[UNTRACKED] Add whitepaper (#60)

[STABLE-8240] Add v2 abis (#59)

This PR adds the abis for V2 related contracts.

Excluded contracts include:
 - Example contracts (CCTPHookWrapper)
 - Empty abis (BurnMessageV2, MessageV2)

[UNTRACKED] Fix license (#58)

[UNTRACKED] V2 (#57)

Faster-than-finality cross-chain USDC transfers

[UNTRACKED] Allow users of this repository as a submodule to override…

… the foundry version to use (#55)

## Summary
Allow users of this repository as a submodule to override the foundry
version to use

## Detail
This repository is used as a submodule elsewhere to build evm contracts,
at the same time these other repositories install said contracts using a
locally managed foundry version. when the versions don't align the
builds can sometimes fail causing the need to cascade update the foundry
version everywhere.

Allowing the Dockefile to use a build argument means other downstream
repositories can update the version at their own pace without having to
update this repository first.

## Testing
covered by existing tests

## Documentation

**Story:** [UNTRACKED](https://circlepay.atlassian.net/browse/)

[STABLE-7559]: Migrate from Slither to Mythril for static analysis (#51)

### Summary
Migrate from Slither to Mythril for static analysis

### Detail
- update Makefile command and update CI
- remove Slither relevant configs and add Mythril config
- update Readme

Bump secp256k1 from 4.0.3 to 4.0.4 in /docs (#41)

Bumps [secp256k1](https://github.com/cryptocoinjs/secp256k1-node) from
4.0.3 to 4.0.4.
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/cryptocoinjs/secp256k1-node/commit/756fce19036700a3fc421ba5a9520cd090d2b92a"><code>756fce1</code></a>
4.0.4</li>
<li><a
href="https://github.com/cryptocoinjs/secp256k1-node/commit/8bd6446e000fa59df3cda0ae3e424300747ea5ed"><code>8bd6446</code></a>
elliptic: fix key verification in loadCompressedPublicKey</li>
<li><a
href="https://github.com/cryptocoinjs/secp256k1-node/commit/840834e833f9b077e0f29828140cc8cd91be3ee2"><code>840834e</code></a>
Update elliptic to 6.5.7 (CVE-2024-42461) (<a
href="https://redirect.github.com/cryptocoinjs/secp256k1-node/issues/206">#206</a>)</li>
<li>See full diff in <a
href="https://github.com/cryptocoinjs/secp256k1-node/compare/v4.0.3...v4.0.4">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=secp256k1&package-manager=npm_and_yarn&previous-version=4.0.3&new-version=4.0.4)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
You can disable automated security fix PRs for this repo from the
[Security Alerts
page](https://github.com/circlefin/evm-cctp-contracts/network/alerts).

</details>

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

ci: upgrade action versions to use node20 (#40)

## Summary
Node 16 is EOL, upgrade action versions to use node 20

## Release Notes
* actions/checkout v3 -> v4:
https://github.com/actions/checkout/releases/tag/v4.0.0
* actions/setup-node v3 -> v4:
https://github.com/actions/setup-node/releases/tag/v4.0.0

Update testnet addresses from Goerli to Sepolia (#35)

Updates Goerli references to Sepolia, now that CCTP has migrated.

Manually tested that the example script still works:
- depositForBurn:
https://sepolia.etherscan.io/tx/0x5ed89c2b0938d24f401d5c290a63b66a60cee27f625b054b667d84cd43c7c4b6
- receiveMessage:
https://testnet.snowtrace.io/tx/0x8b2144fa5c4292f7e9c27f2dde8f8b8fb38d693b27a22641ef37ca2ce98554cc?chainId=43113

---------

Co-authored-by: kevin-pv01 <[email protected]>

chore(ci): implement code scanning (#32)

Implement PR code scanning and SBOM on release.