Skip to content

Refactor/test separation #190

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
hlgltvnnk wants to merge 14 commits into
base: main
Choose a base branch
from
Open

Refactor/test separation #190

hlgltvnnk wants to merge 14 commits into from

Conversation

@hlgltvnnk
Copy link
Collaborator

@hlgltvnnk hlgltvnnk commented Jan 5, 2026
edited by coderabbitai bot
Loading

Summary by CodeRabbit

Release Notes

  • New Features

    • Introduced contract extensions framework with modular support for Defuse, Escrow, and PoA contracts.
    • Added enhanced nonce handling with automatic nonce generation and extraction utilities.
    • Added simplified signing interface for Defuse payloads with default deadline and nonce management.

  • Chores

    • Reorganized test infrastructure for improved maintainability.
    • Updated build container images and pinned cargo-near tooling version.
    • Consolidated development dependencies structure across workspace.

✏️ Tip: You can customize this high-level summary in your review settings.

@coderabbitai
Copy link

coderabbitai bot commented Jan 5, 2026
edited
Loading

📝 Walkthrough

Walkthrough

This PR consolidates test utilities and contract extensions into a new workspace crate contract_extensions with feature flags, introduces nonce and signer extension traits, and refactors imports across the test suite to use a unified module structure. Removes sandbox-related features from primary crates and pins cargo-near version in CI.

Changes

Cohort / File(s) Summary
Workspace Configuration
Cargo.toml		 Added contract_extensions as workspace member; introduced defuse-contract-extensions and defuse-tests as workspace dependencies with path references.
Contract Extensions (New Crate)
contract_extensions/Cargo.toml, contract_extensions/src/lib.rs, contract_extensions/src/defuse/mod.rs, contract_extensions/src/defuse/signer.rs, contract_extensions/src/defuse/nonce.rs, contract_extensions/src/escrow/mod.rs, contract_extensions/src/poa/mod.rs		 New library crate defining feature-gated modules (defuse, escrow, poa). Introduces ExtractNonceExt and GenerateNonceExt traits for nonce handling; introduces DefuseSignerExt and DefaultDefuseSignerExt traits for signing with automatic nonce/deadline generation. Public re-exports for defuse_escrow_swap and defuse_poa_factory.
Contract Extensions Import Updates
contract_extensions/src/defuse/deployer.rs, contract_extensions/src/defuse/intents.rs, contract_extensions/src/defuse/tokens/nep141.rs		 Updated import paths from crate::* to defuse::* to align with workspace module structure.
Primary Crate Manifest Changes
defuse/Cargo.toml, poa-factory/Cargo.toml, escrow-swap/Cargo.toml, test-utils/Cargo.toml		 Removed sandbox feature and moved defuse-sandbox to dev-dependencies; added defuse-randomness, defuse-tests, and test framework crates (rstest, tokio, futures); introduced defuse-crypto dependency in test-utils.
Sandbox Module Removals
defuse/src/lib.rs, poa-factory/src/lib.rs		 Removed public sandbox_ext module declarations gated by #[cfg(feature = "sandbox")].
Test Import Refactoring
defuse/src/contract/accounts/account/entry/tests/legacy.rs, defuse/tests/accounts/auth_by_predecessor_id.rs, defuse/tests/accounts/force.rs, defuse/tests/accounts/manage_public_keys.rs, defuse/tests/accounts/nonces.rs, defuse/tests/intents/ft_withdraw.rs, defuse/tests/intents/legacy_nonce.rs, defuse/tests/intents/mod.rs, defuse/tests/intents/native_withdraw.rs, defuse/tests/intents/public_key.rs, defuse/tests/intents/relayers.rs, defuse/tests/intents/simulate.rs, defuse/tests/intents/token_diff.rs, defuse/tests/state/fee.rs, defuse/tests/state/mod.rs, defuse/tests/state/salt.rs, defuse/tests/state/upgrade.rs, defuse/tests/storage/mod.rs, defuse/tests/tokens/nep141.rs, defuse/tests/tokens/nep171.rs, defuse/tests/tokens/nep245/mt_transfer_resolve_gas.rs		 Consolidated scattered imports from defuse_test_utils, defuse_sandbox, and crate-local paths into unified defuse_tests namespace. Removed sandbox_ext import references.
Test Utilities Cleanup
test-utils/src/fixtures.rs, test-utils/src/lib.rs		 Updated PublicKey import from defuse::core::crypto to defuse_crypto; added public fixtures module export.
Test Environment Restructuring
tests/Cargo.toml, tests/src/lib.rs, tests/src/env/builder.rs, tests/src/env/mod.rs, tests/src/env/state.rs, tests/src/env/storage.rs, tests/src/utils/mod.rs, tests/src/tests/mod.rs, tests/src/tests/poa/mod.rs		 Refactored tests crate: moved env to public module; added public re-exports for contract_extensions, sandbox, utils; removed tests::utils::fixtures and tests::utils::payload public exports; removed tests::poa::factory export. Changed Env::root() and Env::sandbox_mut() to const functions. Removed MT_RECEIVER_STUB_WASM, TransferCallExpectation, deploy_mt_receiver_stub(), and create_random_salted_nonce() from env module. Updated imports throughout to use defuse_contract_extensions.
New Test Cases
tests/tests/mod.rs, tests/tests/defuse/mod.rs, tests/tests/defuse/intents.rs, tests/tests/defuse/tokens/mod.rs, tests/tests/defuse/tokens/nep141.rs, tests/tests/defuse/tokens/nep171.rs, tests/tests/defuse/tokens/nep245.rs, defuse/tests/intents/transfer.rs, defuse/tests/tokens/nep245/mod.rs		 Added parameterized test suites for NEP141, NEP171, and NEP245 token transfers with multiple scenarios (refund, panic, malicious). Introduced TransferCallExpectation and MtTransferCallExpectation structs for encoding test case expectations. Added MT_RECEIVER_STUB_WASM static to tests module.
Factory Test Updates
poa-factory/tests/factory.rs		 Updated import paths for PoAFactoryDeployerExt and PoAFactoryExt from defuse_poa_factory::sandbox_ext to defuse_contract_extensions::poa.
Escrow Test Updates
escrow-swap/tests/helpers/mod.rs, escrow-swap/tests/partial_fills.rs		 Consolidated imports from scattered crates to defuse_contract_extensions namespace; updated ESCROW_SWAP_WASM import source.
CI Workflow
.github/workflows/ci.yml		 Pinned cargo-near to version 0.17.0 in install steps (replacing unpinned dependencies).
Metadata Updates
poa-token/Cargo.toml, defuse/Cargo.toml		 Updated reproducible-build container image from 0.16.2-rust-1.86.0 to 0.18.0-rust-1.86.0 with corresponding digest updates.

Estimated code review effort

🎯 4 (Complex) | ⏱️ ~60 minutes

Possibly related PRs

Suggested reviewers

  • mitinarseny
  • fusede

Poem

🐰 Hops with glee through trait-filled trees,
Tests reorganized, imports at ease,
Nonces now generated, signers all blessed,
Contract extensions pass the final test.

🚥 Pre-merge checks | ✅ 2 | ❌ 1
❌ Failed checks (1 inconclusive)
Check name Status Explanation Resolution
Title check ❓ Inconclusive The title 'Refactor/test separation' is vague and generic, using non-descriptive terms that don't clearly convey the specific changes made in the changeset. Provide a more descriptive title that specifically highlights the main refactoring objective, such as 'Refactor test utilities into separate crate' or 'Extract test infrastructure to contract-extensions'.
✅ Passed checks (2 passed)
Check name Status Explanation
Description Check ✅ Passed Check skipped - CodeRabbit’s high-level summary is enabled.
Docstring Coverage ✅ Passed Docstring coverage is 100.00% which is sufficient. The required threshold is 80.00%.

✏️ Tip: You can configure your own custom pre-merge checks in the settings.

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

Comment @coderabbitai help to get the list of available commands and usage tips.

coderabbitai[bot]
coderabbitai bot reviewed Jan 5, 2026
View reviewed changes
Copy link

@coderabbitai coderabbitai bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Actionable comments posted: 1

Fix all issues with AI Agents 🤖 
In @defuse/src/contract/accounts/account/entry/tests/legacy.rs:
- Line 12: The remaining files still import the old symbol `use
defuse_test_utils::random::make_arbitrary;`; replace those imports with `use
defuse_tests::utils::random::make_arbitrary;` everywhere (e.g., in modules that
call `make_arbitrary()` such as NEP171/NEP141/NEP245/token-id related tests) so
all tests consistently use the consolidated `defuse_tests` crate.
🧹 Nitpick comments (10)
tests/tests/defuse/tokens/nep141.rs (2)

22-29: Well-structured expectation type for parameterized testing.

The TransferCallExpectation struct cleanly encapsulates test case configuration. One observation: intent_transfer_amount is None in all current test cases (lines 32-66), meaning the Execute action path (lines 125-133) is never exercised.

Consider adding test cases with intent_transfer_amount: Some(...) to cover the intent execution path if that's in scope for this PR.

53-58: Minor: Inconsistent number literal formatting.

Lines 36-37 use 1_000 with underscores for readability, while lines 57-58 and 64 use 1000 without. Consider using consistent formatting throughout.

🔎 Suggested fix 
 #[case::receiver_panics_results_with_no_refund(TransferCallExpectation {
     action: StubAction::Panic,
     intent_transfer_amount: None,
     refund_if_fails: true,
-    expected_sender_ft_balance: 1000,
+    expected_sender_ft_balance: 1_000,
     expected_receiver_mt_balance: 0,
 })]
 #[case::malicious_receiver(TransferCallExpectation {
     action: StubAction::MaliciousReturn,
     intent_transfer_amount: None,
     refund_if_fails: true,
-    expected_sender_ft_balance: 1000,
+    expected_sender_ft_balance: 1_000,
     expected_receiver_mt_balance: 0,
 })]
tests/tests/defuse/tokens/nep171.rs (2)

63-64: Consider moving imports to module level.

These imports are placed inside the function body. While valid Rust, it's more conventional to place imports at the module level for better visibility and consistency with the rest of the file.

🔎 Suggested refactor

Move these imports to the top of the file with other imports:

 use defuse::core::token_id::TokenId as DefuseTokenId;
 use defuse::core::token_id::nep171::Nep171TokenId;
 use defuse::tokens::{DepositAction, DepositMessage, ExecuteIntents};
+use defuse::core::{amounts::Amounts, intents::tokens::Transfer};
+use defuse_sandbox::{api::types::json::Base64VecU8, tx::FnCallBuilder};
 
 use defuse_sandbox::api::types::nft::NFTContractMetadata;

And later (line 144):

     let deposit_message = if intents.is_empty() {
-        use defuse::core::intents::tokens::NotifyOnTransfer;
+        // NotifyOnTransfer should be imported at module level

20-28: Test cases cover notification path only.

Similar to the NEP-141 tests, all cases have intent_transfer: false, so the Execute action path (lines 152-159) is never exercised. The notification path scenarios are well-covered.

Consider adding at least one case with intent_transfer: true to verify the intent execution flow works correctly for NFTs.

Also applies to: 30-58

defuse/tests/mod.rs (1)

1-1: Consider more selective dead code suppression.

The blanket #![allow(dead_code)] at the file level may mask genuinely unused code. Consider applying the attribute only to specific items that are intentionally unused (e.g., shared test helpers used conditionally across submodules).

Alternative approach

Remove the file-level attribute and apply #[allow(dead_code)] only to specific items:

-#![allow(dead_code)]
-
 mod accounts;
 mod intents;
 mod state;
 mod storage;
 mod tokens;

Then add #[allow(dead_code)] annotations to specific functions or items within the submodules that need them.

tests/tests/defuse/tokens/nep245.rs (1)

73-73: Redundant inner import.

Amounts and Transfer are already imported at file scope (lines 2 and 4). This inner use statement can be removed.

🔎 Proposed fix 
 async fn mt_transfer_call_calls_mt_on_transfer_single_token(
     #[case] expectation: MtTransferCallExpectation,
 ) {
-    use defuse::core::{amounts::Amounts, intents::tokens::Transfer};
-
     let env = Env::builder().deployer_as_super_admin().build().await;
escrow-swap/tests/helpers/mod.rs (1)

1-11: Address the TODO comment or remove if no longer applicable.

The import reorganization under defuse_contract_extensions is consistent with the PR's objective. However, Line 3 contains a TODO: reorganize imports comment that suggests the structure may need further refinement.

Are these imports in their final structure, or is additional reorganization planned? If the current structure is acceptable, consider removing the TODO comment to avoid confusion.

escrow-swap/Cargo.toml (1)

22-22: Clarify if optional runtime dependency is needed.

defuse-sandbox is declared both as an optional runtime dependency (line 22) and as a dev-dependency (line 37). If sandbox is only used for testing, the optional runtime dependency may be unnecessary. Consider removing line 22 unless there's a feature flag that enables sandbox functionality in production builds.

tests/tests/defuse/intents.rs (1)

190-192: Remove redundant imports.

These imports duplicate what's already declared at the top of the file (lines 9-10 for ExecuteIntentsExt, line 14 for NearToken via near_sdk). The FnCallBuilder import from defuse_sandbox::tx may be the only new one needed.

🔎 Proposed fix 
 async fn transfer_intent_with_msg_to_receiver_smc(#[case] expectation: TransferCallExpectation) {
-    use defuse_contract_extensions::defuse::intents::ExecuteIntentsExt;
     use defuse_sandbox::tx::FnCallBuilder;
-    use near_sdk::NearToken;
defuse/tests/tokens/nep245/mod.rs (1)

690-720: Consider documenting or removing the gas measurement scaffolding.

The commented-out gas measurement code provides useful debugging capability but clutters the test. Consider either:

  1. Moving to a separate utility/helper that can be enabled via feature flag
  2. Adding a brief comment explaining its purpose for future maintainers
  3. Removing if no longer needed

As-is, the scaffolding is harmless but adds cognitive overhead.

📜 Review details

Configuration used: defaults

Review profile: CHILL

Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between 057dc1e and ff1e300.

⛔ Files ignored due to path filters (1)
  • Cargo.lock is excluded by !**/*.lock
📒 Files selected for processing (76)
  • Cargo.toml
  • contract_extensions/Cargo.toml
  • contract_extensions/src/defuse/account_manager.rs
  • contract_extensions/src/defuse/deployer.rs
  • contract_extensions/src/defuse/force_manager.rs
  • contract_extensions/src/defuse/intents.rs
  • contract_extensions/src/defuse/mod.rs
  • contract_extensions/src/defuse/relayer.rs
  • contract_extensions/src/defuse/signer.rs
  • contract_extensions/src/defuse/state/fee.rs
  • contract_extensions/src/defuse/state/garbage_collector.rs
  • contract_extensions/src/defuse/state/mod.rs
  • contract_extensions/src/defuse/state/salt.rs
  • contract_extensions/src/defuse/tokens/mod.rs
  • contract_extensions/src/defuse/tokens/nep141.rs
  • contract_extensions/src/defuse/tokens/nep245.rs
  • contract_extensions/src/escrow/mod.rs
  • contract_extensions/src/lib.rs
  • contract_extensions/src/poa/mod.rs
  • defuse/Cargo.toml
  • defuse/src/contract/accounts/account/entry/tests/legacy.rs
  • defuse/src/lib.rs
  • defuse/tests/accounts/auth_by_predecessor_id.rs
  • defuse/tests/accounts/force.rs
  • defuse/tests/accounts/manage_public_keys.rs
  • defuse/tests/accounts/mod.rs
  • defuse/tests/accounts/nonces.rs
  • defuse/tests/intents/ft_withdraw.rs
  • defuse/tests/intents/legacy_nonce.rs
  • defuse/tests/intents/mod.rs
  • defuse/tests/intents/native_withdraw.rs
  • defuse/tests/intents/public_key.rs
  • defuse/tests/intents/relayers.rs
  • defuse/tests/intents/simulate.rs
  • defuse/tests/intents/token_diff.rs
  • defuse/tests/intents/transfer.rs
  • defuse/tests/mod.rs
  • defuse/tests/state/fee.rs
  • defuse/tests/state/mod.rs
  • defuse/tests/state/salt.rs
  • defuse/tests/state/upgrade.rs
  • defuse/tests/storage/mod.rs
  • defuse/tests/tokens/mod.rs
  • defuse/tests/tokens/nep141.rs
  • defuse/tests/tokens/nep171.rs
  • defuse/tests/tokens/nep245/letter_gen.rs
  • defuse/tests/tokens/nep245/mod.rs
  • defuse/tests/tokens/nep245/mt_transfer_resolve_gas.rs
  • escrow-swap/Cargo.toml
  • escrow-swap/tests/helpers/mod.rs
  • escrow-swap/tests/partial_fills.rs
  • poa-factory/Cargo.toml
  • poa-factory/src/lib.rs
  • poa-factory/tests/factory.rs
  • test-utils/Cargo.toml
  • test-utils/src/fixtures.rs
  • test-utils/src/lib.rs
  • tests/Cargo.toml
  • tests/src/defuse_signer.rs
  • tests/src/env/builder.rs
  • tests/src/env/mod.rs
  • tests/src/env/state.rs
  • tests/src/env/storage.rs
  • tests/src/lib.rs
  • tests/src/nonce.rs
  • tests/src/tests/mod.rs
  • tests/src/tests/poa/mod.rs
  • tests/src/utils/mod.rs
  • tests/tests/defuse/intents.rs
  • tests/tests/defuse/mod.rs
  • tests/tests/defuse/tokens/mod.rs
  • tests/tests/defuse/tokens/nep141.rs
  • tests/tests/defuse/tokens/nep171.rs
  • tests/tests/defuse/tokens/nep245.rs
  • tests/tests/mod.rs
  • tests/tests/utils.rs
💤 Files with no reviewable changes (5)
  • tests/src/utils/mod.rs
  • poa-factory/src/lib.rs
  • tests/src/tests/poa/mod.rs
  • tests/src/tests/mod.rs
  • defuse/src/lib.rs
🧰 Additional context used
🧬 Code graph analysis (22)
tests/src/env/state.rs (1)
tests/src/env/mod.rs (1)
  • generate_legacy_user_account_id (268-283)
tests/src/lib.rs (3)
escrow-swap/tests/helpers/mod.rs (1)
  • env (27-29)
core/src/payload/mod.rs (1)
  • nonce (60-62)
tests/src/env/mod.rs (1)
  • sandbox (250-252)
defuse/tests/tokens/nep171.rs (3)
contract_extensions/src/defuse/intents.rs (1)
  • intents (53-53)
escrow-swap/tests/helpers/mod.rs (1)
  • env (27-29)
tests/src/env/mod.rs (1)
  • sandbox (250-252)
tests/tests/mod.rs (1)
sandbox/src/helpers.rs (1)
  • read_wasm (6-18)
defuse/tests/tokens/nep245/mod.rs (2)
defuse/tests/tokens/nep245/letter_gen.rs (1)
  • new (12-14)
contract_extensions/src/defuse/tokens/nep141.rs (2)
  • defuse_ft_withdraw (33-41)
  • defuse_ft_withdraw (56-81)
tests/tests/defuse/mod.rs (2)
contract_extensions/src/defuse/intents.rs (1)
  • intents (53-53)
tests/src/env/storage.rs (1)
  • tokens (230-233)
defuse/tests/intents/token_diff.rs (2)
tests/src/env/mod.rs (1)
  • sandbox (250-252)
escrow-swap/tests/helpers/mod.rs (1)
  • env (27-29)
test-utils/src/fixtures.rs (1)
test-utils/src/random.rs (1)
  • random (82-84)
defuse/tests/intents/transfer.rs (1)
tests/src/tests/defuse/intents/transfer.rs (2)
  • transfer_intent (24-72)
  • transfer_intent_to_defuse (77-199)
tests/tests/defuse/intents.rs (4)
contract_extensions/src/defuse/intents.rs (1)
  • intents (53-53)
tests/src/env/storage.rs (1)
  • tokens (230-233)
poa-factory/src/contract.rs (1)
  • token_id (197-203)
tests/src/env/mod.rs (2)
  • create_user (136-147)
  • create_token (103-111)
tests/src/env/storage.rs (3)
sandbox/src/account.rs (1)
  • signer (131-133)
randomness/src/lib.rs (1)
  • make_true_rng (16-18)
escrow-swap/tests/helpers/mod.rs (1)
  • env (27-29)
defuse/tests/intents/native_withdraw.rs (3)
escrow-swap/tests/helpers/mod.rs (1)
  • env (27-29)
tests/src/env/mod.rs (1)
  • sandbox (250-252)
test-utils/src/fixtures.rs (2)
  • ed25519_pk (16-18)
  • secp256k1_pk (21-23)
defuse/tests/state/mod.rs (1)
defuse/tests/state/upgrade.rs (1)
  • upgrade (42-87)
defuse/tests/tokens/nep141.rs (6)
tests/src/env/storage.rs (1)
  • tokens (230-233)
poa-factory/src/lib.rs (1)
  • tokens (35-35)
escrow-swap/tests/helpers/mod.rs (1)
  • env (27-29)
tests/src/env/mod.rs (1)
  • sandbox (250-252)
near-utils/src/panic_on_clone.rs (1)
  • core (26-26)
contract_extensions/src/defuse/intents.rs (1)
  • intents (53-53)
defuse/src/contract/accounts/account/entry/tests/legacy.rs (1)
test-utils/src/random.rs (2)
  • random (82-84)
  • make_arbitrary (154-160)
defuse/tests/intents/legacy_nonce.rs (5)
contract_extensions/src/defuse/intents.rs (1)
  • intents (53-53)
sandbox/src/account.rs (1)
  • signer (131-133)
escrow-swap/tests/helpers/mod.rs (1)
  • env (27-29)
tests/src/env/mod.rs (1)
  • sandbox (250-252)
test-utils/src/random.rs (2)
  • random (82-84)
  • make_arbitrary (154-160)
escrow-swap/tests/partial_fills.rs (1)
escrow-swap/tests/helpers/mod.rs (1)
  • env (27-29)
defuse/tests/intents/public_key.rs (4)
contract_extensions/src/defuse/intents.rs (1)
  • intents (53-53)
escrow-swap/tests/helpers/mod.rs (1)
  • env (27-29)
core/src/payload/mod.rs (1)
  • nonce (60-62)
test-utils/src/fixtures.rs (1)
  • public_key (8-13)
tests/src/env/builder.rs (1)
escrow-swap/tests/helpers/mod.rs (1)
  • env (27-29)
defuse/tests/state/upgrade.rs (6)
contract_extensions/src/defuse/intents.rs (1)
  • intents (53-53)
tests/src/env/storage.rs (1)
  • state (245-252)
tests/src/env/mod.rs (1)
  • sandbox (250-252)
sandbox/src/helpers.rs (1)
  • read_wasm (6-18)
test-utils/src/fixtures.rs (3)
  • ed25519_pk (16-18)
  • p256_pk (26-28)
  • secp256k1_pk (21-23)
escrow-swap/tests/helpers/mod.rs (1)
  • env (27-29)
tests/src/env/mod.rs (2)
escrow-swap/tests/helpers/mod.rs (1)
  • env (27-29)
randomness/src/lib.rs (1)
  • make_true_rng (16-18)
contract_extensions/src/escrow/mod.rs (1)
sandbox/src/helpers.rs (1)
  • read_wasm (6-18)
⏰ Context from checks skipped due to timeout of 90000ms. You can increase the timeout in your CodeRabbit configuration to a maximum of 15 minutes (900000ms). (10)
  • GitHub Check: Build Reproducible
  • GitHub Check: Build
  • GitHub Check: Security Audit - deny
  • GitHub Check: Shared / Static Analysis (intents-contract, contract, near, defuse, 1, ., 1.18, false, --filter-paths "nod...
  • GitHub Check: Shared / Static Analysis (intents-poa-token, contract, near, poa-token, 1, ., 1.18, false, --filter-paths ...
  • GitHub Check: Shared / Static Analysis (intents-poa-factory, contract, near, poa-factory, 1, ., 1.18, false, --filter-pa...
  • GitHub Check: Shared security analysis / Static Analysis (intents-poa-token, contract, near, poa-token, 1, ., 1.18, false, --filter-paths ...
  • GitHub Check: Shared security analysis / Static Analysis (intents-contract, contract, near, defuse, 1, ., 1.18, false, --filter-paths "nod...
  • GitHub Check: Shared security analysis / Static Analysis (intents-poa-factory, contract, near, poa-factory, 1, ., 1.18, false, --filter-pa...
  • GitHub Check: Security Audit - report
🔇 Additional comments (80)
defuse/tests/accounts/nonces.rs (1)

19-33: LGTM! Clean import reorganization.

The new import structure under defuse_tests is well-organized with logical groupings:

  • Contract extensions separated by functionality (account_manager, intents, signer, state)
  • Clear separation between env, nonce, sandbox, and utils modules

This aligns well with the PR's goal of consolidating test utilities into a unified defuse-tests crate.

tests/tests/defuse/mod.rs (1)

1-2: Clean module structure for test organization.

Both submodules are properly defined with their corresponding files present: intents.rs and tokens/mod.rs exist in the expected locations.

tests/src/env/storage.rs (2)

18-25: LGTM! Clean import consolidation.

The reorganization of imports to use the new defuse_contract_extensions crate aligns well with the PR's objective of consolidating test utilities. The import structure is clear and well-organized.

32-35: LGTM! Env imports properly consolidated.

The consolidation of crate::env imports is clean and maintains good module organization.

tests/tests/defuse/tokens/nep141.rs (1)

67-157: Solid test structure with comprehensive scenarios.

The test properly:

  • Sets up the environment with deployer as super admin
  • Creates users and deploys receiver stub contract
  • Handles storage deposits
  • Constructs appropriate deposit messages based on the test case
  • Verifies both FT and MT balances after the transfer

The use of futures::join! for concurrent user/token creation is a nice optimization.

tests/tests/defuse/tokens/nep171.rs (2)

172-207: Thorough ownership verification.

The test properly verifies ownership in two independent ways:

  1. Direct NFT contract ownership check (lines 172-188)
  2. MT balance verification on the defuse contract (lines 190-207)

The descriptive assertion messages will help with debugging test failures.

68-73: Good documentation on naming constraint.

The comment explaining why a named user is used (to avoid exceeding NEAR's 64-char account limit) is helpful for future maintainers.

tests/tests/defuse/tokens/mod.rs (1)

1-3: Module declarations properly reference existing implementation files.

The module structure follows NEAR token standard naming conventions (NEP-141 for fungible tokens, NEP-171 for NFTs, NEP-245 for multi-token). The nep245 module file exists at tests/tests/defuse/tokens/nep245.rs as expected.

defuse/tests/state/mod.rs (1)

3-3: LGTM!

The addition of the upgrade module follows the established pattern and integrates well with the existing test module structure.

test-utils/Cargo.toml (1)

13-13: LGTM!

The defuse-crypto dependency with the arbitrary feature correctly supports the cryptographic type usage in test fixtures, aligning with the import path changes in test-utils/src/fixtures.rs.

tests/src/env/state.rs (1)

14-14: Import path simplified correctly.

The updated import path reflects the reorganized module hierarchy, making the code cleaner and more maintainable.

test-utils/src/fixtures.rs (1)

2-6: LGTM!

The import path update to use defuse_crypto::PublicKey correctly aligns with the new dependency added in test-utils/Cargo.toml. The import reorganization improves code organization while maintaining all public function signatures.

test-utils/src/lib.rs (1)

2-2: LGTM!

The addition of the fixtures module to the public API aligns well with the PR's goal of consolidating test utilities.

defuse/tests/state/fee.rs (1)

1-11: LGTM!

The import refactoring follows the same clean pattern as other test files, consolidating utilities under the defuse_tests namespace. The changes are consistent and maintain the same logical structure.

defuse/tests/storage/mod.rs (1)

1-12: LGTM!

The import consolidation is consistent with the broader refactoring effort. The grouped imports under defuse_tests improve code organization and maintainability.

Cargo.toml (2)

80-84: Workspace dependencies added correctly.

The new workspace dependencies defuse-contract-extensions and defuse-tests are properly configured to support the refactored test infrastructure.

37-37: No circular dependencies detected in the workspace structure.

The addition of contract_extensions to the workspace members is properly integrated. The tests crate depends on defuse-contract-extensions, and contract_extensions has no reverse dependency on tests. All workspace dependencies are unidirectional with no circular references.

defuse/tests/state/salt.rs (1)

1-10: Import consolidation is correct.

All imported modules exist and are properly accessible through the defuse_tests namespace:

  • contract_extensions::defuse::state::{SaltManagerExt, SaltViewExt} from contract_extensions/src/defuse/state/
  • sandbox::extensions::acl::AclExt from sandbox/src/extensions/acl.rs
  • utils::asserts::ResultAssertsExt from test-utils/src/asserts.rs
  • env::Env from tests/src/env/

The refactoring successfully consolidates test utilities under the defuse_tests namespace via re-exports in tests/src/lib.rs, improving module organization consistently with the PR's objective.

tests/tests/mod.rs (1)

1-8: LGTM! Clean test module organization.

The module declarations and lazy-loaded WASM binary initialization follow good practices for test infrastructure.

defuse/tests/accounts/auth_by_predecessor_id.rs (1)

1-19: LGTM! Well-organized import consolidation.

The import reorganization under the defuse_tests namespace improves test code maintainability by centralizing test utilities and extensions.

defuse/tests/mod.rs (1)

3-7: LGTM! Clear test module structure.

The submodule organization aligns well with the PR's objective of improving test separation.

tests/src/lib.rs (1)

3-9: LGTM! Appropriate public exposure for test utilities.

Making these modules and re-exports public is correct for a shared test utilities crate (defuse-tests), enabling other test crates to access the consolidated test infrastructure.

defuse/tests/state/upgrade.rs (1)

15-35: LGTM! Consistent import consolidation.

The reorganized imports under defuse_tests maintain consistency with the broader refactoring and improve the clarity of test dependencies.

defuse/Cargo.toml (1)

69-83: LGTM!

The dev-dependencies are correctly organized for the new test structure. The consolidation under defuse-tests and addition of defuse-randomness aligns well with the PR's objective to centralize test utilities.

defuse/tests/tokens/nep245/mt_transfer_resolve_gas.rs (2)

1-17: LGTM!

The import reorganization correctly consolidates test utilities under defuse_tests. The module paths are well-structured and align with the new test infrastructure.

29-33: Consistent derive/format change.

Removing Display and using Debug formatting ({gen_mode:?}) is consistent. The log output will now show ShortestPossible or LongestPossible with debug formatting, which is acceptable for test diagnostics.

Also applies to: 297-297

defuse/tests/accounts/manage_public_keys.rs (1)

3-16: LGTM!

Import paths are correctly consolidated under defuse_tests. The reorganization is clean with contract_extensions::defuse::account_manager, env, sandbox, and utils::fixtures properly separated. Re-exporting serde_json::json through near_sdk is a nice cleanup.

defuse/tests/accounts/force.rs (1)

1-25: LGTM!

The import reorganization cleanly separates concerns:

  • defuse_tests::defuse_signer and nonce for test utilities
  • defuse_tests::contract_extensions::defuse for contract interaction traits
  • defuse_tests::sandbox::extensions for sandbox-specific utilities
  • defuse_tests::utils for assertions and fixtures

This structure improves maintainability by making test utility sources explicit.

tests/tests/defuse/tokens/nep245.rs (2)

11-22: LGTM!

The import reorganization correctly uses defuse_contract_extensions for contract extension traits and defuse_tests for test utilities. The separation between these two crates is appropriate.

633-635: Acceptable for complex integration test.

The clippy::too_many_lines allow is reasonable here. This integration test covers a complex multi-token transfer scenario with duplicate tokens, and splitting it would likely reduce clarity rather than improve it.

defuse/tests/intents/relayers.rs (1)

1-13: LGTM!

The import consolidation under defuse_tests is well-organized. The nested structure clearly separates:

  • Contract extensions (intents, relayer)
  • Sandbox primitives (SigningAccount, Signer, generate_secret_key)
  • Sandbox extensions (acl)
  • Utility assertions
contract_extensions/src/defuse/tokens/nep141.rs (1)

6-6: LGTM!

Importing DepositMessage directly from defuse::tokens makes the dependency on the defuse crate explicit, which is clearer than a crate-relative path in this extension module.

contract_extensions/src/defuse/deployer.rs (1)

6-6: LGTM! Import path correctly updated.

The import path change from crate::contract::config::DefuseConfig to defuse::contract::config::DefuseConfig is correct given that this code has moved to the contract_extensions crate and needs to reference the defuse crate explicitly.

contract_extensions/src/defuse/mod.rs (1)

11-12: LGTM! Consistent alias pattern.

The public re-export of defuse as contract establishes a consistent naming convention across the contract_extensions module, aligning with similar aliases in the poa and escrow modules.

contract_extensions/src/poa/mod.rs (2)

3-3: LGTM! Consistent public alias pattern.

The re-export of defuse_poa_factory as contract follows the same aliasing pattern established in the defuse module, providing a uniform API surface.

12-12: LGTM! Import path updated to use the new alias.

The import path correctly references defuse_poa_factory::contract using the alias defined at line 3, maintaining consistency with the module reorganization.

contract_extensions/src/defuse/intents.rs (1)

11-11: Import path is correct and properly exposes SimulationOutput from the defuse crate.

The import use defuse::simulation_output::SimulationOutput; correctly references the public simulation_output module in the defuse crate, which publicly exports SimulationOutput. This reflects the refactoring within defuse that moved the type from the intents module to its own dedicated simulation_output module.

defuse/tests/intents/legacy_nonce.rs (1)

7-15: LGTM! Clean consolidation of test utilities.

The import reorganization successfully consolidates test utilities under the unified defuse_tests namespace, achieving the PR's objective of centralizing test infrastructure. The import tree is well-organized and all imported items are properly accessible and referenced in the test code.

contract_extensions/Cargo.toml (1)

1-28: LGTM! Clean manifest structure.

The manifest is well-organized with appropriate workspace references, clean feature flags that map to optional dependencies, and suitable crate types for contract extensions.

defuse/tests/tokens/nep171.rs (1)

5-15: LGTM! Import consolidation aligns with refactoring goals.

The consolidated imports from defuse_tests improve organization and align with the test separation objectives.

defuse/tests/intents/transfer.rs (2)

1-65: Well-structured transfer intent test.

The test demonstrates proper intent creation, signing, execution, and balance verification flow. Good use of async/await and assertion patterns.

22-22: The hardcoded account ID is intentional and validates transfer behavior to non-existent accounts.

The test explicitly verifies that the contract correctly handles transfers to accounts that don't undergo explicit creation (lines 58–63 confirm the balance reaches the non-existent account). This pattern is consistent across multiple test files and the passing assertions indicate the intended behavior works correctly. No changes needed.

defuse/tests/intents/mod.rs (2)

1-23: LGTM! Import reorganization improves test structure.

The consolidation of imports under defuse_tests and the addition of serde_json support the test infrastructure refactoring objectives.

55-55: New transfer module properly integrated.

The addition of mod transfer; correctly exposes the new transfer intent test module.

tests/Cargo.toml (2)

15-15: New contract extensions dependency properly integrated.

The addition of defuse-contract-extensions with ["poa", "defuse"] features aligns with the test separation refactoring objectives.

11-21: No action needed—feature change is intentional and correct.

The near-sdk feature was changed from "unit-testing" to "arbitrary" as part of commit 6aa6204 ("feat: use cache from near-sdk and arbitrary from near-account-id"). The test crate uses defuse-sandbox and defuse-test-utils for its test environment and utilities, not near-sdk's "unit-testing" feature. The "arbitrary" feature is the correct choice because it enables the Arbitrary trait for near-sdk types (particularly AccountId via near-account-id integration), which the test code relies on for generating test data.

contract_extensions/src/lib.rs (1)

1-6: LGTM! Clean feature-gated module organization.

The conditional module declarations follow standard Rust patterns and align well with the PR's objective of separating contract extensions into feature-gated modules.

defuse/tests/intents/ft_withdraw.rs (1)

7-19: LGTM! Clean consolidation of test imports.

The import reorganization successfully consolidates test utilities under the defuse_tests crate, improving code organization and aligning with the PR's objective to unify test infrastructure.

escrow-swap/tests/partial_fills.rs (1)

1-29: LGTM! Import reorganization aligns with test infrastructure refactoring.

The import path updates successfully integrate the new defuse_contract_extensions structure and local helpers module. The changes are consistent with the PR's objective to consolidate test utilities and improve organization.

tests/src/nonce.rs (1)

19-28: The 15-byte nonce size is correct. The [u8; 15] size matches the pattern used in core/src/nonce/versioned.rs (line 64), where nonces for VersionedNonce are generated with the same size. The ExpirableNonce<T> type is generic, and different contexts use different sizes (15, 24, or 32 bytes) appropriately.

Likely an incorrect or invalid review comment.

poa-factory/tests/factory.rs (1)

1-2: Import paths are correctly configured.

Both PoAFactoryDeployerExt and PoAFactoryExt are publicly defined in contract_extensions/src/poa/mod.rs and properly exported. The Role type is accessible via defuse_poa_factory::contract. All imports are correctly wired in the workspace.

contract_extensions/src/escrow/mod.rs (5)

1-1: LGTM! Clean public re-export.

The public re-export of defuse_escrow_swap provides a unified surface for escrow-related components, aligning with the broader refactoring to consolidate extensions under defuse_contract_extensions.

5-7: LGTM! Imports reorganized to use defuse_sandbox.

The consolidated import from defuse_sandbox is consistent with the PR's objective to unify test utilities and sandbox extensions.

13-25: LGTM! Trait-level lint attribute is more precise.

Moving #[allow(async_fn_in_trait)] from crate-level to trait-level provides better lint hygiene by limiting the scope of the allow directive.

57-60: LGTM! Consistent lint attribute application.

The trait-level #[allow(async_fn_in_trait)] attribute is consistently applied to EscrowExtView, matching the pattern used for EscrowExt.

10-11: Path resolution is correct across workspace members.

The implementation in sandbox/src/helpers.rs correctly handles CARGO_MANIFEST_DIR resolution. The env!("CARGO_MANIFEST_DIR") macro is evaluated at compile time for each crate, and the relative path navigation (../) correctly resolves to the repository root res/ directory regardless of whether called from contract_extensions or escrow-swap. The fs::canonicalize() call ensures absolute path validity with clear error messages on failure.

defuse/tests/intents/token_diff.rs (1)

7-14: LGTM! Test imports successfully consolidated.

The reorganized imports align with the PR's objective to consolidate test utilities under the defuse_tests crate. The new import structure provides a clearer separation between:

  • Contract extensions (defuse_tests::contract_extensions::defuse::intents)
  • Sandbox extensions (defuse_tests::sandbox::extensions::mt)
  • Test utilities (defuse_tests::env, defuse_tests::defuse_signer)
tests/src/defuse_signer.rs (2)

5-5: LGTM! Import path consolidated to defuse_contract_extensions.

The updated import path aligns with the PR's objective to consolidate contract extensions under the defuse_contract_extensions crate, providing a unified surface for signer and state-related functionality.

13-53: LGTM! DefuseSignerExt provides useful test utilities.

The trait extension provides convenient methods for generating unique nonces and signing defuse payloads in tests, with appropriate use of TestRng for test randomness.

escrow-swap/tests/helpers/mod.rs (1)

24-24: LGTM! WASM source centralized to contract_extensions.

The ESCROW_SWAP_WASM is now sourced from defuse_contract_extensions::escrow, providing a single source of truth for the WASM artifact and aligning with the PR's consolidation objective.

poa-factory/Cargo.toml (1)

38-43: No production code depends on the removed sandbox feature—this change is safe.

The removal of the sandbox feature flag and conversion of defuse-sandbox to a dev-dependency is safe. No production code (in poa-factory/src) references the sandbox feature via cfg gates or otherwise. The sandbox dependency is appropriately used only in tests, where it now functions as a standard dev-dependency rather than a feature-gated one.

defuse/tests/intents/native_withdraw.rs (1)

13-19: LGTM! Import consolidation aligns with test-separation refactor.

The imports are correctly reorganized to use the centralized defuse_tests crate, improving maintainability by consolidating test utilities under a single namespace.

defuse/tests/tokens/nep141.rs (2)

3-11: LGTM! Clean import consolidation.

The imports are well-organized under the defuse_tests namespace, properly grouping contract extensions, signer utilities, environment, and sandbox extensions.

244-316: Good test coverage for force withdraw authorization.

The ft_force_withdraw test properly validates the authorization flow: first ensuring the operation fails without the UnrestrictedWithdrawer role, then succeeding after the role is granted. This is a good pattern for testing role-based access control.

tests/src/env/builder.rs (2)

188-203: LGTM! POA factory deployment with appropriate test permissions.

The function correctly sets up the POA factory with root as super admin and grants both TokenDeployer and TokenDepositer roles for test environment flexibility.

10-13: The import path defuse_contract_extensions::poa::contract::contract::Role is correct. The first contract refers to the re-exported defuse_poa_factory crate (via pub use defuse_poa_factory as contract in poa/mod.rs), and the second contract refers to the contract.rs module within that crate where the Role enum is defined. This nested structure is intentional and not a typo.

Likely an incorrect or invalid review comment.

escrow-swap/Cargo.toml (1)

36-43: LGTM! Dev-dependencies properly configured for testing.

The dev-dependencies are well-structured with appropriate features enabled for the test infrastructure.

defuse/tests/intents/simulate.rs (3)

1-1: LGTM! Crate-local import for intent event types.

The import correctly references types from the local crate::intents module for event handling.

23-42: LGTM! Well-organized imports from defuse_tests.

The imports are properly structured, grouping:

  • Contract extensions (account_manager, deployer, intents)
  • Signer utilities
  • Environment and nonce extraction
  • Sandbox API types and extensions
  • Test fixtures

This aligns well with the test-separation refactoring goals.

911-934: Good test for nonce replay protection.

The test properly verifies that simulating an intent with an already-used nonce fails. This is important for ensuring intent replay attacks are prevented.

tests/tests/defuse/intents.rs (2)

21-27: LGTM! Clean test expectation struct.

The TransferCallExpectation struct nicely encapsulates the test parameters for different MT receiver modes, making the parameterized tests readable.

156-187: Comprehensive test coverage for MT receiver scenarios.

The parameterized test cases effectively cover edge cases:

  • AcceptAll: Normal acceptance
  • ReturnValue(300): Partial refund
  • ReturnValue(2000): Malicious over-refund (clamped to original amount)
  • Panic: Receiver failure with full refund
  • LargeReturn: Malicious large return with full refund

This ensures robust handling of various receiver behaviors.

defuse/tests/tokens/nep245/mod.rs (4)

11-18: LGTM! Proper imports for NEP245 multi-token tests.

The imports correctly pull in the required extensions for deploying Defuse instances and performing MT operations.

21-287: Comprehensive multi-token enumeration test.

The test thoroughly validates token enumeration across deposit/withdraw lifecycle, properly handling:

  • Initial state verification
  • Token appearance after deposits
  • Multi-user token ownership tracking
  • Token disappearance after full withdrawal
  • Return to initial state verification

Good use of from_token_index to account for pre-existing persistent state tokens.

379-389: Good range boundary testing.

The nested loop exhaustively tests all valid range combinations for mt_tokens, ensuring the range-based enumeration API works correctly across different start/end indices.

827-873: LGTM! Final balance verification after multiple withdrawals.

The test correctly verifies the cumulative effect of the three withdrawal operations:

  • ft1: 100 - 10 - 10 - 10 = 70
  • ft2: 200 - 0 - 20 - 20 = 160
  • ft3: 300 - 0 - 0 - 30 = 270

This ensures the withdrawal accounting is accurate across multiple operations.

defuse/tests/intents/public_key.rs (1)

11-15: LGTM!

The import reorganization correctly consolidates test utilities under the defuse_tests namespace, aligning with the PR's test separation refactoring. The grouped imports improve readability and reflect the new module structure.

tests/src/env/mod.rs (3)

7-24: LGTM!

The import reorganization properly reflects the new module structure introduced by the contract_extensions and defuse_tests crates. The consolidated imports from defuse_contract_extensions for account management, token operations, and PoA factory extensions align well with the PR's test separation objectives.

254-256: LGTM!

Returning a mutable reference to a struct field is valid in const fn context. This change appropriately tightens the API contract.

64-66: No action required. Sandbox::root() is properly declared as a const fn (sandbox/src/lib.rs:73), so the delegation in this method is valid and will compile correctly.

coderabbitai[bot]
coderabbitai bot reviewed Jan 5, 2026
View reviewed changes
Copy link

@coderabbitai coderabbitai bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Actionable comments posted: 1

Fix all issues with AI Agents 🤖 
In @contract_extensions/src/defuse/nonce.rs:
- Around line 32-35: The call to defuse_contract.current_salt().await uses
expect and panics; replace that with the `?` operator to propagate errors (e.g.,
let salt = defuse_contract.current_salt().await?;) so the enclosing function
(which returns anyhow::Result<Nonce>) returns the error instead of aborting;
ensure any necessary trait bounds/imports for ? are present and no expect
remains for current_salt().
🧹 Nitpick comments (7)
contract_extensions/Cargo.toml (1)

14-25: Consider making test utilities optional or dev-dependencies.

defuse-sandbox, defuse-test-utils, and defuse-randomness appear to be test/sandbox utilities but are declared as regular non-optional dependencies. This means any crate depending on defuse-contract-extensions will transitively pull in these test utilities even in production builds.

Consider either:

  1. Moving them to [dev-dependencies] if only used in tests
  2. Making them optional behind a sandbox or testing feature flag
🔎 Proposed refactor to gate test utilities behind a feature 
 [dependencies]
-defuse-sandbox = {workspace = true}
+defuse-sandbox = {workspace = true, optional = true}
 defuse = {workspace = true, features = ["contract"], optional = true}
 defuse-poa-factory = {workspace = true, features = ["contract"], optional = true}
 defuse-escrow-swap = {workspace = true, features = ["default"], optional = true}
 defuse-core = { workspace = true }
 defuse-serde-utils = { workspace = true }
 defuse-nep245 = { workspace = true }
 near-contract-standards.workspace = true
 near-sdk = { workspace = true }
-defuse-test-utils.workspace = true
-defuse-randomness.workspace = true
+defuse-test-utils = {workspace = true, optional = true}
+defuse-randomness = {workspace = true, optional = true}

 [features]
+default = ["sandbox"]
+sandbox = ["dep:defuse-sandbox", "dep:defuse-test-utils", "dep:defuse-randomness"]
 poa = ["dep:defuse-poa-factory"]
 defuse = ["dep:defuse"]
 escrow = ["dep:defuse-escrow-swap"]
contract_extensions/src/defuse/mod.rs (1)

13-13: Consider documenting the purpose of the contract alias.

The pub use defuse as contract; re-export creates a convenience alias, but its purpose may not be immediately clear to users of this module. Consider adding a doc comment explaining when to use contract vs. directly importing from defuse.

tests/tests/defuse/tokens/nep245.rs (1)

74-74: Remove redundant imports.

The types Amounts and Transfer are already imported at the top of the file (lines 2, 4). This local import inside the test function is unnecessary.

🔎 Proposed fix 
-    use defuse::core::{amounts::Amounts, intents::tokens::Transfer};
-
     let env = Env::builder().deployer_as_super_admin().build().await;
tests/tests/defuse/intents.rs (2)

22-28: Consider whether TransferCallExpectation needs to be public.

The TransferCallExpectation struct is marked as pub, but it appears to only be used within test cases in this file. Unless it's intended for reuse across multiple test modules, it could have module-level visibility instead.

191-193: Move local imports to the top of the file for consistency.

These imports inside the test function could be moved to the file-level imports for better organization and consistency with Rust conventions.

🔎 Proposed fix

Move these imports to the top of the file alongside the other imports, and remove them from inside the function:

 use defuse_contract_extensions::defuse::deployer::DefuseExt;
 use defuse_contract_extensions::defuse::intents::ExecuteIntentsExt;
 use defuse_contract_extensions::defuse::signer::DefaultDefuseSignerExt;
 use defuse_sandbox::extensions::ft::FtViewExt;
 use defuse_sandbox::extensions::mt::MtViewExt;
+use defuse_sandbox::tx::FnCallBuilder;
 use multi_token_receiver_stub::MTReceiverMode;
-use near_sdk::{AccountId, Gas, serde_json};
+use near_sdk::{AccountId, Gas, NearToken, serde_json};
 use rstest::rstest;

Then remove lines 191-193 from inside the function.

contract_extensions/src/defuse/signer.rs (1)

53-76: Consider extracting the 120-second timeout to a constant.

The 120-second deadline appears in both this file (line 63) and nonce.rs (line 30). Extracting to a shared constant would prevent drift.

🔎 Suggested approach 
// In a shared location (e.g., mod.rs or constants module)
pub const DEFAULT_DEADLINE_SECS: u64 = 120;

Then use it in both places:

-let deadline = Deadline::timeout(std::time::Duration::from_secs(120));
+let deadline = Deadline::timeout(std::time::Duration::from_secs(DEFAULT_DEADLINE_SECS));
contract_extensions/src/defuse/nonce.rs (1)

23-56: Consider making unused-self methods into associated or free functions.

Both generate_unique_nonce and create_random_salted_nonce don't use self, yet they're defined as instance methods with a blanket impl for all types. This is an unusual pattern.

If method syntax on a specific type (like SigningAccount) isn't required, these could be standalone functions or associated functions without self:

🔎 Alternative design 
// As standalone functions in a module:
pub async fn generate_unique_nonce(
    defuse_contract: &Account,
    deadline: Option<Deadline>,
) -> anyhow::Result<Nonce> {
    // ... implementation
}

pub fn create_random_salted_nonce(salt: Salt, deadline: Deadline, rng: impl Rng) -> Nonce {
    // ... implementation
}

This would be more idiomatic when self isn't used. However, if the method-call syntax is preferred for ergonomics in test code, the current approach is acceptable.

📜 Review details

Configuration used: defaults

Review profile: CHILL

Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between cdaa611 and ddf4502.

⛔ Files ignored due to path filters (1)
  • Cargo.lock is excluded by !**/*.lock
📒 Files selected for processing (11)
  • contract_extensions/Cargo.toml
  • contract_extensions/src/defuse/mod.rs
  • contract_extensions/src/defuse/nonce.rs
  • contract_extensions/src/defuse/signer.rs
  • tests/src/env/mod.rs
  • tests/src/env/storage.rs
  • tests/src/lib.rs
  • tests/tests/defuse/intents.rs
  • tests/tests/defuse/tokens/nep141.rs
  • tests/tests/defuse/tokens/nep171.rs
  • tests/tests/defuse/tokens/nep245.rs
🚧 Files skipped from review as they are similar to previous changes (2)
  • tests/tests/defuse/tokens/nep141.rs
  • tests/src/env/storage.rs
🧰 Additional context used
🧬 Code graph analysis (8)
tests/tests/defuse/tokens/nep171.rs (2)
tests/src/env/mod.rs (1)
  • builder (57-59)
contract_extensions/src/defuse/signer.rs (1)
  • sign_defuse_payload_default (55-74)
tests/src/lib.rs (2)
escrow-swap/tests/helpers/mod.rs (1)
  • env (26-28)
tests/src/env/mod.rs (1)
  • sandbox (251-253)
tests/tests/defuse/tokens/nep245.rs (5)
sandbox/src/account.rs (1)
  • signer (131-133)
escrow-swap/tests/helpers/mod.rs (1)
  • env (26-28)
near-utils/src/panic_on_clone.rs (1)
  • core (26-26)
contract_extensions/src/defuse/intents.rs (1)
  • intents (53-53)
tests/src/env/storage.rs (1)
  • tokens (230-233)
tests/tests/defuse/intents.rs (3)
contract_extensions/src/defuse/intents.rs (1)
  • intents (53-53)
escrow-swap/tests/helpers/mod.rs (1)
  • env (26-28)
tests/src/env/mod.rs (2)
  • create_user (137-148)
  • create_token (104-112)
contract_extensions/src/defuse/signer.rs (3)
contract_extensions/src/defuse/intents.rs (1)
  • intents (53-53)
core/src/payload/mod.rs (1)
  • nonce (60-62)
deadline/src/lib.rs (1)
  • timeout (44-46)
contract_extensions/src/defuse/nonce.rs (3)
test-utils/src/random.rs (1)
  • random (82-84)
core/src/payload/mod.rs (1)
  • nonce (60-62)
deadline/src/lib.rs (1)
  • timeout (44-46)
contract_extensions/src/defuse/mod.rs (1)
core/src/payload/mod.rs (1)
  • nonce (60-62)
tests/src/env/mod.rs (2)
escrow-swap/tests/helpers/mod.rs (1)
  • env (26-28)
randomness/src/lib.rs (1)
  • make_true_rng (16-18)
🔇 Additional comments (18)
contract_extensions/Cargo.toml (2)

27-30: LGTM on feature definitions.

The feature flags correctly use the dep: syntax to enable optional dependencies, which is the modern Cargo convention for avoiding implicit feature names.

8-9: The cdylib crate type is consistent with the workspace pattern and is intentional.

All contract-related crates in the repository (poa-factory, escrow-swap, defuse, poa-token, and others) use crate-type = ["cdylib", "rlib"]. This is a standard workspace convention and should remain unchanged.

Likely an incorrect or invalid review comment.

tests/src/env/mod.rs (5)

7-26: LGTM! Import reorganization aligns with the refactoring objectives.

The import consolidation successfully moves contract extensions to the defuse_contract_extensions namespace and introduces the necessary trait imports (GenerateNonceExt, PoAFactoryExt) for the updated method calls later in the file.

255-257: LGTM! Simple const accessor for sandbox.

The const fn conversion for sandbox_mut is straightforward since it only returns a mutable reference to a field.

96-102: The poa_factory_deploy_token method exists in PoAFactoryExt with the correct signature and the method call passes valid arguments. No issues found.

69-72: Actual trait method signature differs from expected.

The GenerateNonceExt::generate_unique_nonce trait method signature is:

async fn generate_unique_nonce(
    &self,
    defuse_contract: &Account,
    deadline: Option<Deadline>,
) -> anyhow::Result<Nonce>

The second parameter is defuse_contract: &Account, not account: &AccountIdRef as stated in the verification request. The code at lines 69-72 correctly passes &self.defuse (an Account reference), which matches the actual trait signature.

Likely an incorrect or invalid review comment.

65-67: No action required — Sandbox::root() is already a const function.

The const fn constraint is satisfied. Sandbox::root() in sandbox/src/lib.rs (line 73) is correctly defined as pub const fn root(&self) -> &SigningAccount, returning a reference without any blocking operations. The change at line 65 compiles correctly.

contract_extensions/src/defuse/mod.rs (1)

7-7: LGTM! New nonce module added.

The addition of the nonce module aligns with the PR's goal of consolidating contract extensions.

tests/src/lib.rs (1)

3-7: LGTM! Test utilities consolidated effectively.

The new env module and re-exports provide a clean, unified interface for test utilities, aligning well with the PR's objective of test separation and consolidation.

tests/tests/defuse/tokens/nep245.rs (2)

11-23: LGTM! Imports successfully migrated to new workspace structure.

The updated imports correctly reference the new defuse_contract_extensions and defuse_tests namespaces, supporting the PR's test separation objectives.

634-808: Test function is very long but adequately handles complex scenario.

The test mt_transfer_call_duplicate_tokens_with_stub_execute_and_refund is marked with #[allow(clippy::too_many_lines)], which is appropriate given the complexity of testing duplicate token transfers with stub execution and refund logic. The test thoroughly validates the expected behavior across multiple token types and refund scenarios.

tests/tests/defuse/tokens/nep171.rs (1)

1-209: LGTM! Well-structured NEP171 NFT transfer tests.

This new test file provides comprehensive coverage of NFT transfer scenarios using parameterized tests. The test cases cover success paths (nothing_to_refund), partial refunds, error conditions (receiver_panics), and security scenarios (malicious_receiver). The use of rstest for parameterization and the clear expectation struct make the tests maintainable and easy to understand.

tests/tests/defuse/intents.rs (2)

1-21: LGTM! Imports successfully updated for new workspace structure.

The imports have been correctly updated to reference defuse_contract_extensions and defuse_tests, supporting the PR's objective of consolidating test utilities.

202-210: LGTM! Inline deployment simplifies test setup.

The refactoring to use env.deploy_sub_contract directly within the test improves readability and makes the test setup more explicit.

contract_extensions/src/defuse/signer.rs (2)

1-22: LGTM!

The trait design is clean. The DefuseSignerExt trait appropriately abstracts the signing behavior with a generic message type bounded by Serialize.

24-51: LGTM!

The implementation correctly constructs the Nep413Payload and delegates signing. The .unwrap() calls are acceptable in this sandbox/test utility context.

contract_extensions/src/defuse/nonce.rs (2)

1-9: LGTM!

The imports are appropriate for the sandbox/test extension context.

11-21: LGTM!

The trait design is clean. The clone on line 18 may be necessary if extract_defuse_payload consumes self.

contract_extensions/src/defuse/nonce.rs
Comment on lines +32 to +35
let salt = defuse_contract
.current_salt()
.await
.expect("should be able to fetch salt");
Copy link

@coderabbitai coderabbitai bot Jan 5, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

⚠️ Potential issue | 🟡 Minor

Use ? instead of expect for consistent error handling.

The function returns anyhow::Result<Nonce>, so the error should be propagated with ? rather than panicking with expect.

🔎 Proposed fix 
         let salt = defuse_contract
             .current_salt()
             .await
-            .expect("should be able to fetch salt");
+            .map_err(|e| anyhow::anyhow!("failed to fetch salt: {e}"))?;

Or if current_salt() already returns an anyhow::Result:

-            .expect("should be able to fetch salt");
+?;
📝 Committable suggestion

‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.

Suggested change
let salt = defuse_contract
.current_salt()
.await
.expect("should be able to fetch salt");
let salt = defuse_contract
.current_salt()
.await
.map_err(|e| anyhow::anyhow!("failed to fetch salt: {e}"))?;
🤖 Prompt for AI Agents 
In @contract_extensions/src/defuse/nonce.rs around lines 32-35, The call to
defuse_contract.current_salt().await uses expect and panics; replace that with
the `?` operator to propagate errors (e.g., let salt =
defuse_contract.current_salt().await?;) so the enclosing function (which returns
anyhow::Result<Nonce>) returns the error instead of aborting; ensure any
necessary trait bounds/imports for ? are present and no expect remains for
current_salt().

coderabbitai[bot]
coderabbitai bot reviewed Jan 7, 2026
View reviewed changes
Copy link

@coderabbitai coderabbitai bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Actionable comments posted: 0

🧹 Nitpick comments (1)
Cargo.toml (1)

37-37: Consider maintaining alphabetical order in workspace members.

The workspace members list is not fully alphabetized. "contract_extensions" appears after "wnear", while "tests" appears earlier between "serde-utils" and "test-utils". Consider moving "contract_extensions" to maintain alphabetical ordering for better maintainability.

📝 Suggested ordering 
     "bitmap",
     "borsh-utils",
+    "contract_extensions",
     "controller",

And keep "tests" in its current position.

📜 Review details

Configuration used: defaults

Review profile: CHILL

Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between 1906b5d and 5e2e210.

📒 Files selected for processing (2)
  • Cargo.toml
  • rust-toolchain
⏰ Context from checks skipped due to timeout of 90000ms. You can increase the timeout in your CodeRabbit configuration to a maximum of 15 minutes (900000ms). (8)
  • GitHub Check: Check
  • GitHub Check: Shared / Static Analysis (intents-poa-token, contract, near, poa-token, 1, ., 1.18, false, --filter-paths ...
  • GitHub Check: Shared / Static Analysis (intents-poa-factory, contract, near, poa-factory, 1, ., 1.18, false, --filter-pa...
  • GitHub Check: Shared / Static Analysis (intents-contract, contract, near, defuse, 1, ., 1.18, false, --filter-paths "nod...
  • GitHub Check: Shared security analysis / Static Analysis (intents-poa-factory, contract, near, poa-factory, 1, ., 1.18, false, --filter-pa...
  • GitHub Check: Shared security analysis / Static Analysis (intents-contract, contract, near, defuse, 1, ., 1.18, false, --filter-paths "nod...
  • GitHub Check: Shared security analysis / Static Analysis (intents-poa-token, contract, near, poa-token, 1, ., 1.18, false, --filter-paths ...
  • GitHub Check: Security Audit - report
🔇 Additional comments (3)
Cargo.toml (2)

45-45: LGTM! Rust version is consistent with rust-toolchain.

The rust-version correctly matches the toolchain channel specified in the rust-toolchain file.

80-80: LGTM! Path dependencies are correctly specified.

The new workspace dependencies for defuse-contract-extensions and defuse-tests are properly configured with correct paths.

Also applies to: 84-84

rust-toolchain (1)

2-2: Rust 1.87.0 is a valid stable release (released May 15, 2025).

Be aware that this version removes support for the i586-pc-windows-msvc target. If the project targets this platform, this is a breaking change to address.

coderabbitai[bot]
coderabbitai bot reviewed Jan 7, 2026
View reviewed changes
Copy link

@coderabbitai coderabbitai bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Actionable comments posted: 2

🤖 Fix all issues with AI agents 
In @Cargo.toml:
- Line 80: Update the path value for the defuse-contract-extensions workspace
member in Cargo.toml to match the renamed directory: change the current
defuse-contract-extensions.path entry that references "contract_extensions" so
it points to the kebab-case directory name "contract-extensions" (i.e., update
the string value for defuse-contract-extensions.path).
- Line 37: The workspace member currently declared as "contract_extensions" uses
snake_case and is out of alphabetical order; rename the directory to kebab-case
("contract-extensions"), update the member declaration in Cargo.toml from
"contract_extensions" to "contract-extensions", and move that entry into its
correct alphabetical position among the other members (so it follows the
ordering pattern established by entries like "contract-api" and "contracts" as
appropriate). Ensure the filesystem directory is also renamed to
contract-extensions to match the Cargo.toml change.
🧹 Nitpick comments (1)
.github/workflows/ci.yml (1)

74-74: [email protected] is valid; consider evaluating the newer 0.18.0 release.

Version 0.17.0 is published and not yanked. However, version 0.18.0 was released on January 1, 2026, just 11 days ago. Evaluate whether to upgrade to 0.18.0 depending on the changes it includes (breaking changes, bug fixes, etc.). The current pinning to 0.17.0 is sound for reproducibility; the upgrade is optional.

📜 Review details

Configuration used: defaults

Review profile: CHILL

Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between 5e2e210 and b59e874.

📒 Files selected for processing (2)
  • .github/workflows/ci.yml
  • Cargo.toml
⏰ Context from checks skipped due to timeout of 90000ms. You can increase the timeout in your CodeRabbit configuration to a maximum of 15 minutes (900000ms). (10)
  • GitHub Check: Security Audit - deny
  • GitHub Check: Build
  • GitHub Check: Build Reproducible
  • GitHub Check: Shared / Static Analysis (intents-contract, contract, near, defuse, 1, ., 1.18, false, --filter-paths "nod...
  • GitHub Check: Shared / Static Analysis (intents-poa-token, contract, near, poa-token, 1, ., 1.18, false, --filter-paths ...
  • GitHub Check: Shared / Static Analysis (intents-poa-factory, contract, near, poa-factory, 1, ., 1.18, false, --filter-pa...
  • GitHub Check: Shared security analysis / Static Analysis (intents-poa-token, contract, near, poa-token, 1, ., 1.18, false, --filter-paths ...
  • GitHub Check: Shared security analysis / Static Analysis (intents-contract, contract, near, defuse, 1, ., 1.18, false, --filter-paths "nod...
  • GitHub Check: Shared security analysis / Static Analysis (intents-poa-factory, contract, near, poa-factory, 1, ., 1.18, false, --filter-pa...
  • GitHub Check: Security Audit - report
🔇 Additional comments (1)
Cargo.toml (1)

84-84: LGTM!

The defuse-tests workspace dependency correctly corresponds to the existing "tests" workspace member declared on line 31.

Cargo.toml
"token-id",
"ton-connect",
"wnear",
"contract_extensions",
Copy link

@coderabbitai coderabbitai bot Jan 7, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

⚠️ Potential issue | 🟠 Major

Use kebab-case for directory name to maintain consistency.

The new workspace member "contract_extensions" uses snake_case, which is inconsistent with all other workspace members that use kebab-case (e.g., "admin-utils", "auth-call", "escrow-swap").

Additionally, the member is placed at the end of the list, breaking the alphabetical ordering maintained in lines 4-36.

📝 Proposed fix
  1. Rename the directory from contract_extensions to contract-extensions
  2. Update the member declaration and move it to its alphabetical position:
     "borsh-utils",
+    "contract-extensions",
     "controller",
     "core",

And remove from the end:

     "wnear",
-    "contract_extensions",
 ]

Committable suggestion skipped: line range outside the PR's diff.

🤖 Prompt for AI Agents 
In @Cargo.toml at line 37, The workspace member currently declared as
"contract_extensions" uses snake_case and is out of alphabetical order; rename
the directory to kebab-case ("contract-extensions"), update the member
declaration in Cargo.toml from "contract_extensions" to "contract-extensions",
and move that entry into its correct alphabetical position among the other
members (so it follows the ordering pattern established by entries like
"contract-api" and "contracts" as appropriate). Ensure the filesystem directory
is also renamed to contract-extensions to match the Cargo.toml change.

Cargo.toml
"text",
] }
defuse-wnear.path = "wnear"
defuse-contract-extensions.path = "contract_extensions"
Copy link

@coderabbitai coderabbitai bot Jan 7, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

⚠️ Potential issue | 🟠 Major

Update path to match the corrected directory name.

Once the directory is renamed to use kebab-case (see comment on line 37), update this path accordingly.

📝 Proposed fix 
-defuse-contract-extensions.path = "contract_extensions"
+defuse-contract-extensions.path = "contract-extensions"
📝 Committable suggestion

‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.

Suggested change
defuse-contract-extensions.path = "contract_extensions"
defuse-contract-extensions.path = "contract-extensions"
🤖 Prompt for AI Agents 
In @Cargo.toml at line 80, Update the path value for the
defuse-contract-extensions workspace member in Cargo.toml to match the renamed
directory: change the current defuse-contract-extensions.path entry that
references "contract_extensions" so it points to the kebab-case directory name
"contract-extensions" (i.e., update the string value for
defuse-contract-extensions.path).

pityjllk
pityjllk requested changes Jan 8, 2026
View reviewed changes
contract_extensions/Cargo.toml
Comment on lines +28 to +30
poa = ["dep:defuse-poa-factory"]
defuse = ["dep:defuse"]
escrow = ["dep:defuse-escrow-swap"] No newline at end of file
Copy link
Collaborator

@pityjllk pityjllk Jan 8, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

i would enable all features by default

escrow-swap/tests/partial_fills.rs

#[rstest]
#[tokio::test]
async fn partial_fills(#[future(awt)] env: Env) {
Copy link
Collaborator

@pityjllk pityjllk Jan 8, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

i think concsensus was to move all the e2e tests to defuse-tests crate?

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@coderabbitai coderabbitai[bot] coderabbitai[bot] left review comments

@pityjllk pityjllk pityjllk requested changes

Requested changes must be addressed to merge this pull request.

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@hlgltvnnk @pityjllk