feat: Add ScheduleCommitDiffAndUndelegate to efficiently commit changes in delegated accounts
#575
Conversation
This stack of pull requests is managed by Graphite. Learn more about stacking. |
|
Important Review skippedDraft detected. Please check the settings in the CodeRabbit UI or the You can disable this status message by setting the WalkthroughReplaces git-sourced dependencies with local path dependencies; adds commit_diff support propagated through scheduling, sent commits, committor tasks, and instructions; introduces order-book data structures and CPI paths; updates test infrastructure, contexts, and several integration tests. Changes
Sequence Diagram(s)sequenceDiagram
participant Client
participant Magicblock as Magicblock Program
participant Committor as Committor Service
Client->>Magicblock: ScheduleCommitDiffAndUndelegate (request_diff=true)
activate Magicblock
Magicblock->>Magicblock: process_schedule_commit(opts.request_diff=true)
Magicblock->>Magicblock: choose CommitType = StandaloneDiff(committed_accounts)
Magicblock->>Magicblock: build ScheduledBaseIntent (commit_diff = true)
Magicblock->>Magicblock: create SentCommit(commit_diff = true)
deactivate Magicblock
Magicblock-->>Client: ack scheduled
Client->>Committor: pick up scheduled commit
activate Committor
Committor->>Committor: match ArgsTaskType
alt commit_diff == true
Committor->>Committor: compute_diff() via RPC -> Build CommitDiffArgs -> emit commit_diff instruction
else
Committor->>Committor: build CommitStateArgs -> emit commit_state instruction
end
deactivate Committor
Committor-->>Client: commit processed
Estimated code review effort🎯 4 (Complex) | ⏱️ ~45 minutes Areas requiring extra attention:
Possibly related PRs
Suggested reviewers
Pre-merge checks and finishing touches❌ Failed checks (1 warning)
✅ Passed checks (2 passed)
Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out. Comment |
snawaz
force-pushed
the
snawaz/commit-diff
branch
6 times, most recently
from
249b1aa to
2f0555f
Compare
snawaz
force-pushed
the
snawaz/commit-diff
branch
2 times, most recently
from
0151da0 to
5c25e73
Compare
snawaz
changed the title
MagicBlockInstruction::ScheduleCommitDiffAndUndelegate to efficiently commit changes in delegated accounts
snawaz
changed the title
MagicBlockInstruction::ScheduleCommitDiffAndUndelegate to efficiently commit changes in delegated accountsScheduleCommitDiffAndUndelegate to efficiently commit changes in delegated accounts
snawaz
force-pushed
the
snawaz/commit-diff
branch
2 times, most recently
from
2ae750b to
725f72c
Compare
Manual Deploy AvailableYou can trigger a manual deploy of this PR branch to testnet: Alternative: Comment
Comment updated automatically when the PR is synchronized. |
snawaz
force-pushed
the
snawaz/commit-diff
branch
from
725f72c to
e5c5e15
Compare
snawaz
changed the title
ScheduleCommitDiffAndUndelegate to efficiently commit changes in delegated accountsScheduleCommitDiffAndUndelegate to efficiently commit changes in delegated accounts
snawaz
changed the title
ScheduleCommitDiffAndUndelegate to efficiently commit changes in delegated accountsScheduleCommitDiffAndUndelegate to efficiently commit changes in delegated accounts
![coderabbitai[bot]](https://avatars.githubusercontent.com/in/347564?s=60&v=4){kind=small}
There was a problem hiding this comment.
Actionable comments posted: 29
Caution
Some comments are outside the diff and can’t be posted inline due to platform limitations.
⚠️ Outside diff range comments (1)
magicblock-committor-service/src/tasks/args_task.rs (1)
229-237: reset_commit_id ignores CommitDiff—update both variants.Commit IDs must update for Commit and CommitDiff.
Apply:
- let ArgsTaskType::Commit(commit_task) = &mut self.task_type else { - log::error!("reset_commit_id"); - return; - }; - - commit_task.commit_id = commit_id; + match &mut self.task_type { + ArgsTaskType::Commit(task) | ArgsTaskType::CommitDiff(task) => { + task.commit_id = commit_id; + } + _ => {} + }
📜 Review details
Configuration used: CodeRabbit UI
Review profile: ASSERTIVE
Plan: Pro
⛔ Files ignored due to path filters (2)
Cargo.lockis excluded by!**/*.locktest-integration/Cargo.lockis excluded by!**/*.lock
📒 Files selected for processing (28)
Cargo.toml(1 hunks)magicblock-accounts/src/scheduled_commits_processor.rs(3 hunks)magicblock-committor-service/src/tasks/args_task.rs(6 hunks)magicblock-committor-service/src/tasks/mod.rs(1 hunks)magicblock-committor-service/src/tasks/task_builder.rs(3 hunks)magicblock-committor-service/src/tasks/task_visitors/persistor_visitor.rs(1 hunks)magicblock-magic-program-api/src/instruction.rs(1 hunks)magicblock-rpc-client/src/lib.rs(1 hunks)programs/magicblock/src/magic_scheduled_base_intent.rs(7 hunks)programs/magicblock/src/magicblock_processor.rs(4 hunks)programs/magicblock/src/schedule_transactions/process_schedule_commit.rs(2 hunks)programs/magicblock/src/schedule_transactions/process_scheduled_commit_sent.rs(5 hunks)test-integration/Cargo.toml(2 hunks)test-integration/programs/schedulecommit-security/src/lib.rs(2 hunks)test-integration/programs/schedulecommit/src/api.rs(5 hunks)test-integration/programs/schedulecommit/src/lib.rs(9 hunks)test-integration/programs/schedulecommit/src/order_book.rs(1 hunks)test-integration/programs/schedulecommit/src/utils/mod.rs(3 hunks)test-integration/schedulecommit/client/src/schedule_commit_context.rs(6 hunks)test-integration/schedulecommit/client/src/verify.rs(2 hunks)test-integration/schedulecommit/test-scenarios/Cargo.toml(1 hunks)test-integration/schedulecommit/test-scenarios/tests/01_commits.rs(2 hunks)test-integration/schedulecommit/test-scenarios/tests/02_commit_and_undelegate.rs(4 hunks)test-integration/schedulecommit/test-scenarios/tests/03_commits_fee_payer.rs(1 hunks)test-integration/schedulecommit/test-scenarios/tests/utils/mod.rs(1 hunks)test-integration/test-ledger-restore/tests/08_commit_update.rs(2 hunks)test-integration/test-tools/src/integration_test_context.rs(2 hunks)test-integration/test-tools/src/scheduled_commits.rs(3 hunks)
🧰 Additional context used
🧠 Learnings (1)
📚 Learning: 2025-10-26T08:49:31.543Z
Learnt from: taco-paco
PR: magicblock-labs/magicblock-validator#585
File: magicblock-committor-service/src/tasks/buffer_task.rs:111-115
Timestamp: 2025-10-26T08:49:31.543Z
Learning: In the magicblock-committor-service, compute units returned by the `compute_units()` method in task implementations (such as `BufferTask`, `ArgsTask`, etc.) represent the compute budget for a single task. Transactions can comprise multiple tasks, and the total compute budget for a transaction is computed as the sum of the compute units of all tasks included in that transaction.
Applied to files:
magicblock-committor-service/src/tasks/args_task.rs
🧬 Code graph analysis (15)
test-integration/test-ledger-restore/tests/08_commit_update.rs (1)
test-integration/test-ledger-restore/src/lib.rs (1)
setup_validator_with_local_remote(97-119)
test-integration/schedulecommit/test-scenarios/tests/03_commits_fee_payer.rs (3)
test-integration/programs/schedulecommit/src/api.rs (1)
schedule_commit_with_payer_cpi_instruction(214-232)test-integration/schedulecommit/test-scenarios/tests/utils/mod.rs (3)
assert_two_committees_were_committed(68-91)get_context_with_delegated_committees(16-35)assert_feepayer_was_committed(94-113)test-integration/schedulecommit/client/src/verify.rs (1)
fetch_and_verify_commit_result_from_logs(7-14)
test-integration/programs/schedulecommit-security/src/lib.rs (1)
test-integration/schedulecommit/test-security/tests/01_invocations.rs (1)
create_schedule_commit_ix(41-66)
magicblock-committor-service/src/tasks/args_task.rs (4)
magicblock-committor-service/src/tasks/mod.rs (2)
instruction(66-66)instruction(249-255)magicblock-committor-service/src/tasks/buffer_task.rs (2)
instruction(65-86)new(37-45)magicblock-committor-service/src/config.rs (1)
local(29-35)magicblock-accounts/src/scheduled_commits_processor.rs (2)
new(66-90)new(420-436)
programs/magicblock/src/magicblock_processor.rs (3)
magicblock-committor-service/src/tasks/args_task.rs (1)
instruction(58-160)programs/magicblock/src/schedule_transactions/process_schedule_commit.rs (1)
process_schedule_commit(34-259)magicblock-committor-program/src/state/changeset.rs (1)
request_undelegation(230-232)
test-integration/schedulecommit/test-scenarios/tests/02_commit_and_undelegate.rs (4)
test-integration/programs/schedulecommit/src/api.rs (4)
schedule_commit_and_undelegate_cpi_instruction(234-252)schedule_commit_and_undelegate_cpi_with_mod_after_instruction(287-311)schedule_commit_diff_instruction_for_order_book(193-212)update_order_book_instruction(175-191)test-integration/schedulecommit/test-scenarios/tests/utils/mod.rs (3)
get_context_with_delegated_committees(16-35)assert_one_committee_was_committed(41-65)assert_one_committee_account_was_undelegated_on_chain(190-196)test-integration/schedulecommit/client/src/schedule_commit_context.rs (3)
committees(205-209)ephem_blockhash(322-324)ephem_client(318-320)test-integration/schedulecommit/client/src/verify.rs (1)
fetch_and_verify_order_book_commit_result_from_logs(16-23)
test-integration/programs/schedulecommit/src/api.rs (2)
test-integration/programs/schedulecommit/src/order_book.rs (1)
new(85-94)test-integration/programs/flexi-counter/src/state.rs (1)
pda(32-35)
test-integration/schedulecommit/client/src/verify.rs (2)
test-integration/test-ledger-restore/tests/08_commit_update.rs (1)
ctx(90-91)test-integration/schedulecommit/test-security/tests/01_invocations.rs (1)
ctx(145-146)
magicblock-committor-service/src/tasks/task_builder.rs (2)
magicblock-accounts/src/scheduled_commits_processor.rs (2)
new(66-90)new(420-436)magicblock-committor-service/src/tasks/args_task.rs (1)
new(49-54)
test-integration/programs/schedulecommit/src/lib.rs (2)
test-integration/programs/schedulecommit/src/utils/mod.rs (3)
assert_is_signer(30-44)assert_keys_equal(16-28)allocate_account_and_assign_owner(58-106)test-integration/programs/schedulecommit/src/order_book.rs (1)
new(85-94)
programs/magicblock/src/schedule_transactions/process_schedule_commit.rs (2)
magicblock-committor-service/src/tasks/task_builder.rs (1)
committed_accounts(153-156)test-integration/test-committor-service/tests/test_ix_commit_local.rs (1)
base_intent(544-549)
test-integration/schedulecommit/client/src/schedule_commit_context.rs (1)
test-integration/programs/schedulecommit/src/api.rs (3)
init_order_book_instruction(36-54)init_payer_escrow(77-98)init_account_instruction(16-34)
programs/magicblock/src/magic_scheduled_base_intent.rs (1)
magicblock-committor-service/src/tasks/task_builder.rs (1)
committed_accounts(153-156)
test-integration/schedulecommit/test-scenarios/tests/utils/mod.rs (3)
test-integration/test-ledger-restore/tests/08_commit_update.rs (1)
ctx(90-91)test-integration/schedulecommit/test-security/tests/01_invocations.rs (1)
ctx(145-146)test-integration/schedulecommit/client/src/schedule_commit_context.rs (3)
try_new(72-74)ncommittees(102-121)try_new_random_keys(66-71)
test-integration/schedulecommit/test-scenarios/tests/01_commits.rs (1)
test-integration/schedulecommit/test-scenarios/tests/utils/mod.rs (1)
get_context_with_delegated_committees(16-35)
⏰ Context from checks skipped due to timeout of 90000ms. You can increase the timeout in your CodeRabbit configuration to a maximum of 15 minutes (900000ms). (4)
- GitHub Check: run_make_ci_format
- GitHub Check: run_make_ci_test
- GitHub Check: run_make_ci_lint
- GitHub Check: run_make_ci_test
🔇 Additional comments (34)
test-integration/test-ledger-restore/tests/08_commit_update.rs (1)
55-55: LGTM! Correctly updated to match new function signature.Both call sites properly destructure the new 3-tuple return value. The
_tmpdirbinding is necessary to keep theTempDiralive throughout the function scope, preventing premature cleanup of the temporary directory while the validator is still using it.Also applies to: 170-170
test-integration/programs/schedulecommit/src/utils/mod.rs (2)
53-53: LGTM: Type alignment with Solana API.Changing
sizetou64aligns with Solana'ssystem_instruction::allocateAPI, which expects au64parameter. This improves type consistency and eliminates the need for type conversions downstream.
