feat: contract verification wallet network guard#679
Open
Oluwaseyi89 wants to merge 8 commits into
Open
Conversation
|
@Oluwaseyi89 is attempting to deploy a commit to the Cedarich's projects Team on Vercel. A member of the Team first needs to authorize it. |
…rification-wallet-network-guard
Adds comprehensive network guard system to prevent on-chain actions when wallet is connected to the wrong network (Mainnet vs Testnet). New Features: - Detect wallet network (Testnet/Mainnet) from WalletConnect chain IDs - Block signature-required actions when network mismatch detected - Provide clear remediation instructions for users - Add real-time network validation during wallet connection New Files: - mobile/src/services/networkGuard.ts: Core network detection & validation logic - detectWalletNetwork(): Parse chain IDs to identify Stellar network - validateWalletNetwork(): Throw with actionable remediation messages - OnChainNetworkGuard: Class-based guard for signing operations - NetworkMismatchError: Custom error with error codes and remediation - mobile/src/hooks/useNetworkGuard.ts: React hook for network guard integration - Provides mismatch state, error messages, and remediation instructions - Ensures correct network before signing operations - Auto-validates on wallet connection changes - mobile/src/components/NetworkGuardBanner.tsx: UI component for network warnings - Visual banner showing network mismatch status - Actionable buttons for switching networks - Platform-native styling (iOS/Android) - mobile/src/__tests__/networkGuard.test.ts: Comprehensive unit tests - Network detection edge cases - Validation scenarios (correct/incorrect networks) - Error handling and remediation messaging - Network guard class behavior Modified Files: - mobile/src/contexts/WalletContext.tsx: Add network state management - Store chain IDs from wallet sessions - Detect and track wallet network in context - Provide isOnCorrectNetwork flag and checkNetwork() method - Auto-validate on connection and network changes Implementation Details: - Type-safe with no implicit any - Handles edge cases (unknown networks, no connection, unreachable) - Follows existing code patterns and conventions - Proper error propagation with actionable remediation
…metadata (Pulsefy#468) Adds comprehensive contract-aware metadata to AI verification results, enabling backend to anchor verification outcomes to on-chain events during Testnet demos. New Features: - Generate stable identifiers (campaign ID, claim ID, package ID) in result payloads - Validate identifiers and reject malformed inputs early - Propagate metadata through entire verification pipeline (AI service → Backend) - Add comprehensive tests for payload shape and metadata propagation New Files: - backend/src/verification/dto/verification-result.dto.ts: Enhanced DTO with ContractAwareMetadata, ValidationResultDto, and webhook payload validation - backend/src/verification/metadata.service.ts: Core metadata service - generateMetadata(): Creates contract-aware metadata with stable identifiers - validateMetadata(): Validates UUIDs, package IDs, and network values - validateWebhookPayload(): Validates incoming webhook payloads - enhanceWithMetadata(): Enriches verification results with metadata - backend/test/verification-metadata.e2e-spec.ts: End-to-end tests - Metadata generation and validation tests - Webhook payload validation tests - API integration tests with metadata propagation Modified Files: - ai-service/api/v1/inference.py: Add metadata support to AI inference - Add ContractMetadata model with UUID and network validation - Extend InferenceRequest with contract-aware metadata fields - Validate metadata early and reject malformed inputs - Include metadata in task responses and status checks - backend/src/verification/verification.module.ts: Register metadata service - Import DeploymentMetadataModule for contract configuration - Add VerificationMetadataService and EnhancedVerificationFlowService - Export metadata service for use by other modules - backend/src/verification/verification.service.ts: Integrate metadata - Inject VerificationMetadataService in constructor - Add enhanceResultWithMetadata() method - Enhance processVerification() with metadata generation - Log packageId and network in verification completion logs - Include metadata in audit trail - backend/src/webhooks/dto/ai-verification.dto.ts: Update webhook DTOs - Add ContractMetadataDto for stable identifiers - Add AIVerificationResultDto with metadata support - Add AIVerificationWebhookDto with validation rules - Preserve backward compatibility with existing exports Implementation Details: - Type-safe with no implicit any - Validates UUIDs, package ID format, and network values - Comprehensive error handling with actionable messages - Preserves all existing functionality and comments - Includes proper validation decorators (class-validator)
- Update dependency resolutions for workspace packages - Sync lockfile after pnpm install - Ensure consistent versions across environments
|
@Oluwaseyi89 Great news! 🎉 Based on an automated assessment of this PR, the linked Wave issue(s) no longer count against your application limits. You can now already apply to more issues while waiting for a review of this PR. Keep up the great work! 🚀 |
Contributor
Author
|
@Cedarich please, review. |
Fixes multiple TypeScript compilation errors across the backend codebase, improves type safety, and adds proper error handling for metadata service. Changes: src/audit/webhook.controller.spec.ts: - Fix import path from 'src/ai-verification.dto' to relative import - Update VerificationStatus.COMPLETED to VERIFIED to match enum values - Use correct DTO fields (eventId, details) for main DTO src/verification/interfaces/verification-job.interface.ts: - Add metadata, warnings, and validationErrors fields to VerificationResult - Import ContractAwareMetadata type src/verification/metadata.service.ts: - Import DeploymentMetadataResponseDto type - Fix deployment metadata fetching using findByNetwork() method - Add proper type safety for packageId and transactionHash fields - Add error handling with graceful fallback when metadata generation fails - Add new utility methods: extractMetadataFromPayload, mergeMetadata, normalizeNetwork, isMetadataComplete - Improve validation for chainId, version, and network fields - Add type-safe timestamp handling in mergeMetadata src/webhooks.service.spec.ts: - Fix PrismaService mock with proper type assertion - Use (prisma as any).webhookEvent for accessing mocked properties - Fix webhookEvent.create expectation src/webhooks/dto/ai-verification.dto.ts: - Add missing IsNumber import for class-validator test/aid-escrow.integration.spec.ts: - Add createMockRequest helper for proper Request type mocking - Replace 'as any' casts with proper mock request objects - Fix controller method calls with properly typed requests test/verification-metadata.e2e-spec.ts: - Fix supertest import (default import instead of namespace) - Use proper Prisma enums (ClaimStatus, CampaignStatus) instead of string literals - Add required 'budget' field to Campaign creation - Fix organization relation with proper connect syntax - Remove packageId from Claim creation (field doesn't exist in schema) - Add unique test data to avoid conflicts test/verification-review-queue.e2e-spec.ts: - Use proper Prisma enums (ClaimStatus, CampaignStatus) - Add type guards for nextCursor to handle union types - Fix status comparisons to use enum values All changes maintain backward compatibility while improving type safety and fixing compilation errors.
Contributor
…ncements Resolves merge conflicts between HEAD (contract-aware metadata) and upstream/main (anchor metadata) branches in verification service. Changes: - Merge both metadata approaches: ContractAwareMetadata and AnchorMetadata - Keep anchorMetadata field in VerificationJobData for on-chain anchoring - Persist anchorMetadata in claim update with Prisma.JsonNull handling - Preserve enhancedResult with contract-aware metadata (packageId, network) - Include both metadata types in audit trail This combines both branches' functionality without breaking existing code.
Contributor
Author
|
@Cedarich conflicts have been resolved. |
- Add missing trailing newlines - Fix no-case-declarations in mergeMetadata - Format long lines for readability - Fix import formatting across multiple files No functional changes.
Contributor
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Implement contract-aware verification metadata and wallet network mismatch guard
Overview
This PR adds end-to-end contract-aware verification metadata to ensure AI results anchor to on-chain events, and implements a wallet network mismatch guard for mobile.
Changes
Contract-Aware Verification Metadata (#468)
Wallet Network Mismatch Guard (#448)
Files Added
Files Modified
Closes #468
Closes #448