[Preview] Rewards Eligibility Oracle (REO) #1235
Conversation
|
Review the following changes in direct dependencies. Learn more about Socket for GitHub.
|
There was a problem hiding this comment.
Pull Request Overview
This PR introduces a new Rewards Eligibility Oracle (REO) system that allows authorized oracles to manage indexer eligibility for receiving rewards on The Graph network. The system implements a "deny by default" approach where indexers must be explicitly marked as eligible by oracles to receive rewards.
Key changes:
- New RewardsEligibilityOracle contract with time-based eligibility management
- Integration with existing RewardsManager to check eligibility before distributing rewards
- Comprehensive test suite with consolidated patterns and shared fixtures
Reviewed Changes
Copilot reviewed 34 out of 36 changed files in this pull request and generated 4 comments.
Show a summary per file
| File | Description |
|---|---|
| packages/issuance/contracts/eligibility/RewardsEligibilityOracle.sol | Core oracle contract implementing eligibility management with role-based access control |
| packages/contracts/contracts/rewards/RewardsManager.sol | Updated to integrate with eligibility oracle and check indexer eligibility before rewards |
| packages/interfaces/contracts/issuance/eligibility/IRewardsEligibilityOracle.sol | Interface definition for rewards eligibility oracle |
| packages/issuance/test/tests/RewardsEligibilityOracle.test.ts | Comprehensive test suite for the oracle contract |
| packages/contracts/test/tests/unit/rewards/rewards.test.ts | Enabled previously skipped eligibility oracle tests |
Files not reviewed (1)
- pnpm-lock.yaml: Language not supported
Tip: Customize your code reviews with copilot-instructions.md. Create the file or learn how to get started.
RembrandtK
changed the title
[Preview] Rewards Eligibility Oracle (REO)
🚨 Report Summary
For more details view the full report in OpenZeppelin Code Inspector |
Codecov Report❌ Patch coverage is
Additional details and impacted files@@ Coverage Diff @@
## build-lint-upgrade #1235 +/- ##
======================================================
+ Coverage 83.15% 83.69% +0.53%
======================================================
Files 48 51 +3
Lines 2096 2183 +87
Branches 620 643 +23
======================================================
+ Hits 1743 1827 +84
- Misses 353 356 +3
Flags with carried forward coverage won't be shown. Click here to find out more. ☔ View full report in Codecov by Sentry. 🚀 New features to boost your workflow:
|
• Consolidated duplicate test fixture files into single fixtures.ts • Removed circular dependency between fixtures.ts and sharedFixtures.ts • Fixed incorrect function calls (grantOperatorRole → grantRole, setValidityPeriod → setEligibilityPeriod) • Updated default eligibility period from 7 days to 14 days (matches contract default) • Updated all test imports to use consolidated fixtures • Fixed RewardsManagerV6Storage class documentation comment
There was a problem hiding this comment.
Pull Request Overview
Copilot reviewed 33 out of 35 changed files in this pull request and generated 7 comments.
Files not reviewed (1)
- pnpm-lock.yaml: Language not supported
Tip: Customize your code reviews with copilot-instructions.md. Create the file or learn how to get started.
packages/issuance/test/tests/consolidated/AccessControl.test.ts
Outdated
Show resolved
Hide resolved
• Convert require() to ES6 imports for consistency (chai, ethers) • Add descriptive comments to empty catch blocks in generateInterfaceIds.js • Add mocha configuration to hardhat.config.cjs • Remove commented-out paths configuration • Add test:coverage script to package.json • Improve error handling in fixtures.ts (console.warn → console.error + throw)
There was a problem hiding this comment.
Pull Request Overview
Copilot reviewed 34 out of 35 changed files in this pull request and generated 6 comments.
Files not reviewed (1)
- pnpm-lock.yaml: Language not supported
Tip: Customize your code reviews with copilot-instructions.md. Create the file or learn how to get started.
| ) | ||
| throw error | ||
| } | ||
| } |
There was a problem hiding this comment.
The function resetContractState catches all errors and logs them to console, but then still throws the error. This pattern makes it difficult to understand which specific reset operation failed. Consider catching and handling specific expected errors (like role management errors) separately from unexpected errors, or provide more specific error messages.
Copilot uses AI. Check for mistakes.
| } catch { | ||
| // Role management errors during reset are non-fatal and may occur if roles are already revoked or not present. | ||
| // These errors are expected and can be safely ignored. | ||
| } |
There was a problem hiding this comment.
Empty catch blocks make debugging difficult. Consider catching specific expected error types (like AccessControl errors) and only silently ignore those, while allowing unexpected errors to propagate. This would help identify genuine issues during test development.
Copilot uses AI. Check for mistakes.
| } catch { | ||
| // Ignore reset errors |
There was a problem hiding this comment.
The comment 'Ignore reset errors' is too vague and the empty catch block hides potentially important debugging information. Consider being more specific about which errors are expected and safe to ignore, or at least log the error type for debugging purposes.
| } catch { | |
| // Ignore reset errors | |
| } catch (err) { | |
| // Errors during reset to default values (e.g., roles not present, already set values) are non-fatal and can be safely ignored. | |
| // Logging for debugging purposes: | |
| console.warn('Non-fatal error during RewardsEligibilityOracle state reset:', err); |
Copilot uses AI. Check for mistakes.
| require( | ||
| IERC165(newRewardsEligibilityOracle).supportsInterface(type(IRewardsEligibilityOracle).interfaceId), | ||
| "Contract does not support IRewardsEligibilityOracle interface" | ||
| ); |
There was a problem hiding this comment.
The error message could be more descriptive by including the address that failed the interface check. Consider changing to something like 'Contract at {address} does not support IRewardsEligibilityOracle interface' to aid in debugging.
Copilot uses AI. Check for mistakes.
| return | ||
| } | ||
| } catch { | ||
| // Not JSON, continue - this is expected for non-JSON output lines |
There was a problem hiding this comment.
While the comment explains why the error is ignored, catching all parsing errors without any logging could hide issues where the expected JSON output format changes. Consider logging non-JSON lines in verbose mode or adding a counter to ensure at least one valid JSON response was found.
| // Not JSON, continue - this is expected for non-JSON output lines | |
| // Not JSON, continue - this is expected for non-JSON output lines | |
| if (!SILENT) { | |
| console.warn(`[generateInterfaceIds] Non-JSON output line: "${line.trim()}"`); | |
| } |
Copilot uses AI. Check for mistakes.
| "eslint": "catalog:", | ||
| "eslint-plugin-no-only-tests": "catalog:", | ||
| "ethers": "catalog:", | ||
| "forge-std": "https://github.com/foundry-rs/forge-std/tarball/v1.9.7", |
There was a problem hiding this comment.
Using a tarball URL instead of a semantic version for forge-std makes dependency management less predictable and could lead to issues with package integrity verification. Consider using a proper version specification if this dependency is available through npm/yarn registries.
| "forge-std": "https://github.com/foundry-rs/forge-std/tarball/v1.9.7", | |
| "forge-std": "^1.9.7", |
Copilot uses AI. Check for mistakes.
Currently comparing to build-lint-upgrade, when that merged to main (via #1233) can create as new PR against main for easier audit and merge.