70-90: LGTM: Clean implementation with helpful debugging.The changes correctly handle the type conversion:
- Line 71: The cast to
usizeis necessary forRent::minimum_balanceand is safe given Solana's practical account size limits.- Lines 75-80: The debug log provides useful visibility into lamport requirements during account allocation.
- Line 90: Passing
sizedirectly asu64tosystem_instruction::allocateis cleaner and aligns with the API signature.test-integration/programs/schedulecommit-security/src/lib.rs (2)
2-2: LGTM: Import addition is correct.The
CommitPolicyimport is necessary for the API change on line 149.
143-150: No action required—the two CPI paths use intentionally different APIs.The review comment's concern about consistency is based on a false premise. The code uses two fundamentally different functions from different modules:
- Path 1 (
schedule_commit_cpi_instruction): A local program API wrapper with a fixed, simplified interface- Path 2 (
create_schedule_commit_ix): An external SDK function with extended configuration options includingCommitPolicyThese are not parallel implementations requiring symmetry. The
schedule_commit_cpi_instructionfunction does not supportCommitPolicyby design—it wraps commit scheduling with hardcoded policy defaults. AddingCommitPolicy::UseFullBytestocreate_schedule_commit_ixis the correct change and requires no corresponding update toschedule_commit_cpi_instruction.Likely an incorrect or invalid review comment.
test-integration/test-tools/src/integration_test_context.rs (1)
167-171: Transaction version configuration is correct and environment-aware.The conditional logic properly handles two distinct RPC endpoints:
- Chain (Solana devnet):
max_supported_transaction_version: Some(0)with 50 retries to handle devnet's known quirk of sometimes returning version responses instead of transaction metadata (noted at line 160-161).- Ephemeral (local validator):
Noneto use default behavior on a controlled, local environment without such quirks.Git history confirms this change is part of the current PR (commit 4c75d78). The code is correctly differentiated for each environment. No changes needed.
test-integration/test-tools/src/scheduled_commits.rs (1)
182-213: LGTM! Clear hierarchical naming for log variables.The renaming from
ephem_logs/chain_logstoephem_logs_l1/ephem_logs_l2improves clarity by establishing a consistent naming convention that reflects the two-level log retrieval hierarchy.magicblock-committor-service/src/tasks/task_visitors/persistor_visitor.rs (1)
29-33: LGTM: CommitDiff included in strategy persistence.Cleanly broadens Commit to CommitDiff without changing strategy semantics.
programs/magicblock/src/schedule_transactions/process_schedule_commit.rs (2)
224-230: Diff-aware commit routing is correct; keep logs concise.Choosing StandaloneDiff when request_diff is true is right. Consider demoting the "StandaloneDiff" ic_msg to debug in production builds to reduce log noise.
Also applies to: 233-238
29-32: All call sites properly initialize request_diff—no corrections needed.Verification confirms that every
process_schedule_commit()invocation explicitly sets bothrequest_undelegationandrequest_difffields. All three instruction paths (ScheduleCommit,ScheduleCommitAndUndelegate,ScheduleCommitDiffAndUndelegate) pass values forrequest_diff, withScheduleCommitDiffAndUndelegatecorrectly setting it totrueto trigger theCommitType::StandaloneDiffpath. No uninitialized defaults are used, and no silent routing to full-state commits can occur.programs/magicblock/src/schedule_transactions/process_scheduled_commit_sent.rs (1)
29-30: LGTM: commit_diff added end-to-end with safe logging.Field is carried into printable form and logged only as a flag. Tests initialize the new field.
Also applies to: 44-45, 71-73, 215-217, 254-255
magicblock-committor-service/src/tasks/args_task.rs (1)
197-205: Calibrate compute units for CommitDiff based on diff size.Fixed 65_000 may be inaccurate. Once diff is precomputed, scale CU by diff length/segments or add headroom to avoid CU errors.
Based on learnings
programs/magicblock/src/magicblock_processor.rs (3)
2-2: LGTM: import added is correct.
51-54: ScheduleCommit: explicit request_diff=false is correct.
90-99: New ScheduleCommitDiffAndUndelegate path correctly flips request_diff=true.magicblock-committor-service/src/tasks/task_builder.rs (1)
96-105: Per-account Commit vs CommitDiff task selection is correct.programs/magicblock/src/magic_scheduled_base_intent.rs (6)
104-107: ScheduledBaseIntent::is_commit_diff added — OK.
155-164: MagicBaseIntent::is_commit_diff added — OK.
448-454: CommitType::is_commit_diff implementation — OK.
456-463: Getters updated for StandaloneDiff — OK.Also applies to: 465-473
475-487: is_empty handles StandaloneDiff — OK.
317-323: StandaloneDiff variant already exists and is actively used in the codebase.The review's concern assumes
StandaloneDiffis a new addition that will shift bincode discriminants. However, the variant is already present inprocess_schedule_commit.rs(lines 225–226), indicating it exists before this PR or is not new.If
StandaloneDiffwas already committed to the codebase:
- The bincode discriminant shift already happened (or never was a concern).
- The review comment's warning is outdated or misguided.
If the snippet shows the final state (post-changes) and
StandaloneDiffwas genuinely added in this PR:
- Verify the diff shows it was inserted between existing variants (which would shift discriminants).
- If it was appended after existing variants, discriminants remain stable and no migration is needed.
Critical finding: No backwards compatibility tests, no versioning code, and no serde external tagging exist. If persisted state truly exists and the variant order changed, this is a risk. However, the evidence suggests
StandaloneDiffis not new.Action for developer: Confirm in the PR diff that you are not reordering existing enum variants. If appending new variants after existing ones, bincode compatibility is safe. If inserting between existing variants, migration is required.
test-integration/schedulecommit/test-scenarios/Cargo.toml (1)
19-20: LGTM!The addition of
randandborshas workspace dev-dependencies appropriately supports the new order-book test scenarios introduced in this PR.test-integration/schedulecommit/test-scenarios/tests/01_commits.rs (1)
30-31: LGTM!The addition of deterministic seed
b"magic_schedule_commit"improves test reproducibility by ensuring consistent PDA derivation across test runs.test-integration/schedulecommit/test-scenarios/tests/utils/mod.rs (2)
16-35: LGTM!The seed parameter enables deterministic test context initialization, and explicitly driving the
init_committeesanddelegate_committeesworkflow steps with debug logging improves test clarity and observability.
41-47: LGTM!Making
assert_one_committee_was_committedgeneric over typeTwith appropriate trait bounds enables reuse across different account types (MainAccount, OrderBookOwned, etc.) while maintaining type safety.test-integration/schedulecommit/test-scenarios/tests/03_commits_fee_payer.rs (2)
23-80: LGTM!The test properly validates that attempting to commit a fee payer without escrowing lamports fails with the expected "DoesNotHaveEscrowAccount" error. The test structure and assertions are appropriate.
83-135: LGTM!The test correctly validates the happy path where fee payer commits succeed when lamports are properly escrowed. The verification flow and assertions comprehensively check that both committees and the fee payer were committed and synchronized.
test-integration/schedulecommit/test-scenarios/tests/02_commit_and_undelegate.rs (3)
55-56: LGTM!The addition of deterministic seed
b"magic_schedule_commit"ensures reproducible test behavior across runs.
110-164: LGTM!The
commit_and_undelegate_order_book_accounthelper follows the established pattern of other commit helpers in this file, properly constructing the update and schedule-commit-diff instructions sequence.
244-312: Excellent reproducibility design for randomized testing.The test demonstrates best practices for randomized testing:
- Prints the RNG seed for reproducibility
- Includes the seed in assertion failure messages
- Uses seeded RNG (StdRng) for deterministic behavior given a seed
This allows failures to be reproduced by rerunning with the printed seed value.
