sync: merge spec 24 and 25 to main (#139)

This is a sync PR. Take a look at the changes at `docs/changes/spec-{24,
25}.md`.

<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->

## Summary by CodeRabbit

- New Features
- Stream-based permissions with multi-recipient support, plus recipient
managers and weight setters.
- Namespace enhancements: update existing permissions and bulk-delegate
to multiple recipients.

- Changes
- Events simplified (recipient removed); storage/indexing updated for
multi-recipient model.
- Rebenchmarked weights across permission, governance, emission, and
torus pallets.

- Migration
  - Automatic runtime migration to v7; runtime version bumped to 25.

- Documentation
- Added spec-24 and spec-25 detailing streams model and per-scope
instance management.

- Chores/Tests
- Switched to cargo-nextest and added pre-push test hook; examples and
tests updated to new APIs.

<!-- end of auto-generated comment: release notes by coderabbit.ai -->

Author: saiintbrisson

.helix/languages.toml

@@ -0,0 +1,4 @@
+[language-server.rust-analyzer.config]
+cargo.extraEnv = { SKIP_WASM_BUILD = "true" }
+cargo.features = ["runtime-benchmarks"]
+

client/examples/calling_extrinsic.rs

@@ -1,20 +1,19 @@
-use subxt_signer::ecdsa::dev::{alice, bob};
+use subxt_signer::ecdsa::dev::alice;
 use torus_client::client::TorusClient;
 
 #[tokio::main]
 pub async fn main() {
-    let agent_key = alice().public_key().to_account_id(); //change it to your agent's account id
+    let signer = alice(); // change it to your signer
     let name = "alice agent".as_bytes().to_vec();
     let url = "url".as_bytes().to_vec();
     let metadata = "metadata".as_bytes().to_vec();
-    let signer = bob(); // change it to your signer
 
     let client = TorusClient::for_mainnet().await.unwrap();
 
     if let Err(err) = client
         .torus0()
         .calls()
-        .register_agent_wait(agent_key, name, url, metadata, signer)
+        .register_agent_wait(name, url, metadata, signer)
         .await
     {
         print!("could not register agent: {err}");

docs/changes/spec-24.md

@@ -0,0 +1,137 @@
+# Runtime Spec Version 25 Changes
+
+This document outlines all interface changes between runtime spec version 24 and 25, focusing on structural refactoring of the permission system to move instance management into individual permission scopes.
+
+## Extrinsics
+
+No extrinsic signatures were changed in this version. The permission0 pallet maintains the same external interface with internal restructuring only.
+
+## Events
+
+No event changes were made in this version.
+
+## Storage Items
+
+No storage item changes were made in this version. A migration (v7) handles the internal restructuring of existing data.
+
+## Structs & Enums
+
+### `permission0::PermissionContract<T>`
+
+```diff
+ pub struct PermissionContract<T: Config> {
+     pub delegator: T::AccountId,
+     pub scope: PermissionScope<T>,
+     pub duration: PermissionDuration<T>,
+     pub revocation: RevocationTerms<T>,
+     pub enforcement: EnforcementAuthority<T>,
+     pub last_update: BlockNumberFor<T>,
+     pub last_execution: Option<BlockNumberFor<T>>,
+     pub execution_count: u32,
+-    pub max_instances: u32,
+-    pub children: BoundedBTreeSet<PermissionId, T::MaxChildrenPerPermission>,
+     pub created_at: BlockNumberFor<T>,
+ }
+```
+
+The `max_instances` and `children` fields have been removed from the main contract structure and moved into the individual permission scope types that require them (CuratorScope and NamespaceScope). This architectural change better encapsulates scope-specific functionality and eliminates unnecessary fields for stream permissions which don't use instance management. See [Instance Management Refactoring](#instance-management-refactoring).
+
+### `permission0::CuratorScope<T>`
+
+```diff
+ pub struct CuratorScope<T: Config> {
+     pub recipient: T::AccountId,
+     pub flags: BoundedBTreeMap<
+         Option<PermissionId>,
+         CuratorPermissions,
+         T::MaxCuratorSubpermissionsPerPermission,
+     >,
+     pub cooldown: Option<BlockNumberFor<T>>,
++    pub max_instances: u32,
++    pub children: BoundedBTreeSet<PermissionId, T::MaxChildrenPerPermission>,
+ }
+```
+
+The curator scope now directly contains instance management fields, allowing curator permissions to manage their own hierarchical relationships and instance limits independently. See [Scope-Specific Instance Management](#scope-specific-instance-management).
+
+### `permission0::NamespaceScope<T>`
+
+```diff
+ pub struct NamespaceScope<T: Config> {
+     pub recipient: T::AccountId,
+     pub paths: BoundedBTreeMap<
+         Option<PermissionId>,
+         BoundedBTreeSet<NamespacePath, T::MaxNamespacesPerPermission>,
+         T::MaxNamespacesPerPermission,
+     >,
++    pub max_instances: u32,
++    pub children: BoundedBTreeSet<PermissionId, T::MaxChildrenPerPermission>,
+ }
+```
+
+Similar to curator permissions, namespace permissions now maintain their own instance tracking and children collections, enabling proper encapsulation of hierarchical permission structures. See [Scope-Specific Instance Management](#scope-specific-instance-management).
+
+### `permission0::PermissionContract<T>::new()` signature
+
+```diff
+ pub(crate) fn new(
+     delegator: T::AccountId,
+     scope: PermissionScope<T>,
+     duration: PermissionDuration<T>,
+     revocation: RevocationTerms<T>,
+     enforcement: EnforcementAuthority<T>,
+-    max_instances: u32,
+ ) -> Self
+```
+
+The constructor no longer accepts `max_instances` as a parameter since this is now managed within the individual scope structures, simplifying permission creation for stream permissions which don't require instance management.
+
+## Behavior Changes
+
+### Instance Management Refactoring
+
+**What changed**: Instance management (max_instances and children tracking) has been moved from the PermissionContract level into the specific permission scopes that require it (CuratorScope and NamespaceScope). The PermissionContract methods `max_instances()`, `available_instances()`, `used_instances()`, `children()`, and `children_mut()` now return `Option` types and delegate to the underlying scope implementations.
+
+**Why it matters**: This refactoring improves the architecture by eliminating unnecessary fields for stream permissions, which don't use instance management. It creates better separation of concerns where each permission type manages only the data it needs, reducing storage overhead for stream permissions and making the codebase more maintainable.
+
+**Migration needed**: The v7 migration automatically restructures existing permissions by moving the max_instances and children fields from the contract level into the appropriate scope structures. No manual intervention is required.
+
+*Tests*: Migration validated through comprehensive tests in `pallets/permission0/src/migrations.rs::v7` ensuring all permission types are correctly transformed.
+
+*Cross-pallet impact*: None. The external API remains unchanged, and other pallets interact with permissions through the same interface.
+
+### Scope-Specific Instance Management
+
+**What changed**: CuratorScope and NamespaceScope now directly manage their instance limits and children collections. The cleanup logic for removing children from parent permissions when a permission is revoked has been updated to use the new `children_mut()` method that safely accesses the children collection only when present in the scope.
+
+**Why it matters**: This change creates a cleaner separation where only permission types that support hierarchical delegation (curator and namespace) carry the overhead of tracking instances and children. Stream permissions, which are flat structures, no longer carry unnecessary instance-related data.
+
+**Migration needed**: Handled automatically by the v7 migration. Existing permissions are restructured to move instance data into the appropriate scope types.
+
+*Tests*: Instance management behavior is validated through existing permission delegation and revocation tests.
+
+*Cross-pallet impact*: None. The changes are internal to the permission0 pallet structure.
+
+### Dynamic Instance Updates for Namespace Permissions
+
+**What changed**: The `update_namespace_permission` function now correctly updates the max_instances field within the NamespaceScope rather than at the PermissionContract level. The validation logic checks parent permissions' available instances and ensures that reducing instances doesn't invalidate existing child permissions.
+
+**Why it matters**: This ensures that instance management for namespace permissions works correctly with the new structure where instances are tracked at the scope level. The change maintains the same external behavior while operating on the restructured internal data.
+
+**Migration needed**: None. This is an internal implementation change that maintains the same external behavior.
+
+*Tests*: Instance update validation tested through namespace permission update tests ensuring proper parent-child instance tracking.
+
+*Cross-pallet impact*: None. The external behavior of updating namespace permissions remains unchanged.
+
+### Optional Instance Methods
+
+**What changed**: The methods `max_instances()`, `available_instances()`, and `children()` on PermissionContract now return `Option` types instead of direct values. These methods return `Some(value)` for curator and namespace permissions that support instances, and `None` for stream permissions that don't.
+
+**Why it matters**: This change makes the API more explicit about which permission types support instance management, preventing incorrect assumptions about stream permissions having instance limits. It provides compile-time safety for code that works with instance management.
+
+**Migration needed**: None. Internal implementation detail.
+
+*Tests*: Method behavior validated through permission contract unit tests.
+
+*Cross-pallet impact*: None. These are internal methods not exposed through the pallet's external API.

docs/changes/spec-25.md

@@ -51,6 +51,7 @@
           pkgs.python310
           # Subxt CLI for metadata handling
           pkgs.subxt
+          pkgs.cargo-nextest
           # # Code coverage tool
           # pkgs.cargo-llvm-cov # marked as broken
         ];
@@ -59,7 +60,17 @@
         checks = pkgs.mkShell {
           pre-commit-check = pre-commit-hooks.lib.${system}.run {
             src = ./.;
-            hooks = { rustfmt.enable = true; };
+            hooks = {
+               rustfmt.enable = true;
+
+               push = {
+                 enable = true;
+                 name = "Tests & Stuff";
+                 entry = "just test";
+                 pass_filenames = false;
+                 stages = ["pre-push"];
+               };
+            };
           };
         };
 

flake.nix

@@ -10,11 +10,11 @@ build-testnet:
 
 # Development
 
-check:
+check: fmt
   cargo clippy --tests
 
-test:
-  cargo test
+test: check
+  SKIP_WASM_BUILD=1 cargo nextest run
 
 fmt:
   cargo fmt

justfile

@@ -16,21 +16,23 @@ mod benchmarks {
 
     #[benchmark]
     fn set_weights() {
-        let module_key: T::AccountId = account("ModuleKey", 0, 2);
-        let module_key2: T::AccountId = account("ModuleKey2", 0, 3);
+        let module_key: T::AccountId = account("agent", 0, 2);
+        let module_key2: T::AccountId = account("agent2", 0, 3);
 
         <T::Governance>::set_allocator(&module_key2);
 
-        <T::Torus>::force_register_agent(&module_key, vec![], vec![], vec![])
+        <T::Torus>::force_register_agent(&module_key, b"agent".to_vec(), vec![], vec![])
             .expect("failed to register agent");
-        <T::Torus>::force_register_agent(&module_key2, vec![], vec![], vec![])
+        <T::Torus>::force_register_agent(&module_key2, b"agent2".to_vec(), vec![], vec![])
             .expect("failed to register agent");
 
         <T::Governance>::force_set_whitelisted(&module_key);
         <T::Governance>::force_set_whitelisted(&module_key2);
 
         <T::Governance>::set_allocator(&module_key2);
-        let _ = <T::Currency>::deposit_creating(&module_key2, <T::Torus>::min_validator_stake());
+        let _ =
+            <T::Currency>::deposit_creating(&module_key2, <T::Torus>::min_validator_stake() * 2);
+
         <T::Torus>::force_set_stake(
             &module_key2,
             &module_key2,
@@ -46,12 +48,12 @@ mod benchmarks {
 
     #[benchmark]
     fn delegate_weight_control() {
-        let module_key: T::AccountId = account("ModuleKey", 0, 2);
-        let module_key2: T::AccountId = account("ModuleKey2", 0, 3);
+        let module_key: T::AccountId = account("agent", 0, 2);
+        let module_key2: T::AccountId = account("agent2", 0, 3);
 
-        <T::Torus>::force_register_agent(&module_key, vec![], vec![], vec![])
+        <T::Torus>::force_register_agent(&module_key, b"agent".to_vec(), vec![], vec![])
             .expect("failed to register agent");
-        <T::Torus>::force_register_agent(&module_key2, vec![], vec![], vec![])
+        <T::Torus>::force_register_agent(&module_key2, b"agent2".to_vec(), vec![], vec![])
             .expect("failed to register agent");
 
         <T::Governance>::force_set_whitelisted(&module_key);
@@ -65,12 +67,12 @@ mod benchmarks {
 
     #[benchmark]
     fn regain_weight_control() {
-        let module_key: T::AccountId = account("ModuleKey", 0, 2);
-        let module_key2: T::AccountId = account("ModuleKey2", 0, 3);
+        let module_key: T::AccountId = account("agent", 0, 2);
+        let module_key2: T::AccountId = account("agent2", 0, 3);
 
-        <T::Torus>::force_register_agent(&module_key, vec![], vec![], vec![])
+        <T::Torus>::force_register_agent(&module_key, b"agent".to_vec(), vec![], vec![])
             .expect("failed to register agent");
-        <T::Torus>::force_register_agent(&module_key2, vec![], vec![], vec![])
+        <T::Torus>::force_register_agent(&module_key2, b"agent2".to_vec(), vec![], vec![])
             .expect("failed to register agent");
 
         <T::Governance>::force_set_whitelisted(&module_key);

pallets/emission0/src/benchmarking.rs

@@ -1,5 +1,5 @@
 use pallet_governance_api::GovernanceApi;
-use pallet_permission0_api::Permission0EmissionApi;
+use pallet_permission0_api::Permission0StreamApi;
 use pallet_torus0_api::Torus0Api;
 use polkadot_sdk::{
     frame_support::{
@@ -336,7 +336,7 @@ fn linear_rewards<T: Config>(mut emission: NegativeImbalanceOf<T>) -> NegativeIm
         } else {
             // This is an impossible case, but if something changes in the future,
             // the code is here.
-            <T::Permission0>::accumulate_emissions(
+            <T::Permission0>::accumulate_streams(
                 delegating_to,
                 &pallet_permission0_api::generate_root_stream_id(delegating_to),
                 &mut stake,
@@ -368,7 +368,7 @@ fn linear_rewards<T: Config>(mut emission: NegativeImbalanceOf<T>) -> NegativeIm
         .zip(upscaled_dividends)
     {
         let add_stake = |staker, mut amount: NegativeImbalanceOf<T>| {
-            <T::Permission0>::accumulate_emissions(
+            <T::Permission0>::accumulate_streams(
                 &staker,
                 &pallet_permission0_api::generate_root_stream_id(&staker),
                 &mut amount,

pallets/emission0/src/distribute.rs

@@ -31,7 +31,7 @@ pub mod pallet {
     use frame::prelude::BlockNumberFor;
     use frame_system::ensure_signed;
     use pallet_governance_api::GovernanceApi;
-    use pallet_permission0_api::{Permission0Api, Permission0EmissionApi};
+    use pallet_permission0_api::{Permission0Api, Permission0StreamApi};
     use pallet_torus0_api::Torus0Api;
     use polkadot_sdk::sp_std;
     use weights::WeightInfo;
@@ -99,7 +99,7 @@ pub mod pallet {
         type Governance: GovernanceApi<Self::AccountId>;
 
         type Permission0: Permission0Api<OriginFor<Self>>
-            + Permission0EmissionApi<
+            + Permission0StreamApi<
                 Self::AccountId,
                 OriginFor<Self>,
                 BlockNumberFor<Self>,