Handling of intent execution failures (#564)

### Error Types and Handling
#### ActionError
Occurs when one or more actions in the intent fail.
Depending on configuration, we strip failing actions and continue with
the commit phase.
A future feature will allow users to mark actions as mandatory, in which
case we will return ActionError immediately.

#### CommitIdError
Happens when another process (retry script) commits using the same
commit ID, invalidating ours.
The system now resets the TaskInfoFetcher and retries the execution
automatically.

#### CpiLimitError
Indicates that a transaction exceeded Solana’s CPI (cross-program
invocation) limits.

Recovery flow:
Single-stage → Two-stage: switch strategy and retry using the same
buffers and ALTs.
Two-stage with mandatory actions: strip away actions and retry.
If it still fails, return CpiLimitError. This should not normally happen
and implies a contract-level validation issue.

#### Other Errors
Will retry only IO errors

<!-- greptile_comment -->

<h2>Greptile Overview</h2>

Updated On: 2025-10-07 17:46:54 UTC

<h3>Summary</h3>
This PR introduces comprehensive error handling and recovery mechanisms
for intent execution failures in the MagicBlock validator system. The
changes implement sophisticated retry logic for three main error types:
`ActionError` (when individual actions fail), `CommitIdError` (when
commit IDs become invalidated by concurrent processes), and
`CpiLimitError` (when transactions exceed Solana's cross-program
invocation limits).

The implementation refactors the task system from enum-based to modular
design with separate `ArgsTask` and `BufferTask` modules, introduces a
`PreparationState` lifecycle management system, and adds single-stage
and two-stage execution strategies. The error recovery flows include
automatic retry mechanisms with exponential backoff, strategy switching
(single-stage to two-stage for CPI limit errors), action stripping for
failed operations, and cache invalidation with fresh commit ID
generation for race conditions.

Key architectural changes include:
- New error classification system that maps Solana transaction errors to
specific recovery strategies
- Task state management with preparation lifecycle tracking
(`NotNeeded`, `Required`, `Cleanup`)
- Resource cleanup mechanisms for buffer accounts and lookup table keys
- Retry logic with configurable ceilings and backoff strategies
- Visitor pattern implementation for task processing and metadata
extraction

The changes integrate with the existing committor service architecture
while adding resilience against various blockchain-specific failure
modes. The system can now handle concurrent commit operations, recover
from resource constraint violations, and gracefully degrade by stripping
problematic actions while maintaining transaction integrity.
<h3>Important Files Changed</h3>