One optional enhancement: consider adding a way to override the seed via environment variable for easier failure reproduction:
let rng_seed = std::env::var("TEST_RNG_SEED") .ok() .and_then(|s| s.parse::<u64>().ok()) .unwrap_or_else(|| OsRng.next_u64());test-integration/programs/schedulecommit/src/lib.rs (1)
561-571: Use commit_diff for undelegate path; this looks correct.The diff-based commit is invoked when
undelegateis true; good alignment with the new optimization.Please confirm tests cover both diff and full-commit paths (with/without
undelegate).test-integration/programs/schedulecommit/src/order_book.rs (1)
101-116: Bounds/capacity logic is good; but relies on header being valid.Once header init is fixed in
process_init_order_book, these helpers are fine for basic growth semantics.Ensure tests cover:
- Non-zero existing asks/bids followed by additional inserts (to exercise prefix/suffix behavior).
- Capacity exhaustion returning
None.Also applies to: 118-138, 163-184
test-integration/schedulecommit/client/src/schedule_commit_context.rs (1)
260-267: Seed semantics are correct and consistently applied across the codebase.The verification shows that
delegate_account_cpi_instruction()explicitly branches on two supported canonical seeds:
b"magic_schedule_commit"→ScheduleCommitInstruction::DelegateCpib"order_book"→ScheduleCommitInstruction::DelegateOrderBookAll test utilities and callers supply only these supported seeds. The
delegate_committees()function at lines 260-267 correctly passes&self.user_seed, and all constructors receive only canonical seeds from test callers. PDA derivation and instruction creation use consistent seed semantics.
test-integration/schedulecommit/client/src/schedule_commit_context.rs
Outdated
Show resolved
Hide resolved
snawaz
force-pushed
the
snawaz/commit-diff
branch
2 times, most recently
from
9c44347 to
693af7f
Compare
There was a problem hiding this comment.
Actionable comments posted: 9
♻️ Duplicate comments (22)
magicblock-rpc-client/src/lib.rs (1)
430-430: Redundant error prefix persists in log message.The
error!macro already includes ERROR level in its output. The explicit"> ERROR:"prefix creates redundancy and reduces log readability.Apply this diff to remove the redundant prefix:
- error!("> ERROR: {:?}", err); + error!("{:?}", err);Or add context instead:
- error!("> ERROR: {:?}", err); + error!("Transaction processed status failed: {:?}", err);test-integration/test-tools/src/scheduled_commits.rs (2)
198-210: Verbose debug output concern still applies.The past review comment regarding verbose debug output from
println!with{:#?}formatting remains applicable to these new debug statements. Consider making the debug output conditional or using a more compact format.
233-235: Unnecessary clone() on Copy type.The past review comment regarding the redundant
.clone()call onSignature(which implementsCopy) remains applicable. Use*siginstead ofsig.clone().test-integration/test-tools/src/integration_test_context.rs (1)
157-158: Format the panic message withlabel.The panic still prints the literal
rpc_client for [{}] does not exist, so the label never appears when this trips. Please injectlabelinto the message.- let rpc_client = - rpc_client.expect("rpc_client for [{}] does not exist"); + let rpc_client = rpc_client.unwrap_or_else(|| { + panic!("rpc_client for [{}] does not exist", label) + });test-integration/schedulecommit/client/src/verify.rs (1)
16-23: Code duplication: consider the generic implementation suggested in the previous review.This function duplicates
fetch_and_verify_commit_result_from_logsexcept for the type parameter. A generic implementation withT: borsh::BorshDeserializewould eliminate this duplication.test-integration/schedulecommit/client/src/schedule_commit_context.rs (2)
115-118: PDA derivation must match program-side seeds.The PDA is derived using an arbitrary
user_seed, which may not match the on-chain program's expected seeds (e.g.,[b"order_book", book_manager]or[b"magic_schedule_commit", player]). This mismatch will cause transaction failures.
170-203: Validate user_seed explicitly to prevent silent misconfiguration.The implicit
elsebranch will execute for anyuser_seedthat isn'tb"magic_schedule_commit", including invalid values. Add explicit validation to fail fast with a clear error when an unsupported seed is provided.test-integration/programs/schedulecommit/src/api.rs (1)
106-109: Derive delegated PDA with canonical seeds to match on-chain expectations.The PDA is derived using an arbitrary
user_seed, but the on-chain program expects fixed seeds like[b"magic_schedule_commit", player]or[b"order_book", book_manager]. This mismatch will cause thedelegated_accountto not match program-side expectations.Cargo.toml (1)
112-112: CI/CD will fail: local path dependency not available.The path
../delegation-programdoes not exist in the repository or CI environments, causing all builds to fail. Either:
- Revert to a git-based dependency (consistent with the learning about using git branch references)
- Make
delegation-programa workspace member at the correct path- Update CI workflows to checkout the dependency
Verify the intended dependency resolution strategy:
#!/bin/bash # Check if the delegation-program path exists if [ -d "../delegation-program" ]; then echo "✓ Path exists locally" ls -la ../delegation-program/ else echo "✗ Path ../delegation-program does not exist" fi # Check for any git submodule configuration echo "" echo "=== Git submodules ===" git submodule status 2>/dev/null || echo "No submodules configured" # Check recent commits for this dependency change echo "" echo "=== Recent changes to delegation-program dependency ===" git log -n 5 --oneline --all -- Cargo.toml | head -10test-integration/Cargo.toml (1)
40-40: Critical: Local path dependencies will break CI builds.This issue has already been flagged in previous review comments. The local paths
../../ephemeral-rollups-sdk/rust/sdkand../../delegation-programdo not exist in the CI environment and will cause build failures.Also applies to: 60-60
test-integration/programs/schedulecommit/src/lib.rs (4)
302-309: Zero the order-book header immediately after allocation.
OrderBook::newreadsbids_len/asks_lenstraight from account data. Leaving those bytes uninitialized means random counts, which makes the next borrow calculate bogus slices and can walk past the buffer. Please clear the header bytes right after allocation (e.g. borrow data, zero the firstsize_of::<OrderBookHeader>()bytes).Apply this diff:
allocate_account_and_assign_owner(AllocateAndAssignAccountArgs { payer_info: payer, account_info: order_book, owner: &crate::ID, signer_seeds: &[b"order_book", book_manager.key.as_ref(), &[bump]], size: 10 * 1024, })?; + { + let mut data = order_book.try_borrow_mut_data()?; + let header_len = core::mem::size_of::<OrderBookHeader>(); + if data.len() < header_len { + return Err(ProgramError::AccountDataTooSmall); + } + for byte in &mut data[..header_len] { + *byte = 0; + } + } + Ok(())
329-334: Fix the PDA assertion message.The diagnostic still prints
payer.key, so a failing check points at the wrong seed. Swap it forbook_manager.keyas previously requested.Apply this diff:
assert_keys_equal(order_book.key, &pda, || { format!( "PDA for the account ('{}') and for book_manager ('{}') is incorrect", - order_book.key, payer.key + order_book.key, book_manager.key ) })?;
398-403: Update the log label.This path is mutating an existing order book, not initializing one. Please change the
msg!to say “Update order book” (or equivalent) so logs stay accurate.
424-451: Use the right error kind and require the payer to sign.When the accounts slice is the wrong length you must emit
ProgramError::NotEnoughAccountKeys;MissingRequiredSignatureis misleading. More importantly, we still never verifypayer.is_signer, so the CPI can run with an unsigned funder. Addassert_is_signer(payer, "payer")?before the CPI.Apply this diff:
let [payer, order_book_account, magic_context, magic_program] = accounts else { - return Err(ProgramError::MissingRequiredSignature); + return Err(ProgramError::NotEnoughAccountKeys); }; + assert_is_signer(payer, "payer")?; + commit_diff_and_undelegate_accounts( payer, vec![order_book_account], magic_context, magic_program,test-integration/programs/schedulecommit/src/order_book.rs (3)
45-55:deserializestill aliases immutable data mutably (UB).
slice::from_raw_parts_mutonbook_bytesforges a&mut [u8]from shared data, violating Rust’s aliasing rules and instantly triggering undefined behaviour. Please replace this with a safe path—e.g. copy into an owned buffer or implement a parser that reads header/levels straight from the immutable slice.
85-93:OrderBook::newassumes alignment that account data does not guarantee.Casting
header_bytes.as_ptr()to*mut OrderBookHeader(and the level pointer to*mut OrderLevel) requires 4/8‑byte alignment, but Solana account data is byte-aligned. The moment you dereference those pointers you trigger UB. Rework this to treat the buffer as raw bytes and read/write fields withfrom_le_bytes/to_le_bytesinstead of typed references.
140-178: Typed slices over account data remain unsafe.
slice::from_raw_parts(_ as *mut OrderLevel, ...)for bids/asks/buffer helpers creates slices ofOrderLevelout of unaligned memory. That’s the same UB called out earlier. Please keep the backing store as[u8], then decode/encode eachOrderLevelby copying 16 bytes into a local array and usingu64::from_le_bytes/u64::to_le_bytes.magicblock-magic-program-api/src/instruction.rs (1)
111-111: Add documentation for ScheduleCommitDiffAndUndelegate.This issue was already identified in a previous review. The variant lacks documentation while all sibling variants include doc comments describing the instruction purpose and account references.
magicblock-committor-service/src/tasks/args_task.rs (3)
75-103: Stop hard-coding the RPC endpoint in CommitDiff.
ChainConfig::local(ComputeBudgetConfig::new(1_000_000))forces every CommitDiff task to dialhttp://localhost:7799with Processed commitment and re-create an RPC client each timeinstruction()is called. In production that URI does not exist, so we immediately fall back tocommit_stateand never ship a diff; plus every call repeats the network fetch we already warned about. Inject the realChainConfig/RpcClientfrom the service (or precompute/cache the diff during task construction) soinstruction()stays pure and uses the configured endpoint. Prior feedback on this remains unresolved.
115-116: Do not log raw diff payloads.Dumping the entire diff at warn level leaks account data and explodes log volume. Log only bounded metadata (e.g., commit_id, pubkey, diff length) instead.
- log::warn!("DIFF computed: {:?}", args.diff); + log::debug!( + "commit_diff computed: commit_id={} pubkey={} len={}", + value.commit_id, + value.committed_account.pubkey, + args.diff.len() + );
171-173: Remove the CommitDiff panic in optimize().
optimize()is part of the normal pipeline; panicking here will abort the worker whenever a CommitDiff task flows through. ReturnErr(self)(mirroring the other variants) so the caller can fall back cleanly.- ArgsTaskType::CommitDiff(_) => { - panic!("ArgsTaskType::CommitDiff not handled") - } + ArgsTaskType::CommitDiff(_) => Err(self),programs/magicblock/src/magicblock_processor.rs (1)
38-38: Avoid logging entire MagicBlockInstruction payloads.
ic_msg!(..., "{:?}", instruction)dumps the full enum—including the diff bytes you just added—on every invocation. That inflates CU cost and spams logs, an issue we already called out earlier. Drop the log or gate it behind a debug-only feature flag so mainnet builds don’t emit the payload.
