct storage dispute = disputes[localDisputeID];
+        uint256 localDisputeIDPlusOne = arbitratorDisputeIDToLocalID[_arbitratorDisputeID];
+        if (localDisputeIDPlusOne == 0) revert UnknownDisputeID();
+        uint256 localDisputeID = localDisputeIDPlusOne - 1;
+        DisputeStruct storage dispute = disputes[localDisputeID];

And in _createDispute():

-        arbitratorDisputeIDToLocalID[arbitratorDisputeID] = localDisputeID;
+        arbitratorDisputeIDToLocalID[arbitratorDisputeID] = localDisputeID + 1;

Add the error to the errors section:

+    error UnknownDisputeID();

Note: This “+1 sentinel” pattern avoids ambiguous zero values and prevents misrouting rules to dispute 0.

---

145-148: Align mapping write with sentinel approach

If you adopt the sentinel mapping to prevent unknown IDs, update the assignment accordingly.

-        arbitratorDisputeIDToLocalID[arbitratorDisputeID] = localDisputeID;
+        arbitratorDisputeIDToLocalID[arbitratorDisputeID] = localDisputeID + 1;

contracts/src/arbitration/devtools/DisputeResolverRuler.sol (1)

39-53: Keep sentinel mapping consistent with base fix

To stay consistent with the base contract’s safe lookup, store localID + 1 here too.

-        arbitratorDisputeID = IKlerosCoreRulerFragment(address(arbitrator)).getNextDisputeID();
-        arbitratorDisputeIDToLocalID[arbitratorDisputeID] = localDisputeID;
+        arbitratorDisputeID = IKlerosCoreRulerFragment(address(arbitrator)).getNextDisputeID();
+        arbitratorDisputeIDToLocalID[arbitratorDisputeID] = localDisputeID + 1;

contracts/src/gateway/HomeGateway.sol (2)

210-222: Guard against unknown dispute IDs in rule()

If _disputeID has no mapping, disputeHash is zero and you’ll send a cross-chain rule with a zero hash and relayer=0x0. Add a guard.

     function rule(uint256 _disputeID, uint256 _ruling) external override {
         if (msg.sender != address(arbitrator)) revert ArbitratorOnly();

-        bytes32 disputeHash = disputeIDtoHash[_disputeID];
+        bytes32 disputeHash = disputeIDtoHash[_disputeID];
+        if (disputeHash == bytes32(0)) revert UnknownDisputeID();
         RelayedData memory relayedData = disputeHashtoRelayedData[disputeHash];

Add the error:

+    error UnknownDisputeID();

---

130-172: Consider nonReentrant guards around relayCreateDispute paths

Both relay functions call into an external arbitrator. A malicious arbitrator could reenter rule() before mappings are populated. Add a minimal nonReentrant guard to both relay functions (and optionally to rule()).

I can draft a minimal custom nonReentrant modifier using a locked flag and a Reentrancy() error, matching the repo’s custom-error style. Want me to open a PR patch?

Also applies to: 168-208

contracts/src/gateway/ForeignGateway.sol (2)

176-183: Replace string reverts with a typed NotSupported error

These overloads still revert with a string. For consistency and cheaper bytecode, introduce and use a custom error.

-    ) external pure override returns (uint256) {
-        revert("Not supported");
+    ) external pure override returns (uint256) {
+        revert NotSupported();
     }
@@
-    ) public pure override returns (uint256 /*cost*/) {
-        revert("Not supported");
+    ) public pure override returns (uint256 /*cost*/) {
+        revert NotSupported();
     }
@@
     error GovernorOnly();
     error HomeGatewayMessageSenderOnly();
     error VeaOutboxOnly();
     error ArbitrationFeesNotEnough();
     error DisputeDoesNotExist();
     error CannotRuleTwice();
     error NotRuledYet();
+    error NotSupported();

Also applies to: 192-197, 271-282

---

219-227: Avoid using transfer; use call and handle failures

transfer can break for relayers that are contracts or under EVM gas cost changes. Use call and revert on failure. Consider a specific error for clarity.

         uint256 amount = dispute.paid;
         dispute.paid = 0;
-        payable(dispute.relayer).transfer(amount);
+        (bool ok, ) = payable(dispute.relayer).call{value: amount}("");
+        if (!ok) revert TransferToRelayerFailed();

And add an error:

     error GovernorOnly();
@@
     error NotRuledYet();
+    error TransferToRelayerFailed();

Also applies to: 271-282

contracts/src/arbitration/KlerosGovernor.sol (1)

260-270: Use the existing SafeSend pattern instead of transfer

Earlier in this contract you already use safeSend with wNative. Mirror that here to avoid transfer brittleness.