<details><summary>Changed Files</summary>

| Filename | Score | Overview |
|----------|-------|----------|
| `Cargo.toml` | 5/5 | Adds `solana-transaction-error` dependency for
enhanced transaction error handling |
| `magicblock-rpc-client/Cargo.toml` | 5/5 | Adds
`solana-transaction-error` dependency to support TransactionResult type
|
| `test-integration/test-committor-service/Cargo.toml` | 4/5 | Adds
futures crate for async testing of new error handling scenarios |
| `magicblock-committor-program/bin/magicblock_committor_program.so` |
3/5 | Updated compiled binary reflecting source code changes for error
handling |
| `test-integration/test-committor-service/tests/common.rs` | 4/5 |
Refactors test infrastructure with new transaction preparator naming and
flexible keypair setup |
|
`test-integration/programs/flexi-counter/src/processor/call_handler.rs`
| 4/5 | Improves memory management and error handling in counter state
updates |
| `magicblock-rpc-client/src/lib.rs` | 4/5 | Refactors transaction
status polling into separate methods and adds error handling utilities |
| `test-integration/programs/flexi-counter/src/lib.rs` | 5/5 | Makes
args module public for external access to action data structures |
|
`magicblock-committor-service/src/intent_executor/task_info_fetcher.rs`
| 4/5 | Adds reset functionality for cache invalidation during
CommitIdError recovery |
| `magicblock-committor-service/src/tasks/task_visitors/mod.rs` | 5/5 |
Adds utility visitor module for commit metadata extraction |
| `magicblock-committor-service/src/tasks/task_strategist.rs` | 4/5 |
Adds ALT recalculation method and refactors task construction for error
recovery |
| `test-integration/test-committor-service/tests/utils/transactions.rs`
| 3/5 | Adds test utilities for account setup with retry logic and error
handling |
|
`test-integration/test-committor-service/tests/test_intent_executor.rs`
| 4/5 | Comprehensive integration tests for all three error types and
recovery mechanisms |
|
`test-integration/test-committor-service/tests/test_ix_commit_local.rs`
| 5/5 | Refactors to use centralized utility functions from utils
modules |
|
`magicblock-committor-service/src/intent_executor/intent_executor_factory.rs`
| 5/5 | Simple renaming from TransactionPreparatorV1 to
TransactionPreparatorImpl |
|
`magicblock-committor-service/src/tasks/task_visitors/utility_visitor.rs`
| 4/5 | New visitor for extracting commit metadata with asymmetric task
handling |
| `magicblock-committor-service/src/tasks/mod.rs` | 4/5 | Major
refactoring to modular task system with preparation state management |
| `magicblock-committor-service/src/tasks/args_task.rs` | 4/5 | New
ArgsTask implementation with optimization and reset capabilities |
| `magicblock-committor-service/src/tasks/visitor.rs` | 5/5 | Updates
import statements to use direct module paths |
|
`test-integration/test-committor-service/tests/test_delivery_preparator.rs`
| 4/5 | Updates tests for new task wrapper types and preparation state
management |
| `test-integration/test-committor-service/tests/utils/mod.rs` | 4/5 |
Adds thread-safe validator authority initialization function |
|
`magicblock-committor-service/src/tasks/task_visitors/persistor_visitor.rs`
| 5/5 | Updates visitor pattern to handle restructured task types |
|
`magicblock-committor-service/src/intent_executor/two_stage_executor.rs`
| 1/5 | Implements two-stage execution with critical parameter naming
typo |
| `magicblock-committor-service/src/tasks/buffer_task.rs` | 4/5 | New
buffer-based task strategy with preparation state and commit ID reset |
|
`test-integration/test-committor-service/tests/test_transaction_preparator.rs`
| 4/5 | Updates task creation API and adds preparation state
verification |
|
`magicblock-committor-service/src/intent_executor/single_stage_executor.rs`
| 4/5 | Implements single-stage execution with retry logic and error
recovery |
| `magicblock-committor-service/src/intent_executor/mod.rs` | 3/5 |
Complex error handling implementation with potential recursion and edge
case issues |
| `magicblock-committor-service/src/tasks/task_builder.rs` | 4/5 |
Refactors task builder to use new ArgsTask wrapper structure |
|
`magicblock-committor-service/src/transaction_preparator/delivery_preparator.rs`
| 4/5 | Enhanced preparation with lifecycle management and comprehensive
cleanup |
| `magicblock-committor-service/src/transaction_preparator/mod.rs` | 4/5
| Adds cleanup method and refactors preparator interface for error
handling |
| `magicblock-committor-service/src/intent_executor/error.rs` | 4/5 |
Comprehensive error classification system with complex transaction error
mapping |

</details>
<h3>Confidence score: 3/5</h3>

- This PR introduces significant complexity with sophisticated error
handling but has potential critical issues that need addressing
- Score reflects concerns about compilation errors, complex error
mapping logic, and potential infinite recursion risks noted in code
comments
- Pay close attention to
`magicblock-committor-service/src/intent_executor/two_stage_executor.rs`
which contains critical parameter naming typos that will prevent
compilation

