Skip to content

feat: contract verification wallet network guard#679

Open
Oluwaseyi89 wants to merge 8 commits into
Pulsefy:mainfrom
Oluwaseyi89:feature/contract-verification-wallet-network-guard
Open

feat: contract verification wallet network guard#679
Oluwaseyi89 wants to merge 8 commits into
Pulsefy:mainfrom
Oluwaseyi89:feature/contract-verification-wallet-network-guard

Conversation

@Oluwaseyi89

Copy link
Copy Markdown
Contributor

Implement contract-aware verification metadata and wallet network mismatch guard

Overview

This PR adds end-to-end contract-aware verification metadata to ensure AI results anchor to on-chain events, and implements a wallet network mismatch guard for mobile.

Changes

Contract-Aware Verification Metadata (#468)

  • Include stable identifiers (campaign reference, claim ID, package ID) in verification result payloads
  • Validate identifiers and reject malformed inputs early with proper error handling
  • Add tests validating payload shape and metadata propagation

Wallet Network Mismatch Guard (#448)

  • Detect wallet network mismatch and block on-chain actions when not on Testnet
  • Provide clear remediation guidance when mismatch is detected
  • Add tests covering mismatch detection and recovery flows

Files Added

  • Tests for payload validation and metadata propagation
  • Tests for wallet network mismatch detection and recovery

Files Modified

  • AI verification result payload structure
  • Wallet connection and signature request flow

Closes #468
Closes #448

@vercel

vercel Bot commented Jun 28, 2026

Copy link
Copy Markdown

@Oluwaseyi89 is attempting to deploy a commit to the Cedarich's projects Team on Vercel.

A member of the Team first needs to authorize it.

@Oluwaseyi89 Oluwaseyi89 marked this pull request as draft June 28, 2026 17:30
Adds comprehensive network guard system to prevent on-chain actions when wallet
is connected to the wrong network (Mainnet vs Testnet).

New Features:
- Detect wallet network (Testnet/Mainnet) from WalletConnect chain IDs
- Block signature-required actions when network mismatch detected
- Provide clear remediation instructions for users
- Add real-time network validation during wallet connection

New Files:
- mobile/src/services/networkGuard.ts: Core network detection & validation logic
  - detectWalletNetwork(): Parse chain IDs to identify Stellar network
  - validateWalletNetwork(): Throw with actionable remediation messages
  - OnChainNetworkGuard: Class-based guard for signing operations
  - NetworkMismatchError: Custom error with error codes and remediation

- mobile/src/hooks/useNetworkGuard.ts: React hook for network guard integration
  - Provides mismatch state, error messages, and remediation instructions
  - Ensures correct network before signing operations
  - Auto-validates on wallet connection changes

- mobile/src/components/NetworkGuardBanner.tsx: UI component for network warnings
  - Visual banner showing network mismatch status
  - Actionable buttons for switching networks
  - Platform-native styling (iOS/Android)

- mobile/src/__tests__/networkGuard.test.ts: Comprehensive unit tests
  - Network detection edge cases
  - Validation scenarios (correct/incorrect networks)
  - Error handling and remediation messaging
  - Network guard class behavior

Modified Files:
- mobile/src/contexts/WalletContext.tsx: Add network state management
  - Store chain IDs from wallet sessions
  - Detect and track wallet network in context
  - Provide isOnCorrectNetwork flag and checkNetwork() method
  - Auto-validate on connection and network changes

Implementation Details:
- Type-safe with no implicit any
- Handles edge cases (unknown networks, no connection, unreachable)
- Follows existing code patterns and conventions
- Proper error propagation with actionable remediation
…metadata (Pulsefy#468)

Adds comprehensive contract-aware metadata to AI verification results, enabling
backend to anchor verification outcomes to on-chain events during Testnet demos.

New Features:
- Generate stable identifiers (campaign ID, claim ID, package ID) in result payloads
- Validate identifiers and reject malformed inputs early
- Propagate metadata through entire verification pipeline (AI service → Backend)
- Add comprehensive tests for payload shape and metadata propagation

New Files:
- backend/src/verification/dto/verification-result.dto.ts: Enhanced DTO with
  ContractAwareMetadata, ValidationResultDto, and webhook payload validation

- backend/src/verification/metadata.service.ts: Core metadata service
  - generateMetadata(): Creates contract-aware metadata with stable identifiers
  - validateMetadata(): Validates UUIDs, package IDs, and network values
  - validateWebhookPayload(): Validates incoming webhook payloads
  - enhanceWithMetadata(): Enriches verification results with metadata

- backend/test/verification-metadata.e2e-spec.ts: End-to-end tests
  - Metadata generation and validation tests
  - Webhook payload validation tests
  - API integration tests with metadata propagation

Modified Files:
- ai-service/api/v1/inference.py: Add metadata support to AI inference
  - Add ContractMetadata model with UUID and network validation
  - Extend InferenceRequest with contract-aware metadata fields
  - Validate metadata early and reject malformed inputs
  - Include metadata in task responses and status checks