-        payable(msg.sender).transfer(submission.deposit);
+        payable(msg.sender).safeSend(submission.deposit, wNative);

contracts/src/arbitration/SortitionModuleBase.sol (2)

209-223: Make delayed-stake iteration calculation safer and simpler

The current actualIterations formula risks overflow on (delayedStakeReadIndex + _iterations) and is harder to reason about. Consider a saturating computation based on the number of available items.

Apply this diff:

-    if (phase != Phase.staking) revert NotStakingPhase();
-    if (delayedStakeWriteIndex < delayedStakeReadIndex) revert NoDelayedStakeToExecute();
-
-    uint256 actualIterations = (delayedStakeReadIndex + _iterations) - 1 > delayedStakeWriteIndex
-        ? (delayedStakeWriteIndex - delayedStakeReadIndex) + 1
-        : _iterations;
-    uint256 newDelayedStakeReadIndex = delayedStakeReadIndex + actualIterations;
+    if (phase != Phase.staking) revert NotStakingPhase();
+    if (delayedStakeWriteIndex < delayedStakeReadIndex) revert NoDelayedStakeToExecute();
+
+    // Items available to process: [delayedStakeReadIndex, delayedStakeWriteIndex], inclusive.
+    uint256 available = delayedStakeWriteIndex + 1 - delayedStakeReadIndex;
+    uint256 actualIterations = _iterations > available ? available : _iterations;
+    if (actualIterations == 0) revert NoDelayedStakeToExecute();
+    uint256 newDelayedStakeReadIndex = delayedStakeReadIndex + actualIterations;

---

443-472: Review Draw Gating Impact on Dispute Kit
The new NotDrawingPhase() revert in SortitionModuleBase.draw() affects one off-core consumer:

• contracts/src/arbitration/dispute-kits/DisputeKitClassicBase.sol
  • Line 241: drawnAddress = sortitionModule.draw(key, _coreDisputeID, _nonce);

Because draw() now reverts whenever phase != drawing, ensure this call is only executed during the drawing phase. If it can run earlier (e.g., in view-only simulations), adjust the logic to:

• Guard the call with a phase check
• Or catch/handle the revert in this dispute kit

contracts/src/arbitration/dispute-kits/DisputeKitClassicBase.sol (1)

271-284: Fix commit counting to prevent duplicate overcount and enforce non-empty commit set

Currently, totalCommitted is incremented by the length of _voteIDs regardless of whether any were already committed or duplicated, which can prematurely signal “all commits cast.” Count only newly committed votes and reject empty arrays.

Apply this diff:

-    (, , KlerosCoreBase.Period period, , ) = core.disputes(_coreDisputeID);
-    if (period != KlerosCoreBase.Period.commit) revert NotCommitPeriod();
-    if (_commit == bytes32(0)) revert EmptyCommit();
-    if (!coreDisputeIDToActive[_coreDisputeID]) revert NotActiveForCoreDisputeID();
+    (, , KlerosCoreBase.Period period, , ) = core.disputes(_coreDisputeID);
+    if (period != KlerosCoreBase.Period.commit) revert NotCommitPeriod();
+    if (_commit == bytes32(0)) revert EmptyCommit();
+    if (_voteIDs.length == 0) revert EmptyVoteIDs();
+    if (!coreDisputeIDToActive[_coreDisputeID]) revert NotActiveForCoreDisputeID();
@@
-    for (uint256 i = 0; i < _voteIDs.length; i++) {
-        if (round.votes[_voteIDs[i]].account != msg.sender) revert JurorHasToOwnTheVote();
-        round.votes[_voteIDs[i]].commit = _commit;
-    }
-    round.totalCommitted += _voteIDs.length;
+    uint256 newCommits = 0;
+    for (uint256 i = 0; i < _voteIDs.length; i++) {
+        uint256 id = _voteIDs[i];
+        if (round.votes[id].account != msg.sender) revert JurorHasToOwnTheVote();
+        if (round.votes[id].commit == bytes32(0)) newCommits++;
+        round.votes[id].commit = _commit;
+    }
+    round.totalCommitted += newCommits;

Note: reusing EmptyVoteIDs for commit is consistent with vote path.

contracts/CHANGELOG.md (1)

131-132: Remove unpublished release link for 0.13.0 to avoid 404

The header states “Not published yet,” but Lines 131–132 add the live link. This will likely 404 until the release is published. Comment it out and add after publishing.

