fix(key-wallet): preserve UTXO flags across reprocessing#837
fix(key-wallet): preserve UTXO flags across reprocessing#837xdustinface wants to merge 1 commit into
Conversation
`update_utxos` rebuilds each output with a fresh `Utxo::new` on every reprocess, so a mempool→block confirmation silently reset `is_instantlocked` (and `is_trusted` and any coin reservation) back to false. An InstantSend lock is permanent for a txid per DIP-0010 and trust only ever settles, so both now latch monotonically when an entry for the outpoint already exists, and the coin-reservation flag is carried through unchanged. `is_confirmed` stays freshly derived so a reorg can still downgrade it. Addresses CodeRabbit review comment on PR dashpay#836 dashpay#836 (comment)
📝 WalkthroughWalkthroughIn ChangesUTXO Flag Preservation
Estimated code review effort: 2 (Simple) | ~10 minutes Possibly related issues
Suggested reviewers: 🚥 Pre-merge checks | ✅ 5✅ Passed checks (5 passed)
✨ Finishing Touches🧪 Generate unit tests (beta)
Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out. Comment |
Codecov Report✅ All modified and coverable lines are covered by tests. Additional details and impacted files@@ Coverage Diff @@
## dev #837 +/- ##
==========================================
- Coverage 73.09% 73.06% -0.03%
==========================================
Files 323 323
Lines 72378 72384 +6
==========================================
- Hits 52902 52888 -14
- Misses 19476 19496 +20
|
|
@CodeRabbit review |
✅ Action performedReview finished.
|
There was a problem hiding this comment.
🧹 Nitpick comments (1)
key-wallet/src/managed_account/managed_core_funds_account.rs (1)
205-216: 📐 Maintainability & Code Quality | 🔵 Trivial | ⚡ Quick winConsider extending test coverage to
is_trusted/is_lockedpreservation.The companion test in
wallet_checker.rsonly assertsis_instantlockedsurvives reprocessing. Since this same merge block also latchesis_trustedand carries throughis_locked, an assertion covering those paths would guard against future regressions in the same spot that caused this bug.🤖 Prompt for AI Agents
Verify each finding against current code. Fix only still-valid issues, skip the rest with a brief reason, keep changes minimal, and validate. In `@key-wallet/src/managed_account/managed_core_funds_account.rs` around lines 205 - 216, The reprocessing merge logic in managed_core_funds_account should be covered by tests for the additional latched fields. Extend the existing companion test in wallet_checker.rs (the one that already checks UTXO reprocessing) to also assert that ManagedCoreFundsAccount’s preservation path keeps is_trusted latched and carries is_locked through from the prior UTXO, alongside the existing is_instantlocked check.
🤖 Prompt for all review comments with AI agents
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.
Nitpick comments:
In `@key-wallet/src/managed_account/managed_core_funds_account.rs`:
- Around line 205-216: The reprocessing merge logic in
managed_core_funds_account should be covered by tests for the additional latched
fields. Extend the existing companion test in wallet_checker.rs (the one that
already checks UTXO reprocessing) to also assert that ManagedCoreFundsAccount’s
preservation path keeps is_trusted latched and carries is_locked through from
the prior UTXO, alongside the existing is_instantlocked check.
ℹ️ Review info
⚙️ Run configuration
Configuration used: Path: .coderabbit.yaml
Review profile: CHILL
Plan: Pro
Run ID: ff3f3495-2f29-45e0-a1f5-2fc99fa50a91
📒 Files selected for processing (2)
key-wallet/src/managed_account/managed_core_funds_account.rskey-wallet/src/transaction_checking/wallet_checker.rs
Summary
update_utxosrebuilds each of our outputs with a freshUtxo::newon every reprocess of a transaction. On the mempool→block transition this silently reset flags that had already been set on an earlier pass, in particularis_instantlocked: a UTXO whose transaction received an InstantSend lock while in the mempool lost the lock flag the moment the transaction was confirmed in a block.This carries forward the flags that must not regress when an entry for the outpoint already exists:
is_instantlockedandis_trustedlatch monotonically. An InstantSend lock is permanent for a txid (DIP-0010) and trust only ever settles, so once either is true it stays true.is_locked(the coin-reservation flag, toggled only vialock/unlock) is carried through unchanged rather than being reset.is_confirmedis left freshly derived from the context so a reorg can still downgrade it.It was latent so far because every current consumer ORs
is_instantlockedwithis_confirmed, and a confirmed reprocess setsis_confirmedtrue in the same pass. It is worth fixing on its own sinceis_instantlockedis now also an input to asset-lock funding selection, and a standalone consumer or a UI badge would surface the wipe.Testing
test_full_confirmation_lifecyclenow asserts the IS-lock flag survives the block-confirmation stage. The assertion fails without the fix and passes with it.Found during CodeRabbit review of #836.
Summary by CodeRabbit