Complete test suite and fix all errors and warnings

Errors fixed:
- Rename Modifiers.owner -> OWNER (SCREAMING_SNAKE_CASE for immutables;
  resolves token.OWNER() compile error in MintBurn tests)
- Remove 158 lines of commented-out legacy code from MintBurn.t.sol

Tests fixed/added:
- Rewrite ERC20Invariant.t.sol with a proper Handler contract:
  mint/burn/transfer/approve/transferFrom with ghost-variable actor
  tracking; 4 invariants verified across 128k calls each
- Add test/fuzz/ERC20Fuzz.t.sol: 9 stateless fuzz properties covering
  supply conservation, allowance accounting, cap enforcement, and
  round-trip balance symmetry
- Fix 3 tests that wrongly asserted reverts for Solady-allowed operations
  (transfer to zero address, zero-amount transfer, transferFrom to zero);
  replace with tests documenting actual Solady behaviour
- Add assertTrue() on all non-revert transfer/transferFrom call sites;
  add intentionally-unchecked comments on vm.expectRevert() sites

Compiler warnings resolved:
- Remove unused Errors import from Transfer.t.sol
- Extract _checkOwner() helper in Modifiers.sol (unwrapped-modifier-logic)
- Rename Handler immutables to TOKEN / TOKEN_OWNER (screaming-snake-case)

Infrastructure:
- Add [profile.ci] to foundry.toml (fuzz: 10k runs, invariant: 256x512)
- Update README project structure to match actual src/ and test/ layout

All 50 tests pass. forge fmt --check passes. forge build --sizes clean.

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>

Author: CodesenSys

README.md

@@ -161,15 +161,30 @@ This ensures:
 
 ```
 src/
-├── ERC20.sol                    # Core ERC20 implementation
+├── core/
+│   ├── BaseERC20.sol          # Abstract ERC20 base; adds zero-address/amount guards
+│   ├── Constants.sol          # Token metadata, INITIAL_SUPPLY, MAX_SUPPLY
+│   ├── Errors.sol             # Centralised custom error definitions
+│   └── Modifiers.sol          # Immutable OWNER and onlyOwner modifier
 ├── interfaces/
-│   └── IERC20.sol              # ERC20 interface
-└── extensions/                  # Future extensions (cap, roles, etc.)
+│   └── IERC20.sol             # Full EIP-20 interface + mint/burn extensions
+├── tokens/
+│   └── CodesenSysToken.sol    # Main token: owner-gated mint, open burn, cap enforced
+└── extensions/                # Reserved for future policy layers (roles, pausing, etc.)
 
 test/
-├── ERC20.t.sol                 # Unit tests
-├── ERC20.fuzz.t.sol            # Fuzz tests
-└── ERC20.invariant.t.sol       # Invariant tests
+├── unit/
+│   ├── BaseTest.t.sol         # Shared setUp — deploys token with makeAddr owner
+│   ├── Transfer.t.sol         # transfer() unit and fuzz tests
+│   ├── Allowance.t.sol        # approve() / transferFrom() unit and fuzz tests
+│   └── MintBurn.t.sol         # mint() / burn() unit and fuzz tests
+├── fuzz/
+│   └── ERC20Fuzz.t.sol        # Stateless multi-step fuzz properties
+└── invariant/
+    └── ERC20Invariant.t.sol   # Stateful invariant suite with Handler contract
+
+script/
+└── Deploy.s.sol               # Foundry deployment script
 ```
 
 ---

foundry.toml

@@ -8,9 +8,15 @@ remappings = [
     "@solady-utils/=lib/solady/src/utils/",
 ]
 
+# CI profile — used by .github/workflows/test.yml (FOUNDRY_PROFILE=ci).
+# Increases fuzz and invariant runs for more thorough coverage in CI.
+[profile.ci]
+fuzz = { runs = 10_000 }
+invariant = { runs = 256, depth = 512 }
+
 [rpc_endpoints]
 sepolia = "${SEPOLIA_RPC_URL}"
- 
+
 [etherscan]
 sepolia = { key = "${ETHERSCAN_API_KEY}" }
 

src/core/Constants.sol

@@ -1,14 +1,14 @@
 // SPDX-License-Identifier: MIT
 pragma solidity ^0.8.4;
-library Constants {
 
+library Constants {
     // Token Metadata
-    string  internal constant TOKEN_NAME   = "CodesenSys Token";
-    string  internal constant TOKEN_SYMBOL = "CSS";
-    uint8   internal constant DECIMALS     = 18;
+    string internal constant TOKEN_NAME = "CodesenSys Token";
+    string internal constant TOKEN_SYMBOL = "CSS";
+    uint8 internal constant DECIMALS = 18;
     uint256 private constant _SCALAR = 10 ** uint256(DECIMALS);
     uint256 internal constant INITIAL_SUPPLY = 1_000_000 * _SCALAR;
-    
+
     /// @dev Hard cap of 1,000,000,000 CSS (1 Billion).
     uint256 internal constant MAX_SUPPLY = 1_000_000_000 * _SCALAR;
 }

src/core/Errors.sol

@@ -18,4 +18,4 @@ library Errors {
 
     /// @dev Thrown when a mint would push totalSupply past MAX_SUPPLY.
     error ExceedsCap();
-}
+}

src/core/Modifiers.sol

@@ -9,21 +9,28 @@ import {Errors} from "./Errors.sol";
 ///         onlyOwner modifier. Inheriting contracts pass the owner address
 ///         through the constructor — no storage slot is used (immutable).
 abstract contract Modifiers {
-
     // State
-    address public immutable owner;
+    address public immutable OWNER;
 
     // Constructor
     constructor(address _owner) {
         if (_owner == address(0)) revert Errors.ZeroAddress();
-        owner = _owner;
+        OWNER = _owner;
     }
 
     // Modifiers
+
     /// @dev Reverts with a custom error when the caller is not the OWNER.
-    ///      Custom errors are cheaper than string reverts (less calldata).
+    ///      Logic is extracted to _checkOwner() so the modifier body is a single
+    ///      internal call, reducing inlined bytecode at every call site.
     modifier onlyOwner() {
-        if (msg.sender != owner) revert Errors.NotAuthorized();
+        _checkOwner();
         _;
     }
-}
+
+    // Internal helpers
+
+    function _checkOwner() internal view {
+        if (msg.sender != OWNER) revert Errors.NotAuthorized();
+    }
+}

src/interfaces/IERC20.sol

@@ -9,7 +9,6 @@ pragma solidity ^0.8.4;
 ///         this interface lets external contracts and off-chain
 ///         tooling reference the complete ABI from a single file.
 interface IERC20 {
-
     // =========================================================================
     // Events  (EIP-20 required)
     // =========================================================================

src/tokens/CodesenSysToken.sol

@@ -10,14 +10,11 @@ import {Errors} from "../core/Errors.sol";
 /// @author CodesenSys
 /// @notice ERC-20 token with owner-gated minting, open burning, and a hard 1 billion token supply cap.
 contract CodesenSysToken is BaseERC20, Modifiers {
-
     // Constructor
 
     /// @param _owner        Receives the initial supply and mint rights.
     /// @param initialSupply Tokens minted at deployment (use Constants.INITIAL_SUPPLY).
-    constructor(address _owner, uint256 initialSupply)
-        Modifiers(_owner)
-    {
+    constructor(address _owner, uint256 initialSupply) Modifiers(_owner) {
         _mintInternal(_owner, initialSupply);
     }
 

test/fuzz/ERC20Fuzz.t.sol

@@ -0,0 +1,174 @@
+// SPDX-License-Identifier: MIT
+pragma solidity ^0.8.4;
+
+import {Test} from "forge-std/Test.sol";
+import {CodesenSysToken} from "../../src/tokens/CodesenSysToken.sol";
+import {Constants} from "../../src/core/Constants.sol";
+import {Errors} from "../../src/core/Errors.sol";
+
+/// @notice Stateless fuzz properties for CodesenSysToken.
+///
+/// @dev    Unlike the unit tests (which fix inputs) and the invariant suite
+///         (which maintains state across calls), each test here is stateless:
+///         the fuzzer supplies fresh random inputs on every run and the test
+///         asserts a property that must hold universally.
+///
+///         Properties covered:
+///           - Supply conservation across mint→transfer→burn sequences
+///           - Allowance accounting with arbitrary approve/spend pairs
+///           - Cap enforcement across the full mintable range
+///           - Balance symmetry after round-trip transfers
+contract ERC20FuzzTest is Test {
+    CodesenSysToken public token;
+
+    address public owner = makeAddr("owner");
+    address public alice = makeAddr("alice");
+    address public bob = makeAddr("bob");
+    address public carol = makeAddr("carol");
+
+    uint256 public constant INITIAL_MINT = Constants.INITIAL_SUPPLY;
+
+    function setUp() public {
+        token = new CodesenSysToken(owner, INITIAL_MINT);
+    }
+
+    // =========================================================================
+    // Supply conservation
+    // =========================================================================
+
+    /// @notice Minting then burning the same amount leaves totalSupply unchanged.
+    function testFuzz_Supply_MintThenBurnIsNeutral(uint256 amount) public {
+        uint256 remaining = Constants.MAX_SUPPLY - token.totalSupply();
+        amount = bound(amount, 1, remaining);
+
+        uint256 supplyBefore = token.totalSupply();
+
+        vm.prank(owner);
+        token.mint(alice, amount);
+
+        vm.prank(alice);
+        token.burn(amount);
+
+        assertEq(token.totalSupply(), supplyBefore, "supply changed after mint+burn");
+    }
+
+    /// @notice A chain of transfers never changes totalSupply.
+    function testFuzz_Supply_ChainedTransfersAreNeutral(uint256 amount) public {
+        amount = bound(amount, 1, INITIAL_MINT);
+
+        uint256 supplyBefore = token.totalSupply();
+
+        vm.prank(owner);
+        assertTrue(token.transfer(alice, amount));
+
+        vm.prank(alice);
+        assertTrue(token.transfer(bob, amount));
+
+        vm.prank(bob);
+        assertTrue(token.transfer(carol, amount));
+
+        assertEq(token.totalSupply(), supplyBefore, "supply changed after chained transfers");
+    }
+
+    /// @notice After a full round-trip (owner→alice→owner), both balances are restored.
+    function testFuzz_Transfer_RoundTripRestoresBalances(uint256 amount) public {
+        amount = bound(amount, 1, INITIAL_MINT);
+
+        uint256 ownerBefore = token.balanceOf(owner);
+
+        vm.prank(owner);
+        assertTrue(token.transfer(alice, amount));
+
+        vm.prank(alice);
+        assertTrue(token.transfer(owner, amount));
+
+        assertEq(token.balanceOf(owner), ownerBefore, "owner balance not restored");
+        assertEq(token.balanceOf(alice), 0, "alice balance not zero after round-trip");
+    }
+
+    // =========================================================================
+    // Allowance accounting
+    // =========================================================================
+
+    /// @notice After a partial spend, remaining allowance equals approve - spent.
+    function testFuzz_Allowance_PartialSpendReducesExactly(uint256 approval, uint256 spend) public {
+        approval = bound(approval, 1, INITIAL_MINT);
+        spend = bound(spend, 1, approval);
+
+        vm.prank(owner);
+        assertTrue(token.approve(alice, approval));
+
+        vm.prank(alice);
+        assertTrue(token.transferFrom(owner, bob, spend));
+
+        assertEq(token.allowance(owner, alice), approval - spend, "allowance not reduced correctly");
+    }
+
+    /// @notice The last approve always wins, regardless of prior value.
+    function testFuzz_Allowance_OverwriteAlwaysReflectsLastCall(uint256 first, uint256 second) public {
+        vm.prank(owner);
+        assertTrue(token.approve(alice, first));
+
+        vm.prank(owner);
+        assertTrue(token.approve(alice, second));
+
+        assertEq(token.allowance(owner, alice), second, "allowance not overwritten");
+    }
+
+    /// @notice transferFrom must revert when spend exceeds allowance by any amount.
+    function testFuzz_Allowance_ExceedingAllowanceAlwaysReverts(uint256 approval, uint256 excess) public {
+        approval = bound(approval, 0, INITIAL_MINT - 1);
+        excess = bound(excess, 1, INITIAL_MINT - approval);
+
+        vm.prank(owner);
+        assertTrue(token.approve(alice, approval));
+
+        vm.prank(alice);
+        vm.expectRevert();
+        token.transferFrom(owner, bob, approval + excess); // reverts — return value intentionally unchecked
+    }
+
+    // =========================================================================
+    // Cap enforcement
+    // =========================================================================
+
+    /// @notice Any mint that would push totalSupply past MAX_SUPPLY must revert.
+    function testFuzz_Cap_MintOverCapAlwaysReverts(uint256 overBy) public {
+        overBy = bound(overBy, 1, type(uint128).max);
+
+        uint256 remaining = Constants.MAX_SUPPLY - token.totalSupply();
+
+        vm.prank(owner);
+        vm.expectRevert(Errors.ExceedsCap.selector);
+        token.mint(alice, remaining + overBy); // reverts — return value intentionally unchecked
+    }
+
+    /// @notice Minting exactly up to MAX_SUPPLY must succeed.
+    function testFuzz_Cap_MintExactlyToCapSucceeds(uint256 seed) public {
+        // Deploy a fresh token so we can control the gap to the cap precisely.
+        uint256 initial = bound(seed, 1, Constants.MAX_SUPPLY - 1);
+        CodesenSysToken fresh = new CodesenSysToken(owner, initial);
+
+        uint256 toMint = Constants.MAX_SUPPLY - initial;
+
+        vm.prank(owner);
+        fresh.mint(alice, toMint);
+
+        assertEq(fresh.totalSupply(), Constants.MAX_SUPPLY, "supply did not reach cap");
+    }
+
+    // =========================================================================
+    // Access control
+    // =========================================================================
+
+    /// @notice Any non-owner address must be unable to mint.
+    function testFuzz_Access_NonOwnerMintAlwaysReverts(address caller, uint256 amount) public {
+        vm.assume(caller != owner);
+        vm.assume(caller != address(0));
+        amount = bound(amount, 1, Constants.MAX_SUPPLY - token.totalSupply());
+
+        vm.prank(caller);
+        vm.expectRevert(Errors.NotAuthorized.selector);
+        token.mint(alice, amount); // reverts — return value intentionally unchecked
+    }
+}