<h3>Sequence Diagram</h3>

```mermaid
sequenceDiagram
    participant User
    participant IntentExecutor
    participant TaskBuilder
    participant TaskStrategist
    participant TransactionPreparator
    participant DeliveryPreparator
    participant TaskInfoFetcher
    participant RpcClient

    User->>IntentExecutor: execute(base_intent, persister)
    IntentExecutor->>TaskBuilder: commit_tasks(task_info_fetcher, base_intent, persister)
    TaskBuilder->>TaskInfoFetcher: fetch_next_commit_ids(pubkeys)
    TaskInfoFetcher->>RpcClient: get_multiple_accounts(pda_accounts)
    RpcClient-->>TaskInfoFetcher: accounts_data
    TaskInfoFetcher-->>TaskBuilder: commit_ids
    TaskBuilder-->>IntentExecutor: commit_tasks
    
    IntentExecutor->>TaskBuilder: finalize_tasks(task_info_fetcher, base_intent)
    TaskBuilder->>TaskInfoFetcher: fetch_rent_reimbursements(pubkeys)
    TaskInfoFetcher->>RpcClient: get_multiple_accounts(pda_accounts)
    RpcClient-->>TaskInfoFetcher: accounts_data
    TaskInfoFetcher-->>TaskBuilder: rent_reimbursements
    TaskBuilder-->>IntentExecutor: finalize_tasks
    
    IntentExecutor->>TaskStrategist: build_strategy(tasks, authority, persister)
    TaskStrategist-->>IntentExecutor: transaction_strategy
    
    alt Single Stage Flow
        IntentExecutor->>IntentExecutor: single_stage_execution_flow(base_intent, strategy, junk, persister)
        loop Retry with error recovery
            IntentExecutor->>TransactionPreparator: prepare_for_strategy(authority, strategy, persister)
            TransactionPreparator->>DeliveryPreparator: prepare_for_delivery(authority, strategy, persister)
            DeliveryPreparator->>RpcClient: send preparation transactions
            RpcClient-->>DeliveryPreparator: signatures
            DeliveryPreparator-->>TransactionPreparator: lookup_tables
            TransactionPreparator-->>IntentExecutor: prepared_message
            
            IntentExecutor->>RpcClient: send_prepared_message(prepared_message)
            RpcClient-->>IntentExecutor: transaction_result
            
            alt Error occurs
                IntentExecutor->>IntentExecutor: patch_strategy(error, strategy, base_intent)
                alt CommitIDError
                    IntentExecutor->>TaskInfoFetcher: reset(ResetType::Specific)
                    IntentExecutor->>TaskInfoFetcher: fetch_next_commit_ids(pubkeys)
                    TaskInfoFetcher-->>IntentExecutor: updated_commit_ids
                    IntentExecutor->>IntentExecutor: reset_commit_id(tasks)
                end
                alt ActionsError
                    IntentExecutor->>IntentExecutor: handle_actions_error(strategy)
                end
                alt CpiLimitError
                    IntentExecutor->>IntentExecutor: switch to two stage execution
                end
            end
        end
    else Two Stage Flow
        IntentExecutor->>IntentExecutor: two_stage_execution_flow(pubkeys, commit_strategy, finalize_strategy, junk, persister)
        Note over IntentExecutor: Similar pattern for commit and finalize stages
    end
    
    IntentExecutor->>DeliveryPreparator: cleanup(authority, tasks, lookup_table_keys)
    DeliveryPreparator->>RpcClient: send cleanup transactions
    RpcClient-->>DeliveryPreparator: cleanup_result
    
    IntentExecutor-->>User: ExecutionOutput
```

<!-- greptile_other_comments_section -->

<!-- /greptile_comment -->

<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->

## Summary by CodeRabbit

- New Features
- Introduced single-stage and two-stage intent execution with automatic
fallback and parallel cleanup.
- Enhanced error handling with clearer categories (commit ID, actions,
CPI limit) and recovery paths.
- Added task preparation/cleanup workflow with new task types for
argument-based and buffer-based execution.
  - Improved RPC status waiting and transaction outcome helpers.

- Refactor
- Replaced legacy builders/preparators with updated implementations
across the execution pipeline.

- Documentation
- Converted and clarified inline comments to Rustdoc in task info
fetcher.

- Tests
- Added comprehensive integration tests covering error parsing, recovery
flows, and cleanup behaviors.

<!-- end of auto-generated comment: release notes by coderabbit.ai -->

---------

Co-authored-by: Thorsten Lorenz <[email protected]>
Co-authored-by: Dodecahedr0x <[email protected]>
Co-authored-by: Arthur Bretas <[email protected]>
Co-authored-by: Dodecahedr0x <[email protected]>
Co-authored-by: Gabriele Picco <[email protected]>

Author: 5 people

Cargo.lock

@@ -198,6 +198,7 @@ solana-svm-transaction = { version = "2.2" }
 solana-system-program = { version = "2.2" }
 solana-timings = "2.2"
 solana-transaction-status = { version = "2.2" }
+solana-transaction-error = "2.2"
 solana-transaction-status-client-types = "2.2"
 spl-token = "=7.0"
 spl-token-2022 = "=6.0"

Cargo.toml

@@ -1,9 +1,15 @@
+use log::error;
 use magicblock_rpc_client::MagicBlockRpcClientError;
-use solana_sdk::signature::{Signature, SignerError};
+use solana_sdk::{
+    instruction::InstructionError,
+    signature::{Signature, SignerError},
+    transaction::TransactionError,
+};
 
 use crate::{
     tasks::{
         task_builder::TaskBuilderError, task_strategist::TaskStrategistError,
+        BaseTask, TaskType,
     },
     transaction_preparator::error::TransactionPreparatorError,
 };
@@ -16,10 +22,25 @@ pub enum InternalError {
     MagicBlockRpcClientError(#[from] MagicBlockRpcClientError),
 }
 
+impl InternalError {
+    pub fn signature(&self) -> Option<Signature> {
+        match self {
+            Self::SignerError(_) => None,
+            Self::MagicBlockRpcClientError(err) => err.signature(),
+        }
+    }
+}
+
 #[derive(thiserror::Error, Debug)]
 pub enum IntentExecutorError {
     #[error("EmptyIntentError")]
     EmptyIntentError,
+    #[error("User supplied actions are ill-formed: {0}")]
+    ActionsError(#[source] TransactionError),
+    #[error("Accounts committed with an invalid Commit id: {0}")]
+    CommitIDError(#[source] TransactionError),
+    #[error("Max instruction trace length exceeded: {0}")]
+    CpiLimitError(#[source] TransactionError),
     #[error("Failed to fit in single TX")]
     FailedToFitError,
     #[error("SignerError: {0}")]
@@ -46,6 +67,117 @@ pub enum IntentExecutorError {
     FailedFinalizePreparationError(#[source] TransactionPreparatorError),
 }
 
+impl IntentExecutorError {
+    pub fn is_cpi_limit_error(&self) -> bool {
+        matches!(self, IntentExecutorError::CpiLimitError(_))
+    }
+
+    pub fn from_strategy_execution_error<F>(
+        error: TransactionStrategyExecutionError,
+        converter: F,
+    ) -> IntentExecutorError
+    where
+        F: FnOnce(InternalError) -> IntentExecutorError,
+    {
+        match error {
+            TransactionStrategyExecutionError::ActionsError(err) => {
+                IntentExecutorError::ActionsError(err)
+            }
+            TransactionStrategyExecutionError::CpiLimitError(err) => {
+                IntentExecutorError::CpiLimitError(err)
+            }
+            TransactionStrategyExecutionError::CommitIDError(err) => {
+                IntentExecutorError::CommitIDError(err)
+            }
+            TransactionStrategyExecutionError::InternalError(err) => {
+                converter(err)
+            }
+        }
+    }
+}
+
+/// Those are the errors that may occur during Commit/Finalize stages on Base layer
+#[derive(thiserror::Error, Debug)]
+pub enum TransactionStrategyExecutionError {
+    #[error("User supplied actions are ill-formed: {0}")]
+    ActionsError(#[source] TransactionError),
+    #[error("Accounts committed with an invalid Commit id: {0}")]
+    CommitIDError(#[source] TransactionError),
+    #[error("Max instruction trace length exceeded: {0}")]
+    CpiLimitError(#[source] TransactionError),
+    #[error("InternalError: {0}")]
+    InternalError(#[from] InternalError),
+}
+
+impl TransactionStrategyExecutionError {
+    /// Convert [`TransactionError`] into known errors that can be handled
+    /// [`TransactionStrategyExecutionError`]
+    pub fn from_transaction_error(
+        err: TransactionError,
+        tasks: &[Box<dyn BaseTask>],
+        map: impl FnOnce(TransactionError) -> MagicBlockRpcClientError,
+    ) -> Self {
+        // There's always 2 budget instructions in front
+        const OFFSET: u8 = 2;
+        const OUTDATED_SLOT: u32 = dlp::error::DlpError::OutdatedSlot as u32;
+
+        match err {
+            // Filter CommitIdError by custom error code
+            transaction_err @ TransactionError::InstructionError(
+                _,
+                InstructionError::Custom(OUTDATED_SLOT),
+            ) => TransactionStrategyExecutionError::CommitIDError(
+                transaction_err,
+            ),
+            // Some tx may use too much CPIs and we can handle it in certain cases
+            transaction_err @ TransactionError::InstructionError(
+                _,
+                InstructionError::MaxInstructionTraceLengthExceeded,
+            ) => TransactionStrategyExecutionError::CpiLimitError(
+                transaction_err,
+            ),
+            // Filter ActionError, we can attempt recovery by stripping away actions
+            transaction_err @ TransactionError::InstructionError(index, _) => {
+                let Some(action_index) = index.checked_sub(OFFSET) else {
+                    return TransactionStrategyExecutionError::InternalError(
+                        InternalError::MagicBlockRpcClientError(map(
+                            transaction_err,
+                        )),
+                    );
+                };
+
+                // If index corresponds to an Action -> ActionsError; otherwise -> InternalError.
+                if matches!(
+                    tasks
+                        .get(action_index as usize)
+                        .map(|task| task.task_type()),
+                    Some(TaskType::Action)
+                ) {
+                    TransactionStrategyExecutionError::ActionsError(
+                        transaction_err,
+                    )
+                } else {
+                    TransactionStrategyExecutionError::InternalError(
+                        InternalError::MagicBlockRpcClientError(map(
+                            transaction_err,
+                        )),
+                    )
+                }
+            }
+            // This means transaction failed to other reasons that we don't handle - propagate
+            err => {
+                error!(
+                    "Message execution failed and we can not handle it: {}",
+                    err
+                );
+                TransactionStrategyExecutionError::InternalError(
+                    InternalError::MagicBlockRpcClientError(map(err)),
+                )
+            }
+        }
+    }
+}
+
 impl From<TaskStrategistError> for IntentExecutorError {
     fn from(value: TaskStrategistError) -> Self {
         match value {

magicblock-committor-program/bin/magicblock_committor_program.so

@@ -8,7 +8,7 @@ use crate::{
         task_info_fetcher::CacheTaskInfoFetcher, IntentExecutor,
         IntentExecutorImpl,
     },
-    transaction_preparator::TransactionPreparatorV1,
+    transaction_preparator::TransactionPreparatorImpl,
     ComputeBudgetConfig,
 };
 
@@ -28,15 +28,15 @@ pub struct IntentExecutorFactoryImpl {
 
 impl IntentExecutorFactory for IntentExecutorFactoryImpl {
     type Executor =
-        IntentExecutorImpl<TransactionPreparatorV1, CacheTaskInfoFetcher>;
+        IntentExecutorImpl<TransactionPreparatorImpl, CacheTaskInfoFetcher>;
 
     fn create_instance(&self) -> Self::Executor {
-        let transaction_preparator = TransactionPreparatorV1::new(
+        let transaction_preparator = TransactionPreparatorImpl::new(
             self.rpc_client.clone(),
             self.table_mania.clone(),
             self.compute_budget_config.clone(),
         );
-        IntentExecutorImpl::<TransactionPreparatorV1, CacheTaskInfoFetcher>::new(
+        IntentExecutorImpl::<TransactionPreparatorImpl, CacheTaskInfoFetcher>::new(
             self.rpc_client.clone(),
             transaction_preparator,
             self.commit_id_tracker.clone(),