📜 Review details
Configuration used: CodeRabbit UI
Review profile: ASSERTIVE
Plan: Pro
⛔ Files ignored due to path filters (2)
Cargo.lockis excluded by!**/*.locktest-integration/Cargo.lockis excluded by!**/*.lock
📒 Files selected for processing (28)
Cargo.toml(1 hunks)magicblock-accounts/src/scheduled_commits_processor.rs(3 hunks)magicblock-committor-service/src/tasks/args_task.rs(6 hunks)magicblock-committor-service/src/tasks/mod.rs(1 hunks)magicblock-committor-service/src/tasks/task_builder.rs(3 hunks)magicblock-committor-service/src/tasks/task_visitors/persistor_visitor.rs(1 hunks)magicblock-magic-program-api/src/instruction.rs(1 hunks)magicblock-rpc-client/src/lib.rs(1 hunks)programs/magicblock/src/magic_scheduled_base_intent.rs(7 hunks)programs/magicblock/src/magicblock_processor.rs(4 hunks)programs/magicblock/src/schedule_transactions/process_schedule_commit.rs(2 hunks)programs/magicblock/src/schedule_transactions/process_scheduled_commit_sent.rs(5 hunks)test-integration/Cargo.toml(2 hunks)test-integration/programs/schedulecommit-security/src/lib.rs(2 hunks)test-integration/programs/schedulecommit/src/api.rs(5 hunks)test-integration/programs/schedulecommit/src/lib.rs(9 hunks)test-integration/programs/schedulecommit/src/order_book.rs(1 hunks)test-integration/programs/schedulecommit/src/utils/mod.rs(3 hunks)test-integration/schedulecommit/client/src/schedule_commit_context.rs(6 hunks)test-integration/schedulecommit/client/src/verify.rs(2 hunks)test-integration/schedulecommit/test-scenarios/Cargo.toml(1 hunks)test-integration/schedulecommit/test-scenarios/tests/01_commits.rs(2 hunks)test-integration/schedulecommit/test-scenarios/tests/02_commit_and_undelegate.rs(4 hunks)test-integration/schedulecommit/test-scenarios/tests/03_commits_fee_payer.rs(1 hunks)test-integration/schedulecommit/test-scenarios/tests/utils/mod.rs(1 hunks)test-integration/test-ledger-restore/tests/08_commit_update.rs(2 hunks)test-integration/test-tools/src/integration_test_context.rs(2 hunks)test-integration/test-tools/src/scheduled_commits.rs(3 hunks)
🧰 Additional context used
🧠 Learnings (4)
📚 Learning: 2025-10-14T09:56:14.047Z
Learnt from: taco-paco
Repo: magicblock-labs/magicblock-validator PR: 564
File: test-integration/programs/flexi-counter/src/processor/call_handler.rs:122-125
Timestamp: 2025-10-14T09:56:14.047Z
Learning: The file test-integration/programs/flexi-counter/src/processor/call_handler.rs contains a test smart contract used for integration testing, not production code.
Applied to files:
test-integration/test-tools/src/integration_test_context.rstest-integration/programs/schedulecommit/src/utils/mod.rstest-integration/test-ledger-restore/tests/08_commit_update.rstest-integration/schedulecommit/test-scenarios/tests/03_commits_fee_payer.rs
📚 Learning: 2025-10-21T14:00:54.642Z
Learnt from: bmuddha
Repo: magicblock-labs/magicblock-validator PR: 578
File: magicblock-aperture/src/requests/websocket/account_subscribe.rs:18-27
Timestamp: 2025-10-21T14:00:54.642Z
Learning: In magicblock-aperture account_subscribe handler (src/requests/websocket/account_subscribe.rs), the RpcAccountInfoConfig fields data_slice, commitment, and min_context_slot are currently ignored—only encoding is applied. This is tracked as technical debt in issue #579: https://github.com/magicblock-labs/magicblock-validator/issues/579
Applied to files:
magicblock-committor-service/src/tasks/mod.rstest-integration/programs/schedulecommit/src/utils/mod.rsmagicblock-committor-service/src/tasks/args_task.rstest-integration/programs/schedulecommit/src/api.rstest-integration/programs/schedulecommit/src/lib.rstest-integration/programs/schedulecommit/src/order_book.rs
📚 Learning: 2025-10-26T16:54:39.084Z
Learnt from: thlorenz
Repo: magicblock-labs/magicblock-validator PR: 587
File: test-manual/Cargo.toml:0-0
Timestamp: 2025-10-26T16:54:39.084Z
Learning: In the magicblock-validator repository, use git branch references (not commit hashes or tags) for the helius-laserstream dependency to allow automatic updates when the branch is pushed to.
Applied to files:
test-integration/Cargo.tomlCargo.toml
📚 Learning: 2025-10-26T08:49:31.543Z
Learnt from: taco-paco
Repo: magicblock-labs/magicblock-validator PR: 585
File: magicblock-committor-service/src/tasks/buffer_task.rs:111-115
Timestamp: 2025-10-26T08:49:31.543Z
Learning: In the magicblock-committor-service, compute units returned by the `compute_units()` method in task implementations (such as `BufferTask`, `ArgsTask`, etc.) represent the compute budget for a single task. Transactions can comprise multiple tasks, and the total compute budget for a transaction is computed as the sum of the compute units of all tasks included in that transaction.
Applied to files:
magicblock-committor-service/src/tasks/args_task.rs
🧬 Code graph analysis (15)
test-integration/programs/schedulecommit-security/src/lib.rs (1)
test-integration/schedulecommit/test-security/tests/01_invocations.rs (1)
create_schedule_commit_ix(41-66)
magicblock-committor-service/src/tasks/task_builder.rs (2)
magicblock-committor-service/src/tasks/args_task.rs (1)
new(49-54)magicblock-accounts/src/scheduled_commits_processor.rs (2)
new(66-90)new(420-436)
programs/magicblock/src/schedule_transactions/process_schedule_commit.rs (2)
magicblock-committor-service/src/tasks/task_builder.rs (1)
committed_accounts(153-156)test-integration/test-committor-service/tests/test_ix_commit_local.rs (1)
base_intent(544-549)
test-integration/schedulecommit/client/src/verify.rs (2)
test-integration/test-ledger-restore/tests/08_commit_update.rs (1)
ctx(90-91)test-integration/schedulecommit/test-security/tests/01_invocations.rs (1)
ctx(145-146)
programs/magicblock/src/magicblock_processor.rs (3)
magicblock-committor-service/src/tasks/args_task.rs (1)
instruction(58-160)programs/magicblock/src/schedule_transactions/process_schedule_commit.rs (1)
process_schedule_commit(34-259)magicblock-committor-program/src/state/changeset.rs (1)
request_undelegation(230-232)
test-integration/schedulecommit/test-scenarios/tests/01_commits.rs (1)
test-integration/schedulecommit/test-scenarios/tests/utils/mod.rs (1)
get_context_with_delegated_committees(16-35)
magicblock-committor-service/src/tasks/args_task.rs (3)
magicblock-committor-service/src/tasks/mod.rs (2)
instruction(66-66)instruction(249-255)magicblock-committor-service/src/tasks/buffer_task.rs (1)
instruction(65-86)magicblock-committor-service/src/config.rs (1)
local(29-35)
test-integration/schedulecommit/test-scenarios/tests/utils/mod.rs (3)
test-integration/test-ledger-restore/tests/08_commit_update.rs (1)
ctx(90-91)test-integration/schedulecommit/test-security/tests/01_invocations.rs (1)
ctx(145-146)test-integration/schedulecommit/client/src/schedule_commit_context.rs (3)
try_new(72-74)ncommittees(102-121)try_new_random_keys(66-71)
programs/magicblock/src/magic_scheduled_base_intent.rs (1)
magicblock-committor-service/src/tasks/task_builder.rs (1)
committed_accounts(153-156)
test-integration/schedulecommit/client/src/schedule_commit_context.rs (2)
test-integration/programs/schedulecommit/src/api.rs (3)
init_order_book_instruction(36-54)init_payer_escrow(77-98)init_account_instruction(16-34)test-integration/test-tools/src/integration_test_context.rs (1)
try_new(113-115)
test-integration/test-ledger-restore/tests/08_commit_update.rs (1)
test-integration/test-ledger-restore/src/lib.rs (1)
setup_validator_with_local_remote(97-119)
test-integration/programs/schedulecommit/src/api.rs (2)
test-integration/programs/schedulecommit/src/order_book.rs (1)
new(85-94)test-integration/programs/flexi-counter/src/state.rs (1)
pda(32-35)
test-integration/schedulecommit/test-scenarios/tests/03_commits_fee_payer.rs (4)
test-integration/test-runner/bin/run_tests.rs (1)
run_test(777-796)test-integration/programs/schedulecommit/src/api.rs (1)
schedule_commit_with_payer_cpi_instruction(214-232)test-integration/schedulecommit/test-scenarios/tests/utils/mod.rs (4)
assert_two_committees_synchronized_count(139-169)assert_two_committees_were_committed(68-91)get_context_with_delegated_committees(16-35)assert_feepayer_was_committed(94-113)test-integration/schedulecommit/client/src/verify.rs (1)
fetch_and_verify_commit_result_from_logs(7-14)
test-integration/programs/schedulecommit/src/lib.rs (2)
test-integration/programs/schedulecommit/src/utils/mod.rs (3)
assert_is_signer(30-44)assert_keys_equal(16-28)allocate_account_and_assign_owner(58-106)test-integration/programs/schedulecommit/src/order_book.rs (1)
new(85-94)
test-integration/schedulecommit/test-scenarios/tests/02_commit_and_undelegate.rs (4)
test-integration/programs/schedulecommit/src/api.rs (3)
schedule_commit_and_undelegate_cpi_with_mod_after_instruction(287-311)schedule_commit_diff_instruction_for_order_book(193-212)update_order_book_instruction(175-191)test-integration/schedulecommit/test-scenarios/tests/utils/mod.rs (3)
get_context_with_delegated_committees(16-35)assert_one_committee_was_committed(41-65)assert_one_committee_account_was_undelegated_on_chain(190-196)test-integration/schedulecommit/client/src/schedule_commit_context.rs (3)
committees(205-209)ephem_blockhash(322-324)ephem_client(318-320)test-integration/schedulecommit/client/src/verify.rs (1)
fetch_and_verify_order_book_commit_result_from_logs(16-23)
⏰ Context from checks skipped due to timeout of 90000ms. You can increase the timeout in your CodeRabbit configuration to a maximum of 15 minutes (900000ms). (3)
- GitHub Check: run_make_ci_test
- GitHub Check: run_make_ci_lint
- GitHub Check: run_make_ci_test
🔇 Additional comments (20)
test-integration/programs/schedulecommit/src/utils/mod.rs (3)
49-55: LGTM: Type alignment with Solana API.Changing
sizefromusizetou64correctly aligns with Solana'ssystem_instruction::allocatesignature, which expectsspace: u64.