-[0.13.0]: https://github.com/kleros/kleros-v2/releases/tag/@kleros%2Fkleros-v2-contracts@0.13.0
+<!-- [0.13.0]: (add after publishing) -->

contracts/src/arbitration/evidence/EvidenceModule.sol (1)

71-75: Avoid duplicating common errors across contracts

GovernorOnly is being declared in multiple modules in this PR. Consider centralizing common access-control errors (e.g., in a small Errors.sol or a Governable base) to reduce duplication and keep selectors uniform across tests.

Example change within this file:

-    error GovernorOnly();
+    // Prefer importing a shared error:
+    // import {GovernorOnly} from "../errors/AccessErrors.sol";
+    // error declaration removed

And add once (outside this hunk) in a shared file:

// contracts/src/errors/AccessErrors.sol
// SPDX-License-Identifier: MIT
pragma solidity ^0.8.24;

error GovernorOnly();

contracts/src/arbitration/view/KlerosCoreSnapshotProxy.sol (1)

73-77: Consolidate shared errors to reduce duplication

As with other modules, consider importing a shared GovernorOnly error instead of re-declaring it in each contract.

-    error GovernorOnly();
+    // import {GovernorOnly} from "../../errors/AccessErrors.sol";

contracts/src/arbitration/DisputeTemplateRegistry.sol (1)

84-88: DRY up error declarations

Same suggestion as elsewhere: centralize GovernorOnly in a shared errors file or a lightweight base to avoid duplication and make selector imports in tests consistent.

-    error GovernorOnly();
+    // import {GovernorOnly} from "../errors/AccessErrors.sol";

contracts/src/arbitration/PolicyRegistry.sol (1)

89-93: Centralize common error types

Recommend importing a shared GovernorOnly error rather than re-declaring.

-    error GovernorOnly();
+    // import {GovernorOnly} from "../errors/AccessErrors.sol";

contracts/src/arbitration/university/SortitionModuleUniversity.sol (1)

368-375: Consider reusing shared error declarations

GovernorOnly, KlerosCoreOnly, and NotEligibleForWithdrawal are common across modules. Centralizing them (e.g., Errors.sol or a base contract) would reduce duplication and keep ABI selectors consistent.

-    error GovernorOnly();
-    error KlerosCoreOnly();
-    error NotEligibleForWithdrawal();
+    // import {GovernorOnly, KlerosCoreOnly, NotEligibleForWithdrawal} from "../../errors/AccessErrors.sol";

contracts/src/arbitration/arbitrables/DisputeResolver.sol (1)

51-63: Access control migrated to custom errors looks good

The governor checks via custom errors are consistent with the repo-wide pattern. Consider emitting events for governor/arbitrator/template changes for better off-chain observability (optional).

contracts/src/gateway/HomeGateway.sol (3)

130-148: ERC20/native path guards look correct; set relayed metadata

The fee medium and foreignChainID checks are sound. Populate arbitrationCost to avoid stale/unused field.

         RelayedData storage relayedData = disputeHashtoRelayedData[disputeHash];
         if (relayedData.relayer != address(0)) revert DisputeAlreadyRelayed();

         uint256 disputeID = arbitrator.createDispute{value: msg.value}(_params.choices, _params.extraData);
         disputeIDtoHash[disputeID] = disputeHash;
         disputeHashtoID[disputeHash] = disputeID;
         relayedData.relayer = msg.sender;
+        relayedData.arbitrationCost = msg.value;

---

168-189: ERC20 path: set relayed metadata and consider allowance strategy

Populate arbitrationCost. Optional: consider approving exact amount from zero to avoid cumulative allowances, unless arbitrator expects accumulating allowances.

         RelayedData storage relayedData = disputeHashtoRelayedData[disputeHash];
         if (relayedData.relayer != address(0)) revert DisputeAlreadyRelayed();

         if (!feeToken.safeTransferFrom(msg.sender, address(this), _feeAmount)) revert TransferFailed();
         if (!feeToken.increaseAllowance(address(arbitrator), _feeAmount)) revert AllowanceIncreaseFailed();

         uint256 disputeID = arbitrator.createDispute(_params.choices, _params.extraData, feeToken, _feeAmount);
         disputeIDtoHash[disputeID] = disputeHash;
         disputeHashtoID[disputeHash] = disputeID;
         relayedData.relayer = msg.sender;
+        relayedData.arbitrationCost = _feeAmount;

If you opt for exact allowance from zero, change to:

• approve(0) then approve(_feeAmount), or use a safeApprove helper that enforces zero-first, depending on your SafeERC20 semantics.

