test: poa should be validated against parent blocks epoch snapshot, not current

[craigmayhew]

For whomenever may pick this up: the e2e test is not working and I have pushed all my debug. The other two tests look LGTM.

Describe the changes

Three new tests added.

data_poa_boundary_acceptance is an incomplete end-to-end boundary snapshot smoke test.

• Guards the core regression at the epoch boundary: PoA must be validated against the parent epoch snapshot, not the child. If code accidentally uses the child snapshot at the boundary, this block would be rejected (or become non-canonical).

deterministic_boundary_poa_crafted_snapshot

• Lightweight integration test, does not spin up a node.
• Proves the PoA boundary invariant in a minimal, deterministic environment: PoA validates under the PARENT snapshot and fails under a CHILD-like snapshot with a changed slot_index.

heavy_poa_parent_snapshot_integration

• Heavy integration test, spins up a node.
• At an epoch boundary, a data PoA constructed using the parent epoch snapshot must validate against that parent snapshot.
• The same PoA must fail against a later child snapshot after subsequent epoch transitions

Related Issue(s)
Original fix: #815

Checklist

• Tests have been added/updated for the changes.
• Documentation has been updated for the changes (if applicable).
• The code follows Rust's style guidelines.

Summary by CodeRabbit

• Tests
  • Added end-to-end tests validating Proof of Availability functionality at epoch boundaries
  • Added comprehensive validation tests for PoA behavior across epoch snapshots
  • Enhanced testing utilities with new helper functions for data transaction and proof submission workflows

_{✏️ Tip: You can customize this high-level summary in your review settings.}

[craigmayhew]

TRY 2 FAIL [ 6.738s] irys-chain::mod term_ledger_expiry::data_poa_boundary_acceptance::data_poa_boundary_acceptance

[craigmayhew]

Note these flaky tests on the last run:
FLAKY 2/2 [ 60.959s] irys-chain::mod multi_node::validation::slow_heavy_block_invalid_reth_hash_gets_rejected
FLAKY 2/2 [ 54.093s] irys-chain::mod promotion::data_promotion_double::slow_heavy_double_root_data_promotion_test
TRY 2 FAIL [ 35.867s] irys-chain::mod multi_node::fork_recovery::slow_heavy_reorg_upto_block_migration_depth

[craigmayhew]

note more flakes:

FLAKY (2/2) [ 48.225s] irys-chain::mod::block_production::basic_contract::heavy_test_erc20
FLAKY (2/2) [ 8.713s] irys-chain::mod::block_production::block_production::heavy_block_prod_fails_with_insufficient_storage_fees
FLAKY (2/2) [ 10.260s] irys-chain::mod::block_production::block_production::heavy_block_prod_will_not_build_on_invalid_blocks
FLAKY (2/2) [ 3.007s] irys-chain::mod::block_production::block_validation::heavy_test_future_block_rejection
FLAKY (2/2) [ 2.961s] irys-chain::mod::block_production::block_validation::heavy_test_prevalidation_rejects_tampered_vdf_seeds
FLAKY (2/2) [ 95.073s] irys-chain::mod::block_production::reset_seed::slow_heavy_reset_seeds_should_be_correctly_applied_by_the_miner_and_verified_by_the_peer
TRY 2 FAIL [ 25.084s] irys-chain::mod::multi_node::fork_recovery::heavy_shallow_fork_triggers_migration_prune_and_fcu

[craigmayhew]

note a fail and some flake:

FLAKY 2/2 [   3.239s] irys-chain::mod block_production::block_validation::heavy_test_future_block_rejection
FLAKY 2/2 [   3.052s] irys-chain::mod block_production::block_validation::heavy_test_prevalidation_rejects_tampered_vdf_seeds
FLAKY 2/2 [  11.065s] irys-chain::mod block_production::unpledge_refund::heavy_unpledge_all_partitions_refund_flow
TRY 2 FAIL [  17.137s] irys-chain::mod multi_node::fork_recovery::heavy_shallow_fork_triggers_migration_prune_and_fcu

[craigmayhew]

Note: current state of e2e test:

Error: Failed to craft solution meeting difficulty after 200 attempts (last 
got=69657161332160831908330912430606525786921681880888770571758383211263951394128, 
expected>=77194726158210796949047323339125271902179989777093709359638389338608753093290)

[coderabbitai]

📝 Walkthrough

Walkthrough

This PR introduces comprehensive test coverage for Proof of Availability (PoA) validation at epoch boundaries. It adds new test files covering deterministic and integration scenarios, provides utility functions for PoA testing workflows, and enables the irys-efficient-sampling workspace dependency for development.