- backend/src/verification/verification.module.ts: Register metadata service
  - Import DeploymentMetadataModule for contract configuration
  - Add VerificationMetadataService and EnhancedVerificationFlowService
  - Export metadata service for use by other modules

- backend/src/verification/verification.service.ts: Integrate metadata
  - Inject VerificationMetadataService in constructor
  - Add enhanceResultWithMetadata() method
  - Enhance processVerification() with metadata generation
  - Log packageId and network in verification completion logs
  - Include metadata in audit trail

- backend/src/webhooks/dto/ai-verification.dto.ts: Update webhook DTOs
  - Add ContractMetadataDto for stable identifiers
  - Add AIVerificationResultDto with metadata support
  - Add AIVerificationWebhookDto with validation rules
  - Preserve backward compatibility with existing exports

Implementation Details:
- Type-safe with no implicit any
- Validates UUIDs, package ID format, and network values
- Comprehensive error handling with actionable messages
- Preserves all existing functionality and comments
- Includes proper validation decorators (class-validator)
- Update dependency resolutions for workspace packages
- Sync lockfile after pnpm install
- Ensure consistent versions across environments
@drips-wave

drips-wave Bot commented Jun 30, 2026

Copy link
Copy Markdown

@Oluwaseyi89 Great news! 🎉 Based on an automated assessment of this PR, the linked Wave issue(s) no longer count against your application limits.

You can now already apply to more issues while waiting for a review of this PR. Keep up the great work! 🚀

Learn more about application limits

@Oluwaseyi89 Oluwaseyi89 marked this pull request as ready for review June 30, 2026 15:13
@Oluwaseyi89

Copy link
Copy Markdown
Contributor Author

@Cedarich please, review.

Fixes multiple TypeScript compilation errors across the backend codebase,
improves type safety, and adds proper error handling for metadata service.

Changes:

src/audit/webhook.controller.spec.ts:
- Fix import path from 'src/ai-verification.dto' to relative import
- Update VerificationStatus.COMPLETED to VERIFIED to match enum values
- Use correct DTO fields (eventId, details) for main DTO

src/verification/interfaces/verification-job.interface.ts:
- Add metadata, warnings, and validationErrors fields to VerificationResult
- Import ContractAwareMetadata type

src/verification/metadata.service.ts:
- Import DeploymentMetadataResponseDto type
- Fix deployment metadata fetching using findByNetwork() method
- Add proper type safety for packageId and transactionHash fields
- Add error handling with graceful fallback when metadata generation fails
- Add new utility methods: extractMetadataFromPayload, mergeMetadata,
  normalizeNetwork, isMetadataComplete
- Improve validation for chainId, version, and network fields
- Add type-safe timestamp handling in mergeMetadata

src/webhooks.service.spec.ts:
- Fix PrismaService mock with proper type assertion
- Use (prisma as any).webhookEvent for accessing mocked properties
- Fix webhookEvent.create expectation

src/webhooks/dto/ai-verification.dto.ts:
- Add missing IsNumber import for class-validator

test/aid-escrow.integration.spec.ts:
- Add createMockRequest helper for proper Request type mocking
- Replace 'as any' casts with proper mock request objects
- Fix controller method calls with properly typed requests

test/verification-metadata.e2e-spec.ts:
- Fix supertest import (default import instead of namespace)
- Use proper Prisma enums (ClaimStatus, CampaignStatus) instead of string literals
- Add required 'budget' field to Campaign creation
- Fix organization relation with proper connect syntax
- Remove packageId from Claim creation (field doesn't exist in schema)
- Add unique test data to avoid conflicts

test/verification-review-queue.e2e-spec.ts:
- Use proper Prisma enums (ClaimStatus, CampaignStatus)
- Add type guards for nextCursor to handle union types
- Fix status comparisons to use enum values

All changes maintain backward compatibility while improving type safety
and fixing compilation errors.
@Cedarich

Copy link
Copy Markdown
Contributor

@Oluwaseyi89

…ncements

Resolves merge conflicts between HEAD (contract-aware metadata) and
upstream/main (anchor metadata) branches in verification service.

Changes:
- Merge both metadata approaches: ContractAwareMetadata and AnchorMetadata
- Keep anchorMetadata field in VerificationJobData for on-chain anchoring
- Persist anchorMetadata in claim update with Prisma.JsonNull handling
- Preserve enhancedResult with contract-aware metadata (packageId, network)
- Include both metadata types in audit trail

This combines both branches' functionality without breaking existing code.
@Oluwaseyi89

Copy link
Copy Markdown
Contributor Author

@Cedarich conflicts have been resolved.

- Add missing trailing newlines
- Fix no-case-declarations in mergeMetadata
- Format long lines for readability
- Fix import formatting across multiple files

No functional changes.
@Cedarich

Cedarich commented Jul 1, 2026

Copy link
Copy Markdown
Contributor

@Oluwaseyi89

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

End-to-End Contract-Aware Verification Metadata Wallet Network Mismatch Guard (Mobile)

2 participants