---

96-124: Optional: emit events on parameter changes

Emitting events for arbitrator/vea/foreignGateway/feeToken changes will help indexers and off-chain services track configuration updates.

contracts/src/arbitration/arbitrables/ArbitrableExample.sol (1)

95-116: Optional: emit change events for governance updates

Emitting events on arbitrator/template/extraData changes helps off-chain consumers.

Also applies to: 117-138

contracts/src/gateway/ForeignGateway.sol (2)

74-79: Fix incorrect constructor docstring

The docstring says “Constructs the PolicyRegistry contract,” which is misleading in this gateway contract context.

Apply:

-    /// @dev Constructs the `PolicyRegistry` contract.
+    /// @dev Initializes the ForeignGateway contract.

---

106-110: Use the onlyByGovernor modifier for consistency

Both functions manually check governor != msg.sender and revert with GovernorOnly(). Reusing onlyByGovernor reduces duplication and keeps access control consistent with other governance functions.

-    function changeGovernor(address _governor) external {
-        if (governor != msg.sender) revert GovernorOnly();
+    function changeGovernor(address _governor) external onlyByGovernor {
         governor = _governor;
     }
@@
-    function changeHomeGateway(address _homeGateway) external {
-        if (governor != msg.sender) revert GovernorOnly();
+    function changeHomeGateway(address _homeGateway) external onlyByGovernor {
         homeGateway = _homeGateway;
     }

Also applies to: 124-126

contracts/src/arbitration/KlerosGovernor.sol (1)

84-86: Clarify the meaning of GovernorOnly in this context

Here “governor” is address(this). Consider renaming the error to improve clarity (e.g., SelfOnly) or documenting this in a NatSpec note on the modifier to avoid confusion.

contracts/src/arbitration/SortitionModuleBase.sol (1)

692-708: Error declarations are clear and cohesive

Good coverage and naming consistency. Consider centralizing common errors in a shared interface/library to avoid duplication across modules.

contracts/src/arbitration/dispute-kits/DisputeKitClassicBase.sol (3)

169-175: Consider surfacing revert data for failed governor calls

Reverting with UnsuccessfulCall() is fine; optionally include the return data for debugging (e.g., error UnsuccessfulCall(bytes returndata)) and bubble it.

Example:

-    (bool success, ) = _destination.call{value: _amount}(_data);
-    if (!success) revert UnsuccessfulCall();
+    (bool success, bytes memory returndata) = _destination.call{value: _amount}(_data);
+    if (!success) revert UnsuccessfulCall(returndata);

And update the error:

-error UnsuccessfulCall();
+error UnsuccessfulCall(bytes returndata);

---

320-335: Micro-optimization: compute voteHash only when hiddenVotes is true

Avoids unnecessary hashing when votes aren’t hidden. Keeps semantics identical.

Apply this diff:

-    (, bool hiddenVotes, , , , , ) = core.courts(courtID);
-    bytes32 voteHash = hashVote(_choice, _salt, _justification);
+    (, bool hiddenVotes, , , , , ) = core.courts(courtID);
+    bytes32 voteHash;
+    if (hiddenVotes) {
+        voteHash = hashVote(_choice, _salt, _justification);
+    }
@@
-        if (round.votes[_voteIDs[i]].account != _juror) revert JurorHasToOwnTheVote();
-        if (hiddenVotes && round.votes[_voteIDs[i]].commit != voteHash)
-            revert HashDoesNotMatchHiddenVoteCommitment();
+        if (round.votes[_voteIDs[i]].account != _juror) revert JurorHasToOwnTheVote();
+        if (hiddenVotes && round.votes[_voteIDs[i]].commit != voteHash)
+            revert HashDoesNotMatchHiddenVoteCommitment();

---

717-735: Error set is comprehensive and consistent

Well-structured errors. Consider extracting common errors (GovernorOnly, KlerosCoreOnly, NotActiveForCoreDisputeID, etc.) into a shared library/interface to reduce duplication across contracts.