feat/store: prune account code (#1772)

Author: drahnr

crates/store/src/db/migrations/2025062000000_setup/up.sql

@@ -44,6 +44,8 @@ CREATE INDEX idx_accounts_created_at_block ON accounts(created_at_block);
 CREATE INDEX idx_accounts_block_num ON accounts(block_num);
 -- Index for joining with account_codes
 CREATE INDEX idx_accounts_code_commitment ON accounts(code_commitment) WHERE code_commitment IS NOT NULL;
+-- Covering index for the prune_account_codes subquery: filters rows by block_num/is_latest and projects code_commitment
+CREATE INDEX idx_accounts_prune_code ON accounts(block_num, is_latest, code_commitment) WHERE code_commitment IS NOT NULL;
 
 CREATE TABLE notes (
     committed_at                  INTEGER NOT NULL, -- Block number when the note was committed

crates/store/src/db/models/queries/accounts.rs

@@ -1457,18 +1457,19 @@ pub(crate) struct AccountStorageMapRowInsert {
 // CLEANUP FUNCTIONS
 // ================================================================================================
 
-/// Number of historical blocks to retain for vault assets and storage map values.
+/// Number of historical blocks to retain for vault assets, storage map values, and account codes.
 /// Entries older than `chain_tip - HISTORICAL_BLOCK_RETENTION` will be deleted,
 /// except for entries marked with `is_latest=true` which are always retained.
 pub const HISTORICAL_BLOCK_RETENTION: u32 = 50;
 
 /// Clean up old entries for all accounts, deleting entries older than the retention window.
 ///
-/// Deletes rows where `block_num < chain_tip - HISTORICAL_BLOCK_RETENTION` and `is_latest = false`.
-/// This is a simple and efficient approach that doesn't require window functions.
+/// Deletes rows where `block_num < chain_tip - HISTORICAL_BLOCK_RETENTION` and `is_latest = false`
+/// for vault assets and storage map values. Also deletes account codes that are no longer
+/// referenced by any account row within the retention window.
 ///
 /// # Returns
-/// A tuple of `(vault_assets_deleted, storage_map_values_deleted)`
+/// A tuple of `(vault_assets_deleted, storage_map_values_deleted, account_codes_deleted)`
 #[tracing::instrument(
     target = COMPONENT,
     skip_all,
@@ -1478,13 +1479,14 @@ pub const HISTORICAL_BLOCK_RETENTION: u32 = 50;
 pub(crate) fn prune_history(
     conn: &mut SqliteConnection,
     chain_tip: BlockNumber,
-) -> Result<(usize, usize), DatabaseError> {
+) -> Result<(usize, usize, usize), DatabaseError> {
     let cutoff_block = i64::from(chain_tip.as_u32().saturating_sub(HISTORICAL_BLOCK_RETENTION));
     tracing::Span::current().record("cutoff_block", cutoff_block);
     let vault_deleted = prune_account_vault_assets(conn, cutoff_block)?;
     let storage_deleted = prune_account_storage_map_values(conn, cutoff_block)?;
+    let codes_deleted = prune_account_codes(conn, cutoff_block)?;
 
-    Ok((vault_deleted, storage_deleted))
+    Ok((vault_deleted, storage_deleted, codes_deleted))
 }
 