Changes

Cohort / File(s)	Summary
Dependency Configuration crates/chain/Cargo.toml	Added irys-efficient-sampling.workspace = true as a dev-dependency to enable workspace member access for testing purposes.
Test Utilities crates/chain/tests/utils.rs	Added three new public async helper functions: craft_data_poa_solution_from_tx (crafts PoA solutions from transactions), get_epoch_snapshot (retrieves epoch snapshots from node), and submit_solution_to_block_producer (submits PoA solutions). Also reworded timeout error message for ingress proof validation.
Block Production Tests crates/chain/tests/block_production/mod.rs, crates/chain/tests/block_production/data_poa_boundary_acceptance.rs	Added end-to-end test data_poa_boundary_acceptance that validates PoA at epoch boundaries by mining blocks, advancing epochs, posting data transactions, and verifying PoA solutions meet difficulty requirements. Includes helper functions for partition debugging and snapshot assertions.
Validation Tests crates/chain/tests/validation/mod.rs, crates/chain/tests/validation/deterministic_boundary_poa_crafted_snapshot.rs, crates/chain/tests/validation/heavy_poa_parent_snapshot_integration.rs	Added two new validation test files: deterministic_boundary_poa_crafted_snapshot validates PoA against parent and mutated child epoch snapshots with deterministic scenarios; heavy_poa_parent_snapshot_integration exercises PoA validation across epoch boundaries with actual chain state. Module declarations added to expose new tests.

Estimated code review effort

🎯 3 (Moderate) | ⏱️ ~25 minutes

Pre-merge checks and finishing touches

✅ Passed checks (3 passed)

Check name	Status	Explanation
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.
Title check	✅ Passed	The title clearly identifies the main change: adding tests to verify PoA validation uses parent epoch snapshot, not current. It directly matches the primary objective of the PR.
Docstring Coverage	✅ Passed	Docstring coverage is 100.00% which is sufficient. The required threshold is 80.00%.

✨ Finishing touches

• 📝 Generate docstrings

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[coderabbitai]

Actionable comments posted: 8

Caution

Some comments are outside the diff and can’t be posted inline due to platform limitations.

⚠️ Outside diff range comments (1)

crates/chain/tests/utils.rs (1)

3168-3242: solution_context_with_poa_chunk correctly builds deterministic PoA solutions; consider emphasizing its constraints

This helper cleanly:

• Starts/stops VDF internally and waits for a (step-1, step) pair with at least two steps.
• Computes checkpoints for step-1.
• Uses a fixed partition_hash = H256::zero and partition_chunk_offset = 0 and builds solution_hash = sha256(poa_chunk || offset_le || vdf_output).

Two suggestions:

• Document that recall-range alignment is intentionally ignored. The comment mentions “without recall-range dependency”, but it’s helpful to be explicit that this must only be used in tests where PoA verification is disabled, otherwise PoA will (correctly) fail.
• Guard against steps.len() < 2 defensively. You already check steps.len() >= 2 in the loop, but an additional assert before indexing keeps the function future-proof if get_steps semantics ever change.

Otherwise the construction is consistent with how solution_hash is used elsewhere.

📜 Review details

Configuration used: Repository UI

Review profile: ASSERTIVE

Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between 978ff95 and fef3c63.

⛔ Files ignored due to path filters (1)

• Cargo.lock is excluded by !**/*.lock

📒 Files selected for processing (7)

• crates/chain/Cargo.toml
• crates/chain/tests/block_production/data_poa_boundary_acceptance.rs
• crates/chain/tests/block_production/mod.rs
• crates/chain/tests/utils.rs
• crates/chain/tests/validation/deterministic_boundary_poa_crafted_snapshot.rs
• crates/chain/tests/validation/heavy_poa_parent_snapshot_integration.rs
• crates/chain/tests/validation/mod.rs

🧰 Additional context used

🧬 Code graph analysis (4)

crates/chain/tests/validation/heavy_poa_parent_snapshot_integration.rs (3)

crates/actors/src/block_validation.rs (1)

• poa_is_valid (1063-1196)

crates/types/src/block.rs (1)

• merklize_tx_root (619-635)

crates/types/src/config/node.rs (2)

• consensus_config (658-674)
• miner_address (689-691)

crates/chain/tests/block_production/mod.rs (1)

crates/chain/tests/block_production/data_poa_boundary_acceptance.rs (1)

• data_poa_boundary_acceptance (22-237)

crates/chain/tests/block_production/data_poa_boundary_acceptance.rs (1)

crates/chain/tests/utils.rs (5)