75-79: LGTM: Helpful debug logging.The added logging for lamport requirements and payer balance aids in troubleshooting account allocation issues during testing.
90-90: Critical fix: Correct system_instruction::allocate signature.The updated call now correctly provides both required arguments (
pubkeyandspace) tosystem_instruction::allocate. The previous implementation appears to have been missing the pubkey argument, which would not match the function signature:pub fn allocate(pubkey: &Pubkey, space: u64) -> Instruction.test-integration/test-tools/src/scheduled_commits.rs (1)
182-213: Variable renaming improves clarity.The renaming of log variables to
ephem_logs_l1andephem_logs_l2clearly distinguishes the two-level log fetching process, and the updated error context at line 206 now correctly references the first-level logs. These changes enhance code readability.test-integration/programs/schedulecommit-security/src/lib.rs (2)
2-2: LGTM!The
CommitPolicyimport is correctly added to support the new argument at line 149.
143-150: Ignore this review comment. The original comment incorrectly assumes thatschedule_commit_cpi_instructionandcreate_schedule_commit_ixshould be consistent, but they are two distinct functions from different crates with different purposes:
schedule_commit_cpi_instruction(fromprogram_schedulecommit::api) is a local CPI helper that does not accept aCommitPolicyparametercreate_schedule_commit_ix(fromephemeral_rollups_sdk::ephem) is an SDK function that acceptsCommitPolicyas a parameterThe two functions have intentionally different signatures. There is no test inconsistency to address.
Likely an incorrect or invalid review comment.
test-integration/test-ledger-restore/tests/08_commit_update.rs (1)
55-61: No issues found—code is correct as written.The
TempDirreturned bysetup_validator_with_local_remoteis created specifically for temporary config storage during validator initialization (written instart_magicblock_validator_with_config_structat line 225:fs::write(&config_path, config_toml)). After the validator process is spawned, this directory is no longer needed and is safely dropped. The actual ledger directory is managed separately by the main_tmpdirat line 42 of the test, which persists for the entire test duration. The binding to_tmpdirwith an underscore prefix correctly signals that this return value is intentionally unused beyond validator initialization.test-integration/programs/schedulecommit/src/api.rs (3)
36-54: LGTM!The
init_order_book_instructionfollows the standard instruction builder pattern with appropriate account metadata.
56-75: LGTM!The
grow_order_book_instructioncorrectly constructs the instruction with theadditional_spaceparameter.
175-212: LGTM!Both
update_order_book_instructionandschedule_commit_diff_instruction_for_order_bookfollow correct instruction builder patterns with appropriate account metadata.test-integration/schedulecommit/test-scenarios/tests/01_commits.rs (1)
30-31: LGTM! Deterministic seed ensures reproducible test contexts.The hard-coded seed
b"magic_schedule_commit"provides deterministic PDA derivation and context initialization, which improves test reliability and debugging.Also applies to: 84-85
test-integration/schedulecommit/test-scenarios/tests/03_commits_fee_payer.rs (2)
82-135: LGTM! Fee payer escrow test properly verifies expected behavior.The test correctly verifies that with proper escrow setup, the fee payer commit succeeds and all expected assertions pass.
34-41: Fix struct field destructuring:payer_ephemfield andephem_blockhashretrieval.The code attempts to destructure non-existent struct fields:
- Line 35:
payerfield doesn't exist inScheduleCommitTestContextFields— should bepayer_ephem: payer- Line 39:
ephem_blockhashis not a struct field — must be fetched separately viaephem_client.get_latest_blockhash().unwrap()- Lines 58, 112: Remove dereference (
*) fromephem_blockhashonce correctedSee
01_commits.rs(lines 34, 54) for the correct pattern.Also applies to: 88-95, 112
⛔ Skipped due to learnings
Learnt from: bmuddha Repo: magicblock-labs/magicblock-validator PR: 578 File: magicblock-aperture/src/requests/websocket/account_subscribe.rs:18-27 Timestamp: 2025-10-21T14:00:54.642Z Learning: In magicblock-aperture account_subscribe handler (src/requests/websocket/account_subscribe.rs), the RpcAccountInfoConfig fields data_slice, commitment, and min_context_slot are currently ignored—only encoding is applied. This is tracked as technical debt in issue #579: https://github.com/magicblock-labs/magicblock-validator/issues/579programs/magicblock/src/magic_scheduled_base_intent.rs (3)
104-106: LGTM!The
is_commit_diff()method correctly delegates to the base intent, following the same pattern as the existingis_undelegate()method.
155-163: LGTM!The
is_commit_diff()method correctly handles allMagicBaseIntentvariants, properly delegating to the underlyingCommitTypefor bothCommitandCommitAndUndelegatecases.
458-458: LGTM!The accessor methods correctly handle the new
StandaloneDiffvariant, treating it identically toStandalonesince both containVec<CommittedAccount>.Also applies to: 468-468, 480-482
magicblock-committor-service/src/tasks/task_visitors/persistor_visitor.rs (2)
29-33: LGTM!The match correctly handles both
CommitandCommitDiffvariants identically, as both containCommitTaskand should be persisted the same way.
59-59: ****The review comment is incorrect.
BufferTaskTypeintentionally has only a singleCommitvariant because it represents buffer-based commit operations.CommitDiffis a separate task variant that belongs exclusively toArgsTaskTypeand is handled through a different code path.Evidence:
- ArgsTaskType includes CommitDiff(CommitTask), but BufferTaskType does not
- ArgsTaskType::CommitDiff explicitly panics with "ArgsTaskType::CommitDiff not handled" when attempting conversion, indicating CommitDiff is intentionally not converted to BufferTask
- The refutable pattern at line 59 is safe because BufferTaskType can only ever contain a single variant
No code changes are needed; the refutable pattern is correct as implemented.
Likely an incorrect or invalid review comment.
programs/magicblock/src/schedule_transactions/process_schedule_commit.rs (2)
31-31: LGTM!The
request_difffield addition cleanly extends the options structure to control diff-based commit scheduling.
231-238: LGTM!The
commit_actionis correctly used in both the undelegation and non-undelegation paths, enabling diff-based commits for both scenarios while preserving existing semantics.
programs/magicblock/src/schedule_transactions/process_schedule_commit.rs
Outdated
Show resolved
Hide resolved
|
|
||
| let required_lamports = rent | ||
| .minimum_balance(size) | ||
| .minimum_balance(size as usize) |
There was a problem hiding this comment.
🧹 Nitpick | 🔵 Trivial
Consider checked conversion for defensive coding.
The unchecked as usize cast could theoretically truncate if size exceeds usize::MAX on 32-bit systems. While unlikely in practice (Solana programs run in 64-bit environments and this is test code), a checked conversion would be more robust.
Optional: apply this diff for defensive coding:
- let required_lamports = rent
- .minimum_balance(size as usize)
- .max(1)
- .saturating_sub(account_info.lamports());
+ let required_lamports = rent
+ .minimum_balance(
+ size.try_into()
+ .map_err(|_| ProgramError::InvalidAccountData)?,
+ )
+ .max(1)
+ .saturating_sub(account_info.lamports());Committable suggestion skipped: line range outside the PR's diff.
🤖 Prompt for AI Agents
In test-integration/programs/schedulecommit/src/utils/mod.rs around line 71, the
code uses an unchecked cast `.minimum_balance(size as usize)` which can truncate
on platforms where size > usize::MAX; replace the unchecked cast with a checked
conversion (e.g., use usize::try_from(size) or size.try_into()) and handle the
Result by propagating an error or returning a sensible failure (or using
unwrap_or with a safe fallback) so conversion failures are handled defensively
instead of silently truncating.
test-integration/schedulecommit/test-scenarios/tests/02_commit_and_undelegate.rs
Show resolved
Hide resolved
test-integration/schedulecommit/test-scenarios/tests/02_commit_and_undelegate.rs
Show resolved
Hide resolved
test-integration/schedulecommit/test-scenarios/tests/utils/mod.rs
Outdated
Show resolved
Hide resolved
snawaz
force-pushed
the
snawaz/commit-diff
branch
from
693af7f to
99f2e8f
Compare
There was a problem hiding this comment.
Actionable comments posted: 1
♻️ Duplicate comments (8)
test-integration/Cargo.toml (1)
40-40:⚠️ Path dependency concerns from prior review remain unresolved.The migration from git-based to local path dependencies for
ephemeral-rollups-sdkandmagicblock-delegation-programstill poses the same critical CI/CD risks flagged in the previous review: these paths do not exist in the repository, CI workflows do not clone them, and builds will fail in CI/CD and for contributors without manual setup.The prior review's recommendations still apply:
- Update CI to clone both external repositories, OR
- Switch back to git-based references, OR
- Add clear setup documentation with exact clone commands and relative paths
Also applies to: 60-60
magicblock-committor-service/src/tasks/args_task.rs (2)
228-234:reset_commit_idmust handleCommitDiffvariant.The current implementation only updates the
commit_idforCommittasks and silently returns forCommitDiff. When aCommitDifftask is recycled, the stalecommit_idwill remain, causing desynced submissions.Apply this fix to handle both variants:
fn reset_commit_id(&mut self, commit_id: u64) { - // TODO (snawaz): handle CommitDiff as well? what is it about? - let ArgsTaskType::Commit(commit_task) = &mut self.task_type else { - return; - }; - - commit_task.commit_id = commit_id; + match &mut self.task_type { + ArgsTaskType::Commit(task) | ArgsTaskType::CommitDiff(task) => { + task.commit_id = commit_id; + } + _ => { + // Only Commit and CommitDiff tasks have commit_id + } + } }
74-122: Network I/O insideinstruction()remains a major concern.The
instruction()method performs RPC calls and diff computation on every invocation, which is expensive and risky:
instruction()may be called multiple times (e.g., viainvolved_accounts), multiplying RPC calls- TOCTOU: base-chain account can change between diff calculation and transaction submission
- Coupling to network hinders testing and determinism
Per previous discussion, this is acknowledged as temporary and will be addressed in subsequent PRs. Consider tracking this technical debt.
programs/magicblock/src/schedule_transactions/process_schedule_commit.rs (1)
224-228: Consider enhancing observability as previously suggested.The conditional logic correctly selects the commit type based on
request_diff. However, a past review comment suggests improving the log messages to include the number of committed accounts and the flag value for better operational visibility.test-integration/programs/schedulecommit/src/order_book.rs (2)
99-119: Unaligned typed reference toOrderBookHeaderremains a critical issue.Line 114 creates a typed reference
&mut OrderBookHeadervia raw pointer cast. While alignment is asserted at runtime (lines 102-110), Solana account data does not guarantee alignment for arbitrary types. This is undefined behavior if the account data is not aligned toalign_of::<OrderBookHeader>().The assertion will catch misalignment at runtime, but the proper fix is to avoid typed references entirely. Consider reading/writing the header fields as raw bytes using little-endian encoding.
