Add an AbiDecode library for safe abi decoding (no revert)

[Amxx]

Would be usefull for #6390

PR Checklist

• Tests
• Documentation
• Changeset entry (run npx changeset add)

[ernestognw]

This library seems like a good idea but, how far do we want to go with it? Decoding more complex values still requires the developer to know how to read offsets and validate bounds for the outer structure. The library might end up too large

I have a bunch of calldata decoding cases in OAF that are very extensive and this lib would definitely help

[changeset-bot]

🦋 Changeset detected

Latest commit: 0d667c9

The changes in this PR will be included in the next version bump.

This PR includes changesets to release 1 package

Name	Type
openzeppelin-solidity	Minor

Not sure what this means? Click here to learn what changesets are.

Click here if you're a maintainer who wants to add another changeset to this PR

[coderabbitai]

Walkthrough

This pull request introduces a new AbiDecode library in contracts/utils/AbiDecode.sol with three non-reverting functions for decoding ABI-encoded bytes data: tryDecodeBytes for memory buffers, tryDecodeBytes for Memory.Slice inputs, and tryDecodeBytesCalldata for calldata inputs. Each function performs bounds checks and returns success/failure status alongside the decoded output. The Memory library is extended with an emptySlice() helper function. A comprehensive test suite in test/utils/AbiDecode.t.sol validates the decoding functions across memory and calldata variants.

🚥 Pre-merge checks | ✅ 3

✅ Passed checks (3 passed)

Check name	Status	Explanation
Title check	✅ Passed	The title clearly and concisely describes the main change: adding an AbiDecode library for safe, non-reverting ABI decoding, which directly aligns with the changeset.
Docstring Coverage	✅ Passed	No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.
Description check	✅ Passed	The pull request description relates to the changeset by indicating it adds an AbiDecode library for safe ABI decoding, matching the file changes and objectives.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing Touches

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Post copyable unit tests in a comment

---

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[coderabbitai]

Actionable comments posted: 1

🤖 Prompt for all review comments with AI agents

Verify each finding against the current code and only fix it if needed.

Inline comments:
In `@test/utils/AbiDecode.t.sol`:
- Around line 34-40: The success branch in testDecodeCalldataNoRevert is
asserting empty bytes incorrectly; when tryDecodeBytesCalldata returns success
== true you should verify the decoded output matches the original input buffer.
Update the success branch assertion in testDecodeCalldataNoRevert to compare
output to the original buffer (e.g., assertEq(output, bytes(buffer)) or
equivalently abi.decode(buffer, (bytes))) so that tryDecodeBytesCalldata,
success, and output are validated correctly.

---

ℹ️ Review info

⚙️ Run configuration

Configuration used: Repository UI

Review profile: CHILL

Plan: Pro

Run ID: 6eedfff9-aab4-4037-87b4-7003e47271c4

📥 Commits

Reviewing files that changed from the base of the PR and between 4681c1c and a7441a9.

📒 Files selected for processing (3)

• contracts/utils/AbiDecode.sol
• contracts/utils/Memory.sol
• test/utils/AbiDecode.t.sol

[coderabbitai]

⚠️ Potential issue | 🟡 Minor

Fix the success-branch assertion in testDecodeCalldataNoRevert.

Line 37 currently asserts empty bytes even when success == true, so the success path is not actually verifying decoded content.

✅ Suggested test fix

 function testDecodeCalldataNoRevert(bytes calldata buffer) public pure {
     (bool success, bytes calldata output) = buffer.tryDecodeBytesCalldata();
     if (success) {
-        assertEq(output, new bytes(0));
+        assertEq(output, abi.decode(buffer, (bytes)));
     } else {
         assertEq(output, new bytes(0));
     }
 }

🤖 Prompt for AI Agents

Verify each finding against the current code and only fix it if needed.

In `@test/utils/AbiDecode.t.sol` around lines 34 - 40, The success branch in
testDecodeCalldataNoRevert is asserting empty bytes incorrectly; when
tryDecodeBytesCalldata returns success == true you should verify the decoded
output matches the original input buffer. Update the success branch assertion in
testDecodeCalldataNoRevert to compare output to the original buffer (e.g.,
assertEq(output, bytes(buffer)) or equivalently abi.decode(buffer, (bytes))) so
that tryDecodeBytesCalldata, success, and output are validated correctly.

[Amxx]

This library seems like a good idea but, how far do we want to go with it? Decoding more complex values still requires the developer to know how to read offsets and validate bounds for the outer structure. The library might end up too large

I have a bunch of calldata decoding cases in OAF that are very extensive and this lib would definitely help

I'd keep it simple and small (kiss approach), only adding things that we internally need, or that we know would be reusable. The goal is not to support all types from the start. We'll just add stuff as we see fit.