• craft_data_poa_solution_from_tx (88-285)
• get_epoch_snapshot (288-299)
• read_block_from_state (3288-3343)
• submit_solution_to_block_producer (302-318)
• new_genesis (549-552)

crates/chain/tests/validation/mod.rs (2)

crates/chain/tests/validation/deterministic_boundary_poa_crafted_snapshot.rs (1)

• deterministic_boundary_poa_crafted_snapshot (30-331)

crates/chain/tests/validation/heavy_poa_parent_snapshot_integration.rs (1)

• heavy_poa_parent_snapshot_integration (35-274)

🔇 Additional comments (4)

crates/chain/Cargo.toml (1)

72-88: Dev-dependency wiring for irys-efficient-sampling looks correct

The crate is correctly added as a workspace dev-dependency and matches the irys_efficient_sampling usage in tests; no further changes needed.

crates/chain/tests/block_production/mod.rs (1)

7-7: Module wiring for data_poa_boundary_acceptance is appropriate

Private module inclusion cleanly hooks the new e2e test into the block_production test suite.

crates/chain/tests/validation/mod.rs (1)

3-4: New PoA validation test modules correctly registered

The added mod deterministic_boundary_poa_crafted_snapshot; and mod heavy_poa_parent_snapshot_integration; correctly integrate the new PoA boundary tests into the validation suite without affecting public APIs.

crates/chain/tests/utils.rs (1)

1323-1327: Timeout message improvement is clearer and more actionable

The new message:

"Timed out waiting for {} ingress proof(s) within {} seconds"

is more explicit than the previous wording and should make debugging test timeouts easier. No further changes needed here.

[coderabbitai]

⚠️ Potential issue | 🟠 Major

tx_ledger_offset = slot_size is a brittle assumption about ledger layout

Here you assume the second tx’s first chunk starts exactly at slot_size:

// tx2 starts at slot 1
let tx_ledger_offset: u64 = slot_size;

That’s only guaranteed if:

• There is no prior Submit data occupying those chunks, and
• Each of the two txs contributes exactly one full partition’s worth of chunks in order, with no interleaving.

Given the amount of prior epoch activity (stake/pledge, capacity assignments, backfill, etc.), this coupling to implementation details of packing is fragile. If the packing or ledger layout changes (or other txs are present), the actual ledger offset for tx can differ, and the crafted PoA will be misaligned even when the parent snapshot selection is correct.

To make the test robust, consider:

• Deriving the actual ledger chunk offset for tx from BlockIndex once its inclusion block is known (e.g., via get_block_bounds or a small helper), then feeding that concrete offset into craft_data_poa_solution_from_tx, or
• Asserting (via introspection) that the computed offset really matches slot_size before crafting the PoA, and failing fast with a clear message if not.

This will decouple the regression check from low-level packing assumptions and should reduce false negatives.

[coderabbitai]

⚠️ Potential issue | 🟡 Minor

Verify miner address used for PoA entropy matches the block’s miner address

The PoA chunk entropy is keyed off the miner address, and craft_data_poa_solution_from_tx uses the miner_addr you pass to derive the entropy:

let miner_addr = node.node_ctx.config.node_config.reward_address;
...
let sol_result = craft_data_poa_solution_from_tx(
    &node,
    &tx,
    partition_hash,
    miner_addr,
    Some(tx_ledger_offset),
)

Elsewhere (e.g., solution_context/capacity_chunk_solution) the miner address is taken from node_ctx.config.node_config.miner_address(). If reward_address and miner_address() ever diverge, the entropy used when crafting the PoA will not match the address passed into poa_is_valid during validation, and you’ll get PoAChunkHashMismatch even when everything else is aligned.

Please double-check that:

• SolutionContext.mining_address (filled by the helper) becomes the same address poa_is_valid uses as miner_address, and
• That this address is the one you intend to use here (likely miner_address() rather than reward_address, unless they’re guaranteed equal in tests).

If they differ, switch to node.node_ctx.config.node_config.miner_address() for entropy and solution crafting to avoid subtle mismatches.

[coderabbitai]

⚠️ Potential issue | 🟠 Major

🧩 Analysis chain

🏁 Script executed:

#!/bin/bash
# Find the test file and check if it exists
find . -name "data_poa_boundary_acceptance.rs" -type f

Repository: Irys-xyz/irys

Length of output: 126

---

🏁 Script executed:

#!/bin/bash
# Get repo structure overview
ls -la crates/chain/tests/block_production/ 2>/dev/null | head -20

Repository: Irys-xyz/irys

Length of output: 1223

---

🏁 Script executed:

#!/bin/bash
# Search for VDF-related code to understand the mechanism
rg "start_vdf|current_step|vdf_advance" --type rust -i | head -30

Repository: Irys-xyz/irys

Length of output: 2378

---

🏁 Script executed:

#!/bin/bash
# Look for difficulty configuration in tests
rg "max_attempts|500" crates/chain/tests/block_production/ --type rust -B 2 -A 2

Repository: Irys-xyz/irys

Length of output: 1534

---

🏁 Script executed:

#!/bin/bash
# Read the test file to see full context
wc -l crates/chain/tests/block_production/data_poa_boundary_acceptance.rs

Repository: Irys-xyz/irys

Length of output: 128

---

🏁 Script executed:

#!/bin/bash
# Read the test file starting from earlier to understand context
cat -n crates/chain/tests/block_production/data_poa_boundary_acceptance.rs | head -200

Repository: Irys-xyz/irys

Length of output: 9263

---

🏁 Script executed:

#!/bin/bash
# Look for the function containing lines 151-200
cat -n crates/chain/tests/block_production/data_poa_boundary_acceptance.rs | sed -n '1,250p'

Repository: Irys-xyz/irys

Length of output: 11366

---

🏁 Script executed:

#!/bin/bash
# Check if start_mining calls start_vdf or if they're separate
rg "start_mining|start_vdf" crates/chain/src/chain.rs -A 10 | head -50

Repository: Irys-xyz/irys

Length of output: 962

---

🏁 Script executed:

#!/bin/bash
# Look at the craft_data_poa_solution_from_tx implementation
rg "fn craft_data_poa_solution_from_tx" crates/chain/tests/ -A 40 | head -100

Repository: Irys-xyz/irys

Length of output: 2967

---

🏁 Script executed:

#!/bin/bash
# Check VDF advancement and what makes current_step change
rg "global_step" crates/chain/tests/utils.rs -B 5 -A 5 | head -80

Repository: Irys-xyz/irys

Length of output: 2373

---

🏁 Script executed:

#!/bin/bash
# Look for difficulty settings and how they impact solution finding
rg "sha_1s_difficulty|solution_diff|parent_diff" crates/ --type rust | head -30

Repository: Irys-xyz/irys

Length of output: 2567

---

🏁 Script executed:

#!/bin/bash
# Check if there's a direct call to start_vdf before the loop
cat -n crates/chain/tests/block_production/data_poa_boundary_acceptance.rs | sed -n '145,165p'

Repository: Irys-xyz/irys

Length of output: 853

---

🏁 Script executed:

#!/bin/bash
# Look at what start_mining does more carefully
cat -n crates/chain/src/chain.rs | grep -A 15 "pub fn start_mining"

Repository: Irys-xyz/irys

Length of output: 809

---

🏁 Script executed:

#!/bin/bash
# Check if there are any asserts on VDF progression in similar test patterns
rg "global_step|current_step" crates/chain/tests/ -B 3 -A 3 | head -100

Repository: Irys-xyz/irys

Length of output: 6192

---

🏁 Script executed:

#!/bin/bash
# Look at how other tests handle the solution loop and difficulty
rg "max_attempts|craft_.*_solution" crates/chain/tests/block_production/ --type rust -B 5 -A 10 | head -150

Repository: Irys-xyz/irys

Length of output: 5444

---

🏁 Script executed:

#!/bin/bash
# Check if there are any recent test failures or flakiness issues mentioned
git log --oneline --all --grep="flak\|data_poa_boundary\|solution.*fail" | head -20

Repository: Irys-xyz/irys

Length of output: 917

---

🏁 Script executed:

#!/bin/bash
# Search for examples of VDF progression assertions in test code
rg "while.*global_step|assert.*global_step|greater.*step" crates/chain/tests/ --type rust -B 3 -A 3 | head -60

Repository: Irys-xyz/irys

Length of output: 2048

---

🏁 Script executed:

#!/bin/bash
# Look for any recent changes to the data_poa_boundary_acceptance test
git log --oneline -p crates/chain/tests/block_production/data_poa_boundary_acceptance.rs | head -100

Repository: Irys-xyz/irys

Length of output: 4493

---

🏁 Script executed:

#!/bin/bash
# Check what the craft_data_poa_solution_from_tx function returns and how it handles VDF step changes
sed -n '560,650p' crates/chain/tests/utils.rs

Repository: Irys-xyz/irys

Length of output: 3380

---

🏁 Script executed:

#!/bin/bash
# Look at the full craft_data_poa_solution_from_tx to see if it handles VDF progression
sed -n '440,530p' crates/chain/tests/utils.rs

Repository: Irys-xyz/irys

Length of output: 3149

---

🏁 Script executed:

#!/bin/bash
# Check if there are assertions about VDF step advancement in the solution finding loop
rg "attempt|step.*advance|steps.*change" crates/chain/tests/block_production/data_poa_boundary_acceptance.rs -B 2 -A 2

Repository: Irys-xyz/irys

Length of output: 973

---

🏁 Script executed:

#!/bin/bash
# Get the full context of how solution_crafting_loop_capacity_poa handles VDF
rg "solution_crafting_loop_capacity_poa" crates/chain/tests/utils.rs -A 100 | head -120

Repository: Irys-xyz/irys

Length of output: 39

---

🏁 Script executed:

#!/bin/bash
# Check if craft_data_poa_solution_from_tx actually uses new VDF steps or reuses the same one
cat -n crates/chain/tests/utils.rs | sed -n '295,380p'

Repository: Irys-xyz/irys

Length of output: 3606

---

🏁 Script executed:

#!/bin/bash
# Look at the actual implementation more carefully to see step advancement
rg "fn craft_data_poa_solution_from_tx" crates/chain/tests/utils.rs -A 80 | head -100

Repository: Irys-xyz/irys

Length of output: 3264

---

🏁 Script executed:

#!/bin/bash
# See the rest of craft_data_poa_solution_from_tx to understand the full flow
sed -n '100,200p' crates/chain/tests/utils.rs | grep -A 150 "pub async fn craft_data_poa_solution_from_tx" | tail -80

Repository: Irys-xyz/irys

Length of output: 39

---

🏁 Script executed:

#!/bin/bash
# Get a longer look at the craft_data_poa_solution_from_tx function
cat -n crates/chain/tests/utils.rs | sed -n '100,280p'

Repository: Irys-xyz/irys

Length of output: 8305

---

🏁 Script executed:

#!/bin/bash
# Check if there are any VDF step advancement checks/assertions we might have missed
rg "assert|expect" crates/chain/tests/block_production/data_poa_boundary_acceptance.rs | grep -i vdf

Repository: Irys-xyz/irys

Length of output: 39

---

🏁 Script executed:

#!/bin/bash
# Understand the VDF progression rate - how fast does global_step advance with sha_1s_difficulty=10_000?
rg "sha_1s_difficulty.*10.*000|vdf.*step.*time|VDF.*advance" crates/ --type rust -B 2 -A 2 | head -40

Repository: Irys-xyz/irys

Length of output: 2755

---

🏁 Script executed:

#!/antml:bash
# Check if 50ms is sufficient for VDF to advance by one step
rg "Duration.*millis|sleep.*[0-9]" crates/chain/tests/ --type rust | grep -A 2 -B 2 "200\|500" | head -30

Repository: Irys-xyz/irys

Length of output: 2866

---

🏁 Script executed:

#!/bin/bash
# Check if there's monitoring of VDF step progression in the test loop itself
cat -n crates/chain/tests/block_production/data_poa_boundary_acceptance.rs | sed -n '154,200p'

Repository: Irys-xyz/irys

Length of output: 2001

---

🏁 Script executed:

#!/antml:bash
# See how long 500 attempts with 50ms delays would take
python3 <<'EOF'
attempts = 500
delay_ms = 50
total_ms = attempts * delay_ms
total_secs = total_ms / 1000
print(f"Max loop time: {total_ms}ms = {total_secs}s")
print(f"This assumes every attempt takes negligible time")
print(f"Test timeout is typically 10-30 seconds")
EOF

Repository: Irys-xyz/irys

Length of output: 143

---

🏁 Script executed:

#!/bin/bash
# Check what happens if VDF step doesn't advance - does the loop get stuck?
# Look at error handling in the test
cat -n crates/chain/tests/block_production/data_poa_boundary_acceptance.rs | sed -n '200,210p'

Repository: Irys-xyz/irys

Length of output: 495

---

Solution loop lacks VDF progression verification despite existing mitigations

The test already calls start_mining() (which starts VDF) and sets difficulty to 10,000. However, the core flakiness risk remains unaddressed: there is no assertion or explicit monitoring that global_step actually advances between the 500 solution attempts.

Each iteration of craft_data_poa_solution_from_tx() reads the current VDF step independently, but if VDF advancement stalls, the same steps[1] seed will be used repeatedly, generating identical solution hashes and triggering "recall range mismatch" errors. With 50ms delays between attempts (500 × 50ms = 25 seconds), the loop can timeout before finding a valid solution.

To stabilize this test, add an explicit check that global_step increases across attempts, or fail fast if VDF is not progressing. Alternatively, increase the delay between attempts or further reduce difficulty to reduce reliance on VDF progression.

[coderabbitai]

⚠️ Potential issue | 🟡 Minor

Snapshot-shape debug assertions are helpful but tightly coupled to config

debug_asserts_first_slots enforces exact numbers of slots and partitions:

assert_eq!(expected_submit_slots, submit_slots.len(), ...);
assert_eq!(expected_submit_partitions, submit_slots.first().map(|s| s.partitions.len()).unwrap_or_default(), ...);
...

With expected_* = 1 throughout the test, this effectively asserts that the first Submit/Publish slot always has a single partition. That’s reasonable for the specific config you set up here, but quite sensitive to any changes in epoch/backfill or capacity partition logic.

Given this is primarily a regression test for snapshot selection, consider:

• Either relaxing these checks (e.g., assert “>= 1 partition” where that’s all you strictly need), or
• Adding a brief comment near the call sites noting that these asserts encode invariants of the current test config and will need adjustment if the consensus layout changes.

Not strictly wrong, but it’s an easy source of future breakage unrelated to the PoA regression itself.

🤖 Prompt for AI Agents

In crates/chain/tests/block_production/data_poa_boundary_acceptance.rs around
lines 281 to 324, the debug_asserts_first_slots helper rigidly asserts exact
slot/partition counts which couples the test to current epoch/partition layout;
change the equality assertions to more robust checks (e.g.,
assert!(submit_slots.len() >= expected_submit_slots) and
assert!(submit_slots.first().map(|s| s.partitions.len()).unwrap_or_default() >=
expected_submit_partitions) and similarly for publish slots/partitions) or, if
you prefer to keep exact counts, add a short comment at the call sites
explaining these asserts encode the current test configuration and must be
updated if epoch/backfill/partitioning logic changes; update the assertion
messages to reflect the new comparison (">=") so failure output remains clear.

[coderabbitai]

⚠️ Potential issue | 🟠 Major

Clarify/strengthen assumptions around tx_ledger_offset and slot window

craft_data_poa_solution_from_tx assumes that tx_ledger_offset (or block.data_ledgers[Submit].total_chunks when None) is exactly the ledger chunk offset of the tx’s first chunk within the chosen partition’s slot:

let slot_start = slot_index * num_partitions_per_slot * num_chunks_in_partition;
let chunk_ledger_offset =
    tx_ledger_offset.unwrap_or_else(|| block.data_ledgers[DataLedger::Submit].total_chunks);
let slot_end = slot_start + chunks_per_partition;
ensure!(
    chunk_ledger_offset >= slot_start && chunk_ledger_offset < slot_end,
    "chunk ledger offset {} is outside partition slot range [...]",
    ...
);

Two points to tighten:

1. Callers must pass the actual ledger offset. For mempool txs you’re assuming they will be placed exactly at prev_total_chunks; if the packing/ordering logic changes (or other txs are inserted ahead), this invariant breaks and the helper silently fails. It’s worth:

   • Documenting this requirement explicitly in the function docs, and/or
   • Adding a helper that derives the ledger offset from BlockIndex or the inclusion block post-factum, then calling this helper with a precise offset.

2. Explicitly enforce partition_chunk_offset < num_chunks_in_partition. You currently rely on the inequality above plus subtraction, but a direct assert/ensure on the derived partition_chunk_offset_u64 being < chunks_per_partition makes the intent clear and protects against misconfigured tx_ledger_offset.

This will make failures easier to diagnose and decouple the helper from fragile assumptions about block-construction order.

🤖 Prompt for AI Agents

In crates/chain/tests/utils.rs around lines 88 to 145, the function assumes
tx_ledger_offset (or block.data_ledgers[Submit].total_chunks when None) exactly
equals the ledger chunk offset of the tx’s first chunk in the partition slot and
only implicitly checks the slot range; update the code and docs to (1) document
in the function comment that callers must supply the precise ledger chunk offset
for the tx (or call a new helper to derive it from a BlockIndex/inclusion block)
so callers don’t rely on the fragile "prev_total_chunks" assumption, and (2) add
an explicit eyre::ensure! check after computing partition_chunk_offset_u64 that
partition_chunk_offset_u64 < chunks_per_partition (with a clear error message)
before converting to u32 to make the intent and invariant explicit and fail fast
on misconfiguration.

[coderabbitai]

⚠️ Potential issue | 🟠 Major

🧩 Analysis chain

🏁 Script executed:

cat -n crates/chain/tests/utils.rs | sed -n '180,250p'

Repository: Irys-xyz/irys

Length of output: 3430

---

🏁 Script executed:

rg -n "solution_context_with_poa_chunk|solution_context|capacity_chunk_solution" crates/chain/tests/utils.rs -A 5

Repository: Irys-xyz/irys

Length of output: 1472

---

🏁 Script executed:

cat -n crates/chain/tests/utils.rs | sed -n '3175,3220p'

Repository: Irys-xyz/irys

Length of output: 2085

---

🏁 Script executed:

cat -n crates/chain/tests/utils.rs | sed -n '320,380p'

Repository: Irys-xyz/irys

Length of output: 2633

---

🏁 Script executed:

cat -n crates/chain/tests/utils.rs | sed -n '378,450p'

Repository: Irys-xyz/irys

Length of output: 3655

---

🏁 Script executed:

cat -n crates/chain/tests/utils.rs | sed -n '160,200p'

Repository: Irys-xyz/irys

Length of output: 1917

---

🏁 Script executed:

cat -n crates/chain/tests/utils.rs | sed -n '120,165p'

Repository: Irys-xyz/irys

Length of output: 2189

---

🏁 Script executed:

cat -n crates/chain/tests/utils.rs | sed -n '70,125p'

Repository: Irys-xyz/irys

Length of output: 2749

---

🏁 Script executed:

cat -n crates/chain/tests/utils.rs | sed -n '3220,3280p'

Repository: Irys-xyz/irys

Length of output: 2590

---

🏁 Script executed:

rg -n "craft_data_poa_solution_from_tx" crates/chain/tests/ -B 3 -A 3

Repository: Irys-xyz/irys

Length of output: 1940

---

🏁 Script executed:

cat -n crates/chain/tests/block_production/data_poa_boundary_acceptance.rs | sed -n '140,180p'

Repository: Irys-xyz/irys

Length of output: 1745

---

🏁 Script executed:

python3 << 'EOF'
# Simulate the scenario where num_chunks_in_partition is not an exact multiple
num_chunks_in_partition = 10
num_chunks_in_recall_range = 3

# Current code (floor division)
num_recall_ranges_floor = (num_chunks_in_partition // num_chunks_in_recall_range)
print(f"Floor division: {num_recall_ranges_floor}")

# Correct code (div_ceil)
import math
num_recall_ranges_ceil = math.ceil(num_chunks_in_partition / num_chunks_in_recall_range)
print(f"Ceil division: {num_recall_ranges_ceil}")

# Test what happens with chunk offsets
print("\nChunk offset analysis:")
for offset in range(num_chunks_in_partition):
    recall_index = offset // num_chunks_in_recall_range
    print(f"  offset {offset}: recall_index={recall_index}, valid_with_floor={recall_index < num_recall_ranges_floor}, valid_with_ceil={recall_index < num_recall_ranges_ceil}")
EOF

Repository: Irys-xyz/irys

Length of output: 143

---

🏁 Script executed:

cat << 'EOF'
# Scenario: num_chunks_in_partition = 10, num_chunks_in_recall_range = 3
# Floor division: 10 / 3 = 3
# Ceil division: (10 + 3 - 1) / 3 = 12 / 3 = 4
# 
# With floor division (3 ranges):
#   - Range 0: chunks 0-2
#   - Range 1: chunks 3-5
#   - Range 2: chunks 6-8
#   - Chunk 9 would have index 3, but 3 is not < 3, so it fails bounds check
#
# With ceil division (4 ranges):
#   - Range 0: chunks 0-2
#   - Range 1: chunks 3-5
#   - Range 2: chunks 6-8
#   - Range 3: chunks 9
#   - Chunk 9 would have index 3, and 3 < 4, so it passes
echo "Math check: 10 / 3 = 3 (floor), ceil(10/3) = 4"
echo "Last chunk (9) maps to recall_index = 9/3 = 3"
echo "With floor (3): 3 < 3 is FALSE (rejected)"
echo "With ceil (4): 3 < 4 is TRUE (accepted)"
EOF

Repository: Irys-xyz/irys

Length of output: 795

---

🏁 Script executed:

rg -n "get_recall_range" crates/ --type rust | grep -E "fn|pub" | head -20

Repository: Irys-xyz/irys

Length of output: 418

---

🏁 Script executed:

cat -n crates/actors/src/block_validation.rs | sed -n '1035,1100p'

Repository: Irys-xyz/irys

Length of output: 3012

---

🏁 Script executed:

cat -n crates/efficient-sampling/src/lib.rs | sed -n '1,100p'

Repository: Irys-xyz/irys

Length of output: 5056

---

Fix recall-range count to use div_ceil

The recall-window setup has a critical bounds-checking bug:

let num_chunks_in_partition = ...;
let num_chunks_in_recall_range = ...;
let num_recall_ranges_in_partition =
    (num_chunks_in_partition / num_chunks_in_recall_range) as usize;
// ...
let recall_index = (u64::from(partition_chunk_offset) / num_chunks_in_recall_range) as usize;
ensure!(
    recall_index < num_recall_ranges_in_partition,
    ...
);

When num_chunks_in_partition is not an exact multiple of num_chunks_in_recall_range, floor division undercounts the number of ranges. For example, with 10 chunks and 3 chunks per range: floor division gives 3 ranges (indices 0–2), but chunks 0–8 map to indices 0–2, while chunk 9 maps to index 3, which then fails the bounds check as out of bounds.

Fix by using div_ceil:

let num_recall_ranges_in_partition =
    num_chunks_in_partition.div_ceil(num_chunks_in_recall_range) as usize;

Additionally, this helper assumes the VDF is already running and that get_steps() will succeed. Unlike solution_context_with_poa_chunk which explicitly calls node_ctx.start_vdf(), this function relies on callers to have initialized the VDF separately. This should either be started within the helper for consistency or clearly documented so callers understand the requirement.

🤖 Prompt for AI Agents

crates/chain/tests/utils.rs lines ~196-238: the calculation of
num_recall_ranges_in_partition uses floor division which undercounts ranges when
partition size is not an exact multiple of the recall-range size; change the
calculation to use div_ceil on num_chunks_in_partition with
num_chunks_in_recall_range (and cast to usize) so the bounds check is correct;
additionally, either start the VDF unconditionally in this helper (call the
existing node_ctx.start_vdf() before get_steps()) or document in the function
comment that the VDF must be started by callers, so get_steps() cannot fail
unexpectedly.

[coderabbitai]

🧹 Nitpick | 🔵 Trivial

Deterministic crafted-snapshot PoA test is well-structured and matches the intended invariant

The test:

• Constructs a minimal BlockIndex + EpochSnapshot context.
• Ensures the prelude block advances total_chunks to exactly slot_start, then places a single-chunk Submit tx at slot_start in the synthetic block.
• Builds PoaData consistent with that layout and proves it valid under the parent snapshot.
• Mutates only the partition’s slot_index in a cloned snapshot and correctly accepts MerkleProofInvalid | PoAChunkOffsetOutOfBlockBounds | BlockBoundsLookupError as expected child-invalid outcomes.

This is a solid, deterministic guard against regressions in snapshot selection. If you want to future-proof further, you could assert that the selected partition’s slot_index is initially non-None and document that this test assumes at least one Submit partition exists in the genesis snapshot.

🤖 Prompt for AI Agents

In crates/chain/tests/validation/deterministic_boundary_poa_crafted_snapshot.rs
around lines 30 to 331, add an explicit assertion that the selected partition
assignment has a non-None slot_index and that the parent_epoch_snapshot contains
at least one Submit ledger slot/partition before using it; if either
precondition fails, fail the test with a clear message. Modify the setup so you
retrieve the partition assignment, assert pa.slot_index.is_some() and that
parent_epoch_snapshot.ledgers.get_slots(DataLedger::Submit).first() exists (and
contains a partition), then proceed — this documents and enforces the test’s
assumption and prevents silent panics if fixtures change.

[coderabbitai]

⚠️ Potential issue | 🟠 Major

Guard partition_chunk_offset against exceeding the partition’s slot range

Here you only assert prev_total_chunks >= slot_start and then derive:

let partition_chunk_offset_u64 = prev_total_chunks - slot_start;
let partition_chunk_offset: u32 = partition_chunk_offset_u64 as u32;

If prev_total_chunks ever reaches or exceeds slot_start + num_chunks_in_partition, partition_chunk_offset will point past the partition’s slot window, making the PoA invalid even under the parent snapshot (or silently truncating via as u32 if this code changes).

Suggest tightening the invariant to keep the crafted PoA within the intended slot:

let slot_end = slot_start + cpp;
assert!(
    prev_total_chunks >= slot_start && prev_total_chunks < slot_end,
    "prelude did not add expected chunks: prev_total={} in [{}, {})",
    prev_total_chunks,
    slot_start,
    slot_end,
);
let partition_chunk_offset_u64 = prev_total_chunks - slot_start;
let partition_chunk_offset: u32 = partition_chunk_offset_u64 as u32;

This keeps the test robust to future tweaks in how total_chunks is advanced.

🤖 Prompt for AI Agents

In crates/chain/tests/validation/heavy_poa_parent_snapshot_integration.rs around
lines 96 to 116, tighten the invariant that computes partition_chunk_offset so
it cannot point past the partition’s slot: compute slot_end = slot_start + cpp
and replace the existing assert with one that checks prev_total_chunks >=
slot_start && prev_total_chunks < slot_end (including a clear message showing
prev_total_chunks, slot_start, slot_end); then derive partition_chunk_offset_u64
= prev_total_chunks - slot_start and cast to u32 as before. Ensure the assert
message matches the new bounds and keeps the test robust to future changes.