chore: filter attestations by hash and payload

[williamrusdyputra]

resolves: https://github.com/trufnetwork/trufscan/issues/141

Summary by CodeRabbit

• New Features

  • Added optional filters to attestation queries: filter by attestation hash and by result canonical, giving more granular attestation search alongside existing filters.

• Tests

  • Added integration tests covering filtering by attestation hash and by result canonical to validate the new query options.

_{✏️ Tip: You can customize this high-level summary in your review settings.}

[coderabbitai]

Walkthrough

Extended listAttestations to accept optional byte filters attestation_hash and result_canonical, wire them through to the contract view, and add integration tests that validate filtering by those fields. No other API signatures changed.

Changes

Cohort / File(s)	Change Summary
API Filter Extension src/contracts-api/attestationAction.ts	listAttestations now accepts attestation_hash and result_canonical (as bytes) and forwards them to the contract view; docs/comments updated accordingly.
Input Type Enhancement src/types/attestation.ts	Added optional fields to ListAttestationsInput: attestationHash?: Uint8Array and resultCanonical?: Uint8Array; validation tests updated to include them.
Integration Tests tests/integration/attestation.test.ts	Added tests: filter by attestation hash and filter by result canonical (extracting canonical payload from signed result) to exercise new filters.

Sequence Diagram(s)

sequenceDiagram
  participant Client
  participant SDK as SDK (listAttestations)
  participant ContractView as Contract View

  rect rgba(60,179,113,0.08)
    note right of SDK: new optional byte filters
  end

  Client->>SDK: listAttestations(filters: requester?, requestTxId?, attestationHash?, resultCanonical?, ...)
  SDK->>ContractView: viewListAttestations({ requester, request_tx_id, attestation_hash, result_canonical, ... })
  ContractView-->>SDK: attestations[]
  SDK-->>Client: attestations[]

Loading

Estimated code review effort

🎯 3 (Moderate) | ⏱️ ~20 minutes

• Verify correct encoding/typing when converting optional Uint8Array fields into view parameters.
• Check integration tests for reliable extraction of result_canonical (signature stripping) and deterministic assertions.

Possibly related PRs

• fix: view list_attestations on example #138 — Edits the same listAttestations flow; related changes around byte parameter passing.
• chore: filter attestation list by transaction id #143 — Also extends ListAttestationsInput and listAttestations forwarding logic.

Suggested reviewers

• outerlook
• MicBun

Poem

🐇
I hopped through code and found a trace,
Two tiny bytes to help the chase.
Hash and canon now lead the way,
Attestations found—hip hip hooray! 🥕

Pre-merge checks and finishing touches

✅ Passed checks (5 passed)

Check name	Status	Explanation
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.
Title check	✅ Passed	The title accurately summarizes the main changes: adding filter capabilities for attestations by hash and payload.
Linked Issues check	✅ Passed	The PR implements the required objective from issue #141 by adding attestationHash and resultCanonical filters to enable searching attestations by hash and payload.
Out of Scope Changes check	✅ Passed	All changes are directly related to the objective of adding attestation filtering by hash and payload; no unrelated modifications were introduced.
Docstring Coverage	✅ Passed	No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.

✨ Finishing touches

• 📝 Generate docstrings

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Post copyable unit tests in a comment
• Commit unit tests in branch chore/filter-by-hash-payload

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[coderabbitai]

Actionable comments posted: 1

🧹 Nitpick comments (