165-178: Typed slices over potentially unaligned memory (OrderLevel).Lines 166 and 173-174 use
slice::from_raw_partsto create typed slices ofOrderLevel(which containsu64fields requiring 8-byte alignment). Account data alignment is not guaranteed by Solana, leading to undefined behavior on read.Per previous review: store levels as raw bytes and provide accessors that read/write fields via
u64::from_le_bytes/to_le_bytes, or use a packed representation without taking references to fields.test-integration/programs/schedulecommit/src/lib.rs (2)
280-311: Critical: OrderBook header is never initialized.After
allocate_account_and_assign_ownerreturns (line 308), the account data contains uninitialized memory. Subsequent calls toOrderBook::newwill read uninitializedbids_lenandasks_lenvalues, causing undefined behavior.Apply this fix immediately after allocation:
allocate_account_and_assign_owner(AllocateAndAssignAccountArgs { payer_info: payer, account_info: order_book, owner: &crate::ID, signer_seeds: &[b"order_book", book_manager.key.as_ref(), &[bump]], size: 10 * 1024, })?; + // Initialize header to zero + let mut data = order_book.try_borrow_mut_data()?; + let header_size = core::mem::size_of::<OrderBookHeader>(); + for b in &mut data[..header_size] { + *b = 0; + } Ok(())
329-334: Incorrect identifier in PDA assertion error message.Line 332 incorrectly references
payer.keyin the error message, which should bebook_manager.keyto accurately reflect the PDA derivation.Apply this fix:
assert_keys_equal(order_book.key, &pda, || { format!( "PDA for the account ('{}') and for book_manager ('{}') is incorrect", - order_book.key, payer.key + order_book.key, book_manager.key ) })?;
📜 Review details
Configuration used: CodeRabbit UI
Review profile: ASSERTIVE
Plan: Pro
⛔ Files ignored due to path filters (2)
Cargo.lockis excluded by!**/*.locktest-integration/Cargo.lockis excluded by!**/*.lock
📒 Files selected for processing (8)
magicblock-committor-service/src/tasks/args_task.rs(6 hunks)programs/magicblock/src/magic_scheduled_base_intent.rs(7 hunks)programs/magicblock/src/magicblock_processor.rs(2 hunks)programs/magicblock/src/schedule_transactions/process_schedule_commit.rs(2 hunks)test-integration/Cargo.toml(4 hunks)test-integration/programs/schedulecommit/Cargo.toml(1 hunks)test-integration/programs/schedulecommit/src/lib.rs(9 hunks)test-integration/programs/schedulecommit/src/order_book.rs(1 hunks)
🧰 Additional context used
🧠 Learnings (2)
📚 Learning: 2025-10-21T14:00:54.642Z
Learnt from: bmuddha
Repo: magicblock-labs/magicblock-validator PR: 578
File: magicblock-aperture/src/requests/websocket/account_subscribe.rs:18-27
Timestamp: 2025-10-21T14:00:54.642Z
Learning: In magicblock-aperture account_subscribe handler (src/requests/websocket/account_subscribe.rs), the RpcAccountInfoConfig fields data_slice, commitment, and min_context_slot are currently ignored—only encoding is applied. This is tracked as technical debt in issue #579: https://github.com/magicblock-labs/magicblock-validator/issues/579
Applied to files:
magicblock-committor-service/src/tasks/args_task.rstest-integration/programs/schedulecommit/src/order_book.rstest-integration/programs/schedulecommit/src/lib.rs
📚 Learning: 2025-10-26T08:49:31.543Z
Learnt from: taco-paco
Repo: magicblock-labs/magicblock-validator PR: 585
File: magicblock-committor-service/src/tasks/buffer_task.rs:111-115
Timestamp: 2025-10-26T08:49:31.543Z
Learning: In the magicblock-committor-service, compute units returned by the `compute_units()` method in task implementations (such as `BufferTask`, `ArgsTask`, etc.) represent the compute budget for a single task. Transactions can comprise multiple tasks, and the total compute budget for a transaction is computed as the sum of the compute units of all tasks included in that transaction.
Applied to files:
magicblock-committor-service/src/tasks/args_task.rs
🧬 Code graph analysis (5)
magicblock-committor-service/src/tasks/args_task.rs (3)
magicblock-committor-service/src/tasks/mod.rs (2)
instruction(66-66)instruction(249-255)magicblock-committor-service/src/tasks/buffer_task.rs (1)
instruction(65-86)magicblock-committor-service/src/config.rs (1)
local(29-35)
programs/magicblock/src/magicblock_processor.rs (1)
programs/magicblock/src/schedule_transactions/process_schedule_commit.rs (1)
process_schedule_commit(34-258)
programs/magicblock/src/schedule_transactions/process_schedule_commit.rs (2)
magicblock-committor-service/src/tasks/task_builder.rs (1)
committed_accounts(153-156)test-integration/test-committor-service/tests/test_ix_commit_local.rs (1)
base_intent(544-549)
programs/magicblock/src/magic_scheduled_base_intent.rs (1)
magicblock-committor-service/src/tasks/task_builder.rs (1)
committed_accounts(153-156)
test-integration/programs/schedulecommit/src/lib.rs (2)
test-integration/programs/schedulecommit/src/utils/mod.rs (3)
assert_is_signer(30-44)assert_keys_equal(16-28)allocate_account_and_assign_owner(58-106)test-integration/programs/schedulecommit/src/order_book.rs (1)
new(99-119)
🔇 Additional comments (11)
test-integration/Cargo.toml (1)
72-72: Now let me check the codebase for actual usage of these dependencies to confirm they are necessary:Based on my verification, I can now generate the rewritten review comment:
Both dependencies are compatible with Solana 2.2 and appropriate for this PR.
rkyv 0.7.45 supports no_std and no_alloc configurations, making it suitable for Solana on-chain programs. It supports no-std builds for targets without a standard library and no-alloc builds for targets where allocations cannot be made. The Solana VM guarantees that account data is byte-aligned to a multiple of 8, which enables rkyv's zero-copy deserialization to function safely on account data. static_assertions 1.1.0 is a stable, widely-adopted crate (225,914,390 downloads all time) providing compile-time assertion macros useful for validating account structure layouts and sizes—a common pattern in Solana programs.
No further verification needed.
test-integration/programs/schedulecommit/Cargo.toml (1)
11-12: LGTM! Dependencies properly support order book implementation.The additions of
rkyvandstatic_assertionsare well-utilized inorder_book.rsfor alignment guarantees and compile-time size/alignment checks.programs/magicblock/src/schedule_transactions/process_schedule_commit.rs (1)
31-31: LGTM! New field enables diff-based commit path.The
request_diffflag properly controls whether to useCommitType::StandaloneDifforCommitType::Standalone, enabling the optimization for large accounts with small changes.programs/magicblock/src/magicblock_processor.rs (2)
44-59: LGTM! Existing instructions properly default to non-diff path.Both
ScheduleCommitandScheduleCommitAndUndelegatecorrectly setrequest_diff: falseto maintain existing behavior.
85-92: LGTM! New instruction variant correctly enables diff-based commit with undelegation.The
ScheduleCommitDiffAndUndelegateinstruction properly sets bothrequest_undelegation: trueandrequest_diff: true, mirroringScheduleCommitAndUndelegatebehavior while enabling the diff optimization.test-integration/programs/schedulecommit/src/order_book.rs (1)
48-75: LGTM! Mutable aliasing UB resolved with aligned copy.The implementation now safely copies the input buffer into
rkyv::AlignedVecbefore creating mutable references, avoiding the undefined behavior from the previous approach. The comment clearly explains the rationale.magicblock-committor-service/src/tasks/args_task.rs (2)
171-172: LGTM! CommitDiff correctly returnsErr(self)in optimize().Returning
Err(self)forCommitDiffis correct since the diff is already optimized by design—it sends only the differences rather than full account data. Converting toBufferTaskwould be counterproductive.Per previous discussion, this is the correct semantic since CommitDiff is already using the most efficient data transfer strategy.
196-203: LGTM! Compute units appropriately set for CommitDiff.The 65,000 compute units for
CommitDiff(vs 70,000 forCommit) reflects the reduced work from transmitting only the diff. This aligns with the test observation showing lower CU usage.Based on learnings: these are compute units per task, and transactions may comprise multiple tasks.
test-integration/programs/schedulecommit/src/lib.rs (3)
203-203: LGTM! Type change tou64is appropriate.Changing
MainAccount::SIZEfromusizetou64aligns with thesizeparameter type inallocate_account_and_assign_owner(line 255) and Solana's account size conventions.
398-414: LGTM! Log message and signer check are correct.Line 402 now uses the accurate log message "Update orderbook", and line 407 properly validates that the payer is a signer before allowing the update.
419-439: LGTM! Handler correctly uses diff-based commit with undelegation.The implementation properly:
- Returns
NotEnoughAccountKeyswhen accounts are missing (line 426)- Validates payer is a signer (line 429)
- Invokes
commit_diff_and_undelegate_accountsfor the optimized diff path (line 431)
| pub fn is_commit_diff(&self) -> bool { | ||
| matches!(self, Self::StandaloneDiff(_)) | ||
| } |
There was a problem hiding this comment.