 #[tracing::instrument(
@@ -1528,3 +1530,47 @@ fn prune_account_storage_map_values(
     .execute(conn)
     .map_err(DatabaseError::Diesel)
 }
+
+/// Deletes account codes that are no longer referenced by any account row within the retention
+/// window.
+///
+/// An account code is safe to delete when no `accounts` row with `block_num >= cutoff_block`
+/// references its `code_commitment`. This covers both active accounts (`is_latest=true`) and
+/// recent historical rows that still fall within the retention window.
+///
+/// # Raw SQL
+///
+/// ```sql
+/// DELETE FROM account_codes
+/// WHERE code_commitment NOT IN (
+///     SELECT DISTINCT code_commitment
+///     FROM accounts
+///     WHERE code_commitment IS NOT NULL
+///       AND (block_num >= ?1 OR is_latest = 1)
+/// )
+/// ```
+#[tracing::instrument(
+    target = COMPONENT,
+    skip_all,
+    err,
+    fields(cutoff_block),
+)]
+fn prune_account_codes(
+    conn: &mut SqliteConnection,
+    cutoff_block: i64,
+) -> Result<usize, DatabaseError> {
+    use diesel::sql_types::BigInt;
+
+    diesel::sql_query(
+        "DELETE FROM account_codes \
+         WHERE code_commitment NOT IN ( \
+             SELECT DISTINCT code_commitment \
+             FROM accounts \
+             WHERE code_commitment IS NOT NULL \
+               AND (block_num >= ?1 OR is_latest = 1 ) \
+         )",
+    )
+    .bind::<BigInt, _>(cutoff_block)
+    .execute(conn)
+    .map_err(DatabaseError::Diesel)
+}

crates/store/src/db/models/queries/accounts/tests.rs

@@ -1117,3 +1117,217 @@ fn test_select_account_vault_at_block_with_deletion() {
     assert_eq!(assets_at_block_3.len(), 1, "Should have 1 asset at block 3");
     assert_matches!(&assets_at_block_3[0], Asset::Fungible(f) if f.amount() == 2000);
 }
+
+// ACCOUNT CODE PRUNING TESTS
+// ================================================================================================
+
+/// Counts the number of rows in `account_codes`.
+fn count_account_codes(conn: &mut SqliteConnection) -> usize {
+    use schema::account_codes;
+
+    let val =
+        SelectDsl::select(account_codes::table, diesel::dsl::count(account_codes::code_commitment))
+            .get_result::<i64>(conn)
+            .expect("Failed to count account_codes");
+    usize::try_from(u64::try_from(val).unwrap()).unwrap()
+}
+
+/// Returns whether a specific code commitment exists in `account_codes`.
+fn account_code_exists(conn: &mut SqliteConnection, code_commitment: Word) -> bool {
+    use schema::account_codes;
+
+    let n =
+        SelectDsl::select(account_codes::table, diesel::dsl::count(account_codes::code_commitment))
+            .filter(account_codes::code_commitment.eq(code_commitment.to_bytes()))
+            .get_result::<i64>(conn)
+            .expect("Failed to query account_codes");
+
+    n == 1
+}
+
+/// Creates a full-state [`BlockAccountUpdate`] for the given account.
+fn make_full_state_update(account: &Account) -> BlockAccountUpdate {
+    let delta = AccountDelta::try_from(account.clone()).unwrap();
+    assert!(delta.is_full_state(), "expected full-state delta");
+    BlockAccountUpdate::new(
+        account.id(),
+        account.to_commitment(),
+        AccountUpdateDetails::Delta(delta),
+    )
+}
+
+/// Builds a public account using a fixed account ID seed but a different component code.
+///
+/// All accounts produced here share the same [`AccountId`] because the same seed is used.
+/// The `push_value` must be different for each variant to produce a distinct MAST root and thus a
+/// distinct [`AccountCode::commitment`].
+fn build_account_with_code(push_value: u32) -> Account {
+    let code_src = format!("pub proc variant push.{push_value} end");
+    let component_code = CodeBuilder::default()
+        .compile_component_code("test::code_prune", &code_src)
+        .unwrap();
+    let component = AccountComponent::new(
+        component_code,
+        vec![StorageSlot::with_value(
+            StorageSlotName::mock(0),
+            Word::from([Felt::new(1), Felt::ZERO, Felt::ZERO, Felt::ZERO]),
+        )],
+        AccountComponentMetadata::new("code_prune_test")
+            .with_supported_type(AccountType::RegularAccountUpdatableCode),
+    )
+    .unwrap();
+
+    // Seed [2u8; 32] keeps the account ID distinct from the other test helpers.
+    AccountBuilder::new([2u8; 32])
+        .account_type(AccountType::RegularAccountUpdatableCode)
+        .storage_mode(AccountStorageMode::Public)
+        .with_component(component)
+        .with_auth_component(AuthSingleSig::new(
+            PublicKeyCommitment::from(EMPTY_WORD),
+            AuthScheme::Falcon512Rpo,
+        ))
+        .build_existing()
+        .unwrap()
+}
+
+/// Prune test 2: when an account's code changes, the old code must be pruned after the retention
+/// window, while the new (latest) code is retained.
+#[test]
+fn test_prune_account_code_retains_latest_after_code_change() {
+    let mut conn = setup_test_db();
+
+    // Block 0: account created with code A.
+    // Block RETENTION+1 (=51): account updated to code B — within the retention window at prune
+    //   time.
+    // Block 2*RETENTION+1 (=101): prune → cutoff is block 51; code A (last at block 0) is outside
+    //   the window → pruned; code B (last at block 51) is within the window → retained.
+    let block_0 = BlockNumber::from(0u32);
+    let block_code_b = BlockNumber::from(HISTORICAL_BLOCK_RETENTION + 1);
+    let block_prunable = BlockNumber::from(2 * HISTORICAL_BLOCK_RETENTION + 1);
+
+    insert_block_header(&mut conn, block_0);
+    insert_block_header(&mut conn, block_code_b);
+    insert_block_header(&mut conn, block_prunable);
+
+    let account_a = build_account_with_code(1);
+    let account_b = build_account_with_code(2);
+
+    // Both accounts must have the same ID for this to test code replacement.
+    assert_eq!(account_a.id(), account_b.id(), "accounts must share the same ID");
+    assert_ne!(
+        account_a.code().commitment(),
+        account_b.code().commitment(),
+        "accounts must have different codes"
+    );
+
+    let account_id = account_a.id();
+    let code_commitment_a = account_a.code().commitment();
+    let code_commitment_b = account_b.code().commitment();
+
+    // Block 0: insert account with code A.
+    upsert_accounts(&mut conn, &[make_full_state_update(&account_a)], block_0)
+        .expect("initial upsert failed");
+
+    // Block RETENTION+1: update the same account ID to code B via a full-state delta.
+    upsert_accounts(&mut conn, &[make_full_state_update(&account_b)], block_code_b)
+        .expect("code-change upsert failed");
+
+    assert_eq!(count_account_codes(&mut conn), 2, "both codes must exist before pruning");
+
+    // Advance past retention window and prune.
+    // cutoff = block_prunable - RETENTION = 2*RETENTION+1 - RETENTION = RETENTION+1 = block_code_b
+    let (_, _, codes_deleted) =
+        prune_history(&mut conn, block_prunable).expect("prune_history failed");
+
+    // Only code A was dropped; code B is still referenced by the latest accounts row.
+    assert_eq!(codes_deleted, 1, "exactly one code (A) must be pruned");
+    assert!(!account_code_exists(&mut conn, code_commitment_a), "old code A must be pruned");
+    assert!(
+        account_code_exists(&mut conn, code_commitment_b),
+        "current code B must be retained"
+    );
+
+    // Confirm the latest account row still points to code B.
+    let (latest_header, _) =
+        select_account_header_with_storage_header_at_block(&mut conn, account_id, block_prunable)
+            .expect("query failed")
+            .expect("account must still exist");
+    assert_eq!(
+        latest_header.code_commitment(),
+        account_b.code().commitment(),
+        "latest account must reference code B"
+    );
+}
+
+/// Prune test 3: code A → code B → code A; after the retention window, code B must be pruned
+/// but code A must be retained because it is still the latest.
+#[test]
+fn test_prune_account_code_retains_revisited_code() {
+    let mut conn = setup_test_db();
+
+    // Block 0:           code A.
+    // Block RETENTION+1: code B (will be outside retention window at prune time).
+    // Block RETENTION+2: back to code A (within the retention window at prune time).
+    // Block 2*RETENTION+2: prune.
+    //   cutoff = 2*RETENTION+2 - RETENTION = RETENTION+2.
+    //   Code A: last referenced at block RETENTION+2 >= cutoff → retained.
+    //   Code B: last referenced at block RETENTION+1 < cutoff → pruned.
+    let block_0 = BlockNumber::from(0u32);
+    let block_code_b = BlockNumber::from(HISTORICAL_BLOCK_RETENTION + 1);
+    let block_code_a_again = BlockNumber::from(HISTORICAL_BLOCK_RETENTION + 2);
+    let block_prunable = BlockNumber::from(2 * HISTORICAL_BLOCK_RETENTION + 2);
+
+    insert_block_header(&mut conn, block_0);
+    insert_block_header(&mut conn, block_code_b);
+    insert_block_header(&mut conn, block_code_a_again);
+    insert_block_header(&mut conn, block_prunable);
+
+    let account_a = build_account_with_code(1);
+    let account_b = build_account_with_code(2);
+
+    assert_eq!(account_a.id(), account_b.id(), "accounts must share the same ID");
+    assert_ne!(
+        account_a.code().commitment(),
+        account_b.code().commitment(),
+        "accounts must have different codes"
+    );
+
+    let account_id = account_a.id();
+    let code_commitment_a = account_a.code().commitment();
+    let code_commitment_b = account_b.code().commitment();
+
+    // Block 0: code A.
+    upsert_accounts(&mut conn, &[make_full_state_update(&account_a)], block_0)
+        .expect("block 0 upsert failed");
+    // Block RETENTION+1: code B.
+    upsert_accounts(&mut conn, &[make_full_state_update(&account_b)], block_code_b)
+        .expect("block code_b upsert failed");
+    // Block RETENTION+2: back to code A.
+    upsert_accounts(&mut conn, &[make_full_state_update(&account_a)], block_code_a_again)
+        .expect("block code_a_again upsert failed");
+
+    // Before pruning: both codes must be in account_codes (code A inserted once via ON CONFLICT DO
+    // NOTHING, code B inserted once).
+    assert_eq!(count_account_codes(&mut conn), 2, "both codes must exist before pruning");
+
+    // Advance past retention window and prune.
+    let (_, _, codes_deleted) =
+        prune_history(&mut conn, block_prunable).expect("prune_history failed");
+
+    // Code B is no longer referenced by any account row within the retention window → pruned.
+    // Code A is still referenced by the block_code_a_again accounts row (within cutoff) → retained.
+    assert_eq!(codes_deleted, 1, "exactly one code (B) must be pruned");
+    assert!(account_code_exists(&mut conn, code_commitment_a), "code A must be retained");
+    assert!(!account_code_exists(&mut conn, code_commitment_b), "code B must be pruned");
+
+    // Confirm the latest account row still points to code A.
+    let (latest_header, _) =
+        select_account_header_with_storage_header_at_block(&mut conn, account_id, block_prunable)
+            .expect("query failed")
+            .expect("account must still exist");
+    assert_eq!(
+        latest_header.code_commitment(),
+        account_a.code().commitment(),
+        "latest account must reference code A"
+    );
+}

crates/store/src/db/tests.rs

@@ -2540,7 +2540,8 @@ fn test_prune_history() {
 
     // Run cleanup with chain_tip = block_tip, cutoff will be block_tip - HISTORICAL_BLOCK_RETENTION
     // = block_cutoff
-    let (vault_deleted, storage_deleted) = queries::prune_history(conn, block_tip).unwrap();
+    let (vault_deleted, storage_deleted, _codes_deleted) =
+        queries::prune_history(conn, block_tip).unwrap();
 
     // Verify deletions occurred
     assert_eq!(vault_deleted, 1, "should delete 1 old vault asset");
@@ -2620,7 +2621,7 @@ fn test_prune_history() {
 
     // This entry at block 0 is marked as is_latest=true by insert_account_vault_asset
     // Run cleanup again
-    let (vault_deleted_2, _) = queries::prune_history(conn, block_tip).unwrap();
+    let (vault_deleted_2, ..) = queries::prune_history(conn, block_tip).unwrap();
 
     // The old latest entry should not be deleted (vault_deleted_2 should be 0)
     assert_eq!(vault_deleted_2, 0, "should not delete any is_latest=true entries");