fix naming, comments, errors

Author: RensR

chains/evm/contracts/ccvs/VersionedVerifierResolver.sol

@@ -2,9 +2,9 @@
 pragma solidity ^0.8.24;
 
 import {ICrossChainVerifierResolver} from "../interfaces/ICrossChainVerifierResolver.sol";
-import {FeeTokenHandler} from "../libraries/FeeTokenHandler.sol";
 import {ITypeAndVersion} from "@chainlink/contracts/src/v0.8/shared/interfaces/ITypeAndVersion.sol";
 
+import {FeeTokenHandler} from "../libraries/FeeTokenHandler.sol";
 import {Ownable2StepMsgSender} from "@chainlink/contracts/src/v0.8/shared/access/Ownable2StepMsgSender.sol";
 
 import {EnumerableSet} from "@openzeppelin/contracts@5.3.0/utils/structs/EnumerableSet.sol";

chains/evm/contracts/ccvs/components/BaseVerifier.sol

@@ -32,7 +32,7 @@ abstract contract BaseVerifier is ICrossChainVerifierV1, ITypeAndVersion {
 
   // solhint-disable-next-line gas-struct-packing
   struct RemoteChainConfig {
-    IRouter router; // ──────────╮ Local router to use for messages to/fom this chain.
+    IRouter router; // ──────────╮ Local router to use for messages to/from this chain.
     uint16 feeUSDCents; //       │ The fee in US dollar cents for messages to this remote chain. [0, $655.35]
     uint32 gasForVerification; //│ The gas to reserve for verification of messages on the remote chain.
     uint16 payloadSizeBytes; //  │ The size of the verification payload on the remote chain.
@@ -265,6 +265,8 @@ abstract contract BaseVerifier is ICrossChainVerifierV1, ITypeAndVersion {
     if (config.router == IRouter(address(0))) {
       revert RemoteChainNotSupported(destChainSelector);
     }
+    // Validate the shape of the requested finality before checking whether it is permitted by the stored config.
+    FinalityCodec._validateRequestedFinality(requestedFinality);
     FinalityCodec._ensureRequestedFinalityAllowed(requestedFinality, config.finalityConfig);
 
     return (config.feeUSDCents, config.gasForVerification, config.payloadSizeBytes);

chains/evm/contracts/executor/Executor.sol

@@ -210,6 +210,8 @@ contract Executor is IExecutor, Ownable2StepMsgSender {
     if (!remoteChainConfig.enabled) {
       revert InvalidDestChain(destChainSelector);
     }
+    // Validate the shape of the requested finality before checking whether it is permitted by the allowed config.
+    FinalityCodec._validateRequestedFinality(requestedFinality);
     FinalityCodec._ensureRequestedFinalityAllowed(requestedFinality, s_dynamicConfig.allowedFinalityConfig);
 
     if (s_dynamicConfig.ccvAllowlistEnabled) {

chains/evm/contracts/libraries/MessageV1Codec.sol

@@ -136,7 +136,7 @@ library MessageV1Codec {
     // Configurable per-message finality value.
     bytes2 finality;
     // A hash of the verifiers and executor addresses. This is used by the offchain systems to validate the list of CCVs
-    // and executor that should be used for this message. This has no meaning on the destination chain ans is not
+    // and executor that should be used for this message. This has no meaning on the destination chain and is not
     // checked against anything.
     bytes32 ccvAndExecutorHash;
     // Variable length fields - must match wire format order.

chains/evm/contracts/offRamp/OffRamp.sol

@@ -499,8 +499,13 @@ contract OffRamp is ITypeAndVersion, Ownable2StepMsgSender {
     address[] memory requiredReceiverCCVs;
     if (isTokenOnlyTransfer) {
       if (tokenTransfer.length > 0) {
-        // For token-only transfers, we skip querying the receiver for CCVs, and don't add the defaults. This enables
-        // pure token transfers to only require the pool CCVs, as the token issuer is the only party that takes any risk.
+        // For token-only transfers with tokens, we skip querying the receiver for CCVs, and don't add the defaults.
+        // This enables pure token transfers to only require the pool CCVs, as the token issuer is the only party that
+        // takes any risk. As a consequence, the receiver's finality policy (getCCVsAndFinalityConfig) is intentionally
+        // NOT checked against message.finality for this path — finality enforcement is delegated entirely to the pool
+        // (which validates finality in _validateReleaseOrMint). If a receiver wants to enforce its own finality policy
+        // for token transfers it must NOT qualify as a token-only transfer (i.e. it must have a non-zero data payload
+        // or a non-zero ccipReceiveGasLimit).
         requiredReceiverCCVs = new address[](0);
         optionalCCVs = new address[](0);
         optionalThreshold = 0;

chains/evm/contracts/pools/USDC/CCTPThroughCCVTokenPool.sol

@@ -1,12 +1,12 @@
 // SPDX-License-Identifier: BUSL-1.1
 pragma solidity ^0.8.24;
 
+import {ICrossChainVerifierResolver} from "../../interfaces/ICrossChainVerifierResolver.sol";
 import {IPoolV1} from "../../interfaces/IPool.sol";
 import {IPoolV2} from "../../interfaces/IPoolV2.sol";
 import {ITypeAndVersion} from "@chainlink/contracts/src/v0.8/shared/interfaces/ITypeAndVersion.sol";
 
 import {CCTPVerifier} from "../../ccvs/CCTPVerifier.sol";
-import {ICrossChainVerifierResolver} from "../../interfaces/ICrossChainVerifierResolver.sol";
 import {Pool} from "../../libraries/Pool.sol";
 import {USDCSourcePoolDataCodec} from "../../libraries/USDCSourcePoolDataCodec.sol";
 import {TokenPool} from "../TokenPool.sol";

chains/evm/contracts/test/Router/Router.recoverTokens.t.sol

@@ -1,13 +1,12 @@
 // SPDX-License-Identifier: BUSL-1.1
 pragma solidity ^0.8.24;
 
-import {IERC20} from "@openzeppelin/contracts@5.3.0/token/ERC20/IERC20.sol";
-
 import {Router} from "../../Router.sol";
-
 import {MaybeRevertMessageReceiver} from "../helpers/receivers/MaybeRevertMessageReceiver.sol";
 import {RouterSetup} from "./RouterSetup.t.sol";
 
+import {IERC20} from "@openzeppelin/contracts@5.3.0/token/ERC20/IERC20.sol";
+
 contract Router_recoverTokens is RouterSetup {
   function test_RecoverTokens() public {
     // Assert we can recover sourceToken

chains/evm/contracts/test/ccvs/components/BaseVerifier/BaseVerifier.getFee.t.sol

@@ -37,7 +37,7 @@ contract BaseVerifier_getFee is BaseVerifierSetup {
     s_baseVerifier.applyRemoteChainConfigUpdates(configs);
 
     Client.EVM2AnyMessage memory message;
-    // Request 10 blocks — meets the minimum of 5 (request more security than required is fine).
+    // Request 10 blocks — meets the minimum of 10 (requesting at least the minimum is allowed).
     (uint256 feeUSDCents,,) =
       s_baseVerifier.getFee(DEST_CHAIN_SELECTOR, message, "", FinalityCodec._encodeBlockDepth(10));
     assertEq(feeUSDCents, DEFAULT_CCV_FEE_USD_CENTS);

chains/evm/contracts/test/pools/TokenPool/TokenPool.getFee.t.sol

@@ -77,7 +77,7 @@ contract TokenPool_getFee is AdvancedPoolHooksSetup {
 
   // Reverts
 
-  function test_getFee_RevertWhen_FastFinalityNotEnabled() public {
+  function test_getFee_RevertWhen_FtfNotAllowedByPool() public {
     bytes2 requestedFinality = bytes2(uint16(1)); // Any non-zero value triggers custom finality path
 
     vm.expectRevert(
@@ -86,7 +86,7 @@ contract TokenPool_getFee is AdvancedPoolHooksSetup {
     s_tokenPool.getFee(address(s_token), DEST_CHAIN_SELECTOR, 1e18, address(0), requestedFinality, "");
   }
 
-  function test_getFee_RevertWhen_InvalidFinalityConfig() public {
+  function test_getFee_RevertWhen_RequestedDepthBelowMinimum() public {
     bytes2 minFinality = bytes2(uint16(10));
 
     // Set fast finality config with minimum of 10 blocks

chains/evm/contracts/test/pools/TokenPool/TokenPool.validateLockOrBurn.t.sol

@@ -155,7 +155,7 @@ contract TokenPool_validateLockOrBurn is AdvancedPoolHooksSetup {
     s_tokenPool.validateLockOrBurn(lockOrBurnIn, bytes2(uint16(type(uint16).max)), "", fee);
   }
 
-  function test_validateLockOrBurn_RevertWhen_InvalidFinalityConfig() public {
+  function test_validateLockOrBurn_RevertWhen_RequestedDepthBelowMinimum() public {
     bytes2 minFinality = bytes2(uint16(5));
     s_tokenPool.setFinalityConfig(minFinality);
     vm.startPrank(s_allowedOnRamp);
@@ -167,7 +167,7 @@ contract TokenPool_validateLockOrBurn is AdvancedPoolHooksSetup {
     s_tokenPool.validateLockOrBurn(_buildLockOrBurnIn(1000e18), requestedFinality, "", 0);
   }
 
-  function test_validateLockOrBurn_RevertWhen_FastFinalityNotEnabled() public {
+  function test_validateLockOrBurn_RevertWhen_FtfNotAllowedByPool() public {
     vm.startPrank(OWNER);
     s_tokenPool.setFinalityConfig(bytes2(0));