StandaloneDiff never gets constructed
Right now CommitType::try_from_args still only hydrates the Standalone and WithBaseActions variants, so anything decoded from instruction data—including the new ScheduleCommitDiffAndUndelegate path—can never produce CommitType::StandaloneDiff. As a result every is_commit_diff() added above will keep returning false, and the runtime will continue down the full-commit path instead of the diff path. Please extend try_from_args to recognize the new CommitTypeArgs::StandaloneDiff payload and build a CommitType::StandaloneDiff (including wiring up the diff bytes into the CommittedAccount representation). Without that, the new instruction can’t function.
🤖 Prompt for AI Agents
In programs/magicblock/src/magic_scheduled_base_intent.rs around lines 448-450,
the is_commit_diff() variant StandaloneDiff is never constructed because
CommitType::try_from_args only builds Standalone and WithBaseActions; update
try_from_args to recognize CommitTypeArgs::StandaloneDiff payload and construct
CommitType::StandaloneDiff accordingly, including extracting and storing the
diff bytes into the CommittedAccount representation (or equivalent field) used
by StandaloneDiff, and preserve existing handling for other variants; ensure
proper error handling for missing/invalid diff bytes and update any tests or
match arms that assume the previous behavior.
99f2e8f to
7eaaa13
Compare
There was a problem hiding this comment.
Actionable comments posted: 1
Caution
Some comments are outside the diff and can’t be posted inline due to platform limitations.
⚠️ Outside diff range comments (1)
magicblock-committor-service/src/tasks/args_task.rs (1)
228-235: Critical:reset_commit_idsilently ignores CommitDiff tasks.When a
CommitDifftask is recycled, the current code silently returns without updating itscommit_id(line 230-232), leaving stale IDs that will cause:
- Desynchronization with actual commit state
- Failed submissions with wrong nonce
- Data integrity issues
A past review correctly identified this issue.
Apply this fix to handle both
CommitandCommitDiff:fn reset_commit_id(&mut self, commit_id: u64) { - // TODO (snawaz): handle CommitDiff as well? what is it about? - let ArgsTaskType::Commit(commit_task) = &mut self.task_type else { - return; - }; - - commit_task.commit_id = commit_id; + match &mut self.task_type { + ArgsTaskType::Commit(task) | ArgsTaskType::CommitDiff(task) => { + task.commit_id = commit_id; + } + _ => { + // Other task types don't have commit_id + } + } }
♻️ Duplicate comments (7)
programs/magicblock/src/magic_scheduled_base_intent.rs (1)
389-446: CRITICAL: try_from_args cannot construct StandaloneDiff.The
try_from_argsmethod only handlesCommitTypeArgs::StandaloneandCommitTypeArgs::WithBaseActions, but does not handleCommitTypeArgs::StandaloneDiff. This means:
- Code paths using
try_from_args(e.g.,process_schedule_base_intent) cannot constructCommitType::StandaloneDiff- Only
process_schedule_commitcan create it programmatically- Any attempt to deserialize
CommitTypeArgs::StandaloneDifffrom instruction data will failThis creates a critical inconsistency where the
StandaloneDiffvariant cannot be fully utilized across all code paths.The method needs a new match arm similar to:
pub fn try_from_args( args: CommitTypeArgs, context: &ConstructionContext<'_, '_>, ) -> Result<CommitType, InstructionError> { match args { CommitTypeArgs::Standalone(accounts) => { // ... existing code ... Ok(CommitType::Standalone(committed_accounts)) } + CommitTypeArgs::StandaloneDiff(accounts) => { + let committed_accounts_ref = Self::extract_commit_accounts( + &accounts, + context.transaction_context, + )?; + Self::validate_accounts(&committed_accounts_ref, context)?; + let committed_accounts = committed_accounts_ref + .into_iter() + .map(|el| { + let mut committed_account: CommittedAccount = el.into(); + committed_account.account.owner = context + .parent_program_id + .unwrap_or(committed_account.account.owner); + committed_account + }) + .collect(); + Ok(CommitType::StandaloneDiff(committed_accounts)) + } CommitTypeArgs::WithBaseActions { ... } => { // ... existing code ... } } }Based on past review comment.
programs/magicblock/src/schedule_transactions/process_schedule_commit.rs (1)
224-228: Add observability logging for commit type selection.The conditional logic correctly selects the commit type, but lacks logging to indicate which path was taken. This makes debugging and auditing more difficult.
Based on past review comment, consider adding:
let commit_action = if opts.request_diff { + ic_msg!( + invoke_context, + "ScheduleCommit: using StandaloneDiff for {} accounts", + committed_accounts.len() + ); CommitType::StandaloneDiff(committed_accounts) } else { + ic_msg!( + invoke_context, + "ScheduleCommit: using Standalone for {} accounts", + committed_accounts.len() + ); CommitType::Standalone(committed_accounts) };magicblock-committor-service/src/tasks/args_task.rs (1)
74-122: Network I/O in instruction() confirmed as unresolved; improve fallback logging.The RPC-in-instruction issue is genuine and remains present despite the past review claiming it was addressed in commit 99f2e8f (which does not exist in the repository).
Confirmed concerns:
instruction() called multiple times per task: The method is invoked from
delivery_preparator.rs(line 377, mapped over cleanup_tasks),tasks/utils.rs(line 58, mapped over tasks), andtask_strategist.rs(line 217, in optimization loop). Each call triggers RPC I/O on the base-chain, multiplying network overhead and creating TOCTOU race conditions.ChainConfig hardcoded locally (line 76): ChainConfig is properly injected into the service/processor but ArgsTask hardcodes
ChainConfig::local()instead of receiving injected config. This remains unresolved.Fallback log incomplete (line 90): The message contains a typo ("commmit_id" with 3 m's) and is missing the
pubkeycontext for debugging. Improve clarity:- log::warn!("Fallback to commit_state and send full-bytes, as rpc failed to fetch the delegated-account from base chain, commmit_id: {} , error: {}", value.commit_id, e); + log::warn!( + "Fallback to commit_state for account {}: RPC fetch failed, commit_id={} - {}", + value.committed_account.pubkey, + value.commit_id, + e + );The architectural concerns about performing RPC I/O during instruction building should be addressed, and the config injection pattern needs to be established.
test-integration/programs/schedulecommit/src/lib.rs (3)
280-311: Header remains uninitialized after allocation—subsequent reads are undefined.After
allocate_account_and_assign_owner, the header fields (bids_len,asks_len) are still uninitialized. Any call toOrderBook::newon this account will read garbage.Apply this fix to zero the header immediately after allocation:
allocate_account_and_assign_owner(AllocateAndAssignAccountArgs { payer_info: payer, account_info: order_book, owner: &crate::ID, signer_seeds: &[b"order_book", book_manager.key.as_ref(), &[bump]], size: 10 * 1024, })?; + // Initialize header to zero + let mut data = order_book.try_borrow_mut_data()?; + data[..core::mem::size_of::<OrderBookHeader>()].fill(0); Ok(())
329-334: Error message references wrong key.The PDA assertion message incorrectly shows
payer.keyinstead ofbook_manager.key, making debugging harder.assert_keys_equal(order_book.key, &pda, || { format!( "PDA for the account ('{}') and for book_manager ('{}') is incorrect", - order_book.key, payer.key + order_book.key, book_manager.key ) })?;
402-402: Inconsistent log message casing.Message says "Update orderbook" but other logs use "OrderBook" with capital letters and space for consistency.
- msg!("Update orderbook"); + msg!("Update order book");test-integration/Cargo.toml (1)
40-40: Local path dependencies will break CI/CD builds.These local path dependencies point to repositories outside the current codebase (
../../ephemeral-rollups-sdkand../../delegation-program) that are not cloned by the CI workflow. This will cause build failures for all contributors and in continuous integration.Choose one of the following solutions:
- Revert to git-based dependencies (recommended for now):
-ephemeral-rollups-sdk = { path = "../../ephemeral-rollups-sdk/rust/sdk"} +ephemeral-rollups-sdk = { git = "https://github.com/magicblock-labs/ephemeral-rollups-sdk.git", rev = "..." }
Update CI to clone required repositories before build steps in
.github/workflows/ci-test-integration.ymlDocument the local setup in README with explicit clone instructions if local paths are intended for development only
Based on learnings: This appears to be a transition to local development setup but lacks the corresponding CI infrastructure updates.
Also applies to: 60-60
📜 Review details
Configuration used: CodeRabbit UI
Review profile: ASSERTIVE
Plan: Pro
⛔ Files ignored due to path filters (2)
Cargo.lockis excluded by!**/*.locktest-integration/Cargo.lockis excluded by!**/*.lock
📒 Files selected for processing (8)
magicblock-committor-service/src/tasks/args_task.rs(6 hunks)programs/magicblock/src/magic_scheduled_base_intent.rs(7 hunks)programs/magicblock/src/magicblock_processor.rs(2 hunks)programs/magicblock/src/schedule_transactions/process_schedule_commit.rs(2 hunks)test-integration/Cargo.toml(4 hunks)test-integration/programs/schedulecommit/Cargo.toml(1 hunks)test-integration/programs/schedulecommit/src/lib.rs(9 hunks)test-integration/programs/schedulecommit/src/order_book.rs(1 hunks)
🧰 Additional context used
🧠 Learnings (2)
📚 Learning: 2025-10-21T14:00:54.642Z
Learnt from: bmuddha
Repo: magicblock-labs/magicblock-validator PR: 578
File: magicblock-aperture/src/requests/websocket/account_subscribe.rs:18-27
Timestamp: 2025-10-21T14:00:54.642Z
Learning: In magicblock-aperture account_subscribe handler (src/requests/websocket/account_subscribe.rs), the RpcAccountInfoConfig fields data_slice, commitment, and min_context_slot are currently ignored—only encoding is applied. This is tracked as technical debt in issue #579: https://github.com/magicblock-labs/magicblock-validator/issues/579
Applied to files:
magicblock-committor-service/src/tasks/args_task.rstest-integration/programs/schedulecommit/src/lib.rstest-integration/programs/schedulecommit/src/order_book.rs
📚 Learning: 2025-10-26T08:49:31.543Z
Learnt from: taco-paco
Repo: magicblock-labs/magicblock-validator PR: 585
File: magicblock-committor-service/src/tasks/buffer_task.rs:111-115
Timestamp: 2025-10-26T08:49:31.543Z
Learning: In the magicblock-committor-service, compute units returned by the `compute_units()` method in task implementations (such as `BufferTask`, `ArgsTask`, etc.) represent the compute budget for a single task. Transactions can comprise multiple tasks, and the total compute budget for a transaction is computed as the sum of the compute units of all tasks included in that transaction.
Applied to files:
magicblock-committor-service/src/tasks/args_task.rs
🧬 Code graph analysis (5)
magicblock-committor-service/src/tasks/args_task.rs (4)
magicblock-committor-service/src/tasks/mod.rs (2)
instruction(66-66)instruction(249-255)magicblock-committor-service/src/tasks/buffer_task.rs (2)
instruction(65-86)new(37-45)magicblock-committor-service/src/config.rs (1)
local(29-35)magicblock-accounts/src/scheduled_commits_processor.rs (2)
new(66-90)new(420-436)
programs/magicblock/src/magic_scheduled_base_intent.rs (1)
magicblock-committor-service/src/tasks/task_builder.rs (1)
committed_accounts(153-156)
programs/magicblock/src/magicblock_processor.rs (1)
programs/magicblock/src/schedule_transactions/process_schedule_commit.rs (1)
process_schedule_commit(34-258)
programs/magicblock/src/schedule_transactions/process_schedule_commit.rs (2)
magicblock-committor-service/src/tasks/task_builder.rs (1)
committed_accounts(153-156)test-integration/test-committor-service/tests/test_ix_commit_local.rs (1)
base_intent(544-549)
test-integration/programs/schedulecommit/src/lib.rs (2)
test-integration/programs/schedulecommit/src/utils/mod.rs (3)
assert_is_signer(30-44)assert_keys_equal(16-28)allocate_account_and_assign_owner(58-106)test-integration/programs/schedulecommit/src/order_book.rs (1)
new(105-125)
⏰ Context from checks skipped due to timeout of 90000ms. You can increase the timeout in your CodeRabbit configuration to a maximum of 15 minutes (900000ms). (3)
- GitHub Check: run_make_ci_format
- GitHub Check: run_make_ci_test
- GitHub Check: run_make_ci_test
🔇 Additional comments (14)
programs/magicblock/src/schedule_transactions/process_schedule_commit.rs (1)
29-32: Field addition looks correct.The new
request_difffield is properly scoped aspub(crate)and theDefaulttrait will initialize it tofalse, maintaining backward compatibility.programs/magicblock/src/magicblock_processor.rs (2)
44-51: ScheduleCommit handler correctly configured.The handler properly sets
request_diff: falseto maintain the existing full-commit behavior for standard commits.
85-92: New instruction handler correctly implemented.The
ScheduleCommitDiffAndUndelegatehandler properly enables both undelegation and diff-based commits by setting both flags totrue. The implementation follows the established pattern from the other handlers.programs/magicblock/src/magic_scheduled_base_intent.rs (4)
104-106: Delegation method correctly implemented.The
is_commit_diff()method appropriately delegates to the underlyingbase_intent, following the established pattern for other query methods in this struct.
155-163: Commit diff detection logic is correct.The method correctly returns
falseforBaseActionsand properly delegates to the commit-related variants to determine if differential commits are enabled.
317-327: StandaloneDiff variant added correctly.The new variant follows the same structure as
Standalone, holdingVec<CommittedAccount>. Note that full account data is stored here; the actual diff computation likely occurs downstream during commit processing.
448-484: Accessor methods properly handle StandaloneDiff.All match expressions are now exhaustive and correctly handle the new
StandaloneDiffvariant. Theis_commit_diff()method correctly returnstrueonly forStandaloneDiff, and the accessor methods treat it consistently withStandalone.magicblock-committor-service/src/tasks/args_task.rs (4)
1-24: LGTM: Imports support the CommitDiff feature.All new imports are necessary for the RPC client setup, diff computation, and configuration.
30-30: LGTM: CommitDiff variant added.Reusing
CommitTaskfor theCommitDiffvariant is appropriate since they share the same data requirements.
171-172: LGTM: ReturningErr(self)for CommitDiff is correct.The past review discussion thoroughly analyzed this and concluded that
CommitDiffshould returnErr(self)(no optimization) because:
CommitDiffis already optimized by design—it transmits only the diff (e.g., 286 bytes) vs. full account data (10,240 bytes per your test)- Converting
CommitDifftoBufferTaskwould be counterproductive and defeat its purposeErr(self)correctly signals "no further optimization possible"Suggestion: The TODO on line 171 can be resolved and removed based on the past review's analysis.
199-199: LGTM: Compute units appropriately reduced for CommitDiff.The 65,000 compute unit allocation (5k less than
Commit's 70k) aligns with your test observations and reflects the reduced data processing for diff-based commits.test-integration/programs/schedulecommit/src/lib.rs (1)
419-439: LGTM—signer validation and error handling are now correct.The function now properly returns
NotEnoughAccountKeyswhen the accounts array doesn't match, and validates thatpayeris a signer before proceeding with the CPI call.test-integration/programs/schedulecommit/Cargo.toml (1)
11-12: LGTM—dependencies appropriately support zero-copy OrderBook.The
rkyvcrate providesAlignedVecfor safe buffer allocation, andstatic_assertionsenables compile-time layout verification. Both are correctly utilized inorder_book.rs.test-integration/Cargo.toml (1)
72-72: LGTM—workspace dependencies properly declared.The
rkyvandstatic_assertionscrates are correctly added at the workspace level, enabling their use across integration test crates for zero-copy structures and compile-time assertions.Also applies to: 91-91
| // TODO (snawaz): What should we use here? Commit (in the sense of "category of task"), or add a | ||
| // new variant "CommitDiff" to indicate a specific instruction? | ||
| ArgsTaskType::CommitDiff(_) => TaskType::Commit, |
There was a problem hiding this comment.
🧩 Analysis chain
Design decision needed: Should CommitDiff map to TaskType::Commit or have its own variant?
The TODO raises a valid question. The answer depends on how TaskType is used:
-
Use
TaskType::Commit(current approach) ifTaskTyperepresents operational categories and you wantCommitDiffto be treated identically toCommitfor scheduling, metrics, and logging purposes. -
Add
TaskType::CommitDiffif you need to distinguish them for:- Separate metrics/monitoring (track commit vs. commit-diff usage)
- Different retry/error handling strategies
- Granular observability
Run this script to see how TaskType is used across the codebase:
Based on the results, decide whether granular tracking justifies a separate variant.
🏁 Script executed:
#!/bin/bash
# Check how TaskType enum is used - pattern matching, metrics, logging, etc.
# Find TaskType definition
echo "=== TaskType definition ==="
ast-grep --pattern 'enum TaskType { $$$ }'
echo -e "\n=== TaskType usage in match expressions ==="
rg -nP --type=rust -C3 'match.*task_type\(\)|TaskType::' -g '!target/**'
echo -e "\n=== TaskType in metrics/logging ==="
rg -nP --type=rust -C2 'TaskType::(Commit|Finalize|Undelegate|Action)' -g '!target/**' | head -50Length of output: 44482
🏁 Script executed:
#!/bin/bash
# Find TaskType enum definition
echo "=== Find TaskType enum definition ==="
rg -nP --type=rust 'enum\s+TaskType' -A 10
echo -e "\n=== Check how commit_tasks from partition are used ==="
rg -nP --type=rust -B 5 -A 10 'partition.*TaskType::Commit' | head -60
echo -e "\n=== Look for uses of partition results ==="
rg -nP --type=rust -A 20 'partition\(.*task_type.*==' -g '!target/**' | head -80Length of output: 4450
🏁 Script executed:
#!/bin/bash
# Understand CommitDiff purpose and usage
echo "=== CommitDiff creation context in task_builder ==="
rg -nP --type=rust -B 8 -A 3 'ArgsTaskType::CommitDiff' magicblock-committor-service/src/tasks/task_builder.rs
echo -e "\n=== CommitDiff instruction generation ==="
rg -nP --type=rust -B 3 -A 15 'ArgsTaskType::CommitDiff\(value\) =>' magicblock-committor-service/src/tasks/args_task.rs | head -40
echo -e "\n=== How commit_diff parameter is determined ==="
rg -nP --type=rust -B 20 'commit_diff' magicblock-committor-service/src/tasks/task_builder.rs | grep -A 20 -B 20 'commit_diff'Length of output: 4220
Add TaskType::CommitDiff variant to distinguish commit-diff tasks from regular commits.
The TODO identifies a legitimate design concern. CommitDiff and Commit have fundamentally different execution models:
- Commit: Direct instruction, convertible to
BufferTask, optimizable with lookup tables (70k compute units) - CommitDiff: RPC-based account fetching, cannot buffer, standalone execution (65k compute units)
Currently both map to TaskType::Commit, which masks this distinction and creates two problems:
-
Incorrect optimization path: The partition at
intent_executor/mod.rs:394groups them together, andCommitDifftasks may be treated as candidates for lookup table optimization despite being fundamentally different. -
Loss of semantic clarity: The conversion logic at
args_task.rs:172explicitly rejectsCommitDifffor buffering, indicating they shouldn't follow the same execution path as regularCommittasks.
Action: Add CommitDiff as a distinct TaskType variant to align the type system with the actual execution semantics, enabling proper task routing, metrics, and optimization decisions.
🤖 Prompt for AI Agents
In magicblock-committor-service/src/tasks/args_task.rs around lines 214 to 216,
the match arm mapping ArgsTaskType::CommitDiff to TaskType::Commit collapses two
different execution models; add a new TaskType::CommitDiff variant and change
this arm to return TaskType::CommitDiff, then search and update all switch/match
sites and type usages (e.g., intent_executor/mod.rs:394 partition logic,
args_task.rs:172 conversion path, routing/metrics/optimization checks) to handle
TaskType::CommitDiff separately so commit-diff tasks are not treated as
bufferable/lookup-table-optimizable Commit tasks.
…fficiently commit changes in delegated accounts
snawaz
force-pushed
the
snawaz/commit-diff
branch
from
7eaaa13 to
c05f313
Compare
snawaz
force-pushed
the
snawaz/commit-diff
branch
2 times, most recently
from
d10afb6 to
5f0081c
Compare
snawaz
force-pushed
the
snawaz/commit-diff
branch
from
5f0081c to
a4e8ee8
Compare
This PR does the following things:
MagicBlockInstruction::ScheduleCommitDiffAndUndelegatethat is very similar to the existingScheduleCommitAndUndelegateexcept that it invokesCommitDiffinstruction in the delegation-program.args, notbufferaccount.OrderBookaccount (10 KB). I initially wanted to try a few MB, but realized currently that’s not possible yet.CommitDiffwas invoked (in the delegation-program) with onlydiff len = 286whereasdata len = 10240(see first screenshot).diff len = 8(encoding the size of account on ER and the number of offset-pairs), and logs a warning (see second screenshot).Summary by CodeRabbit
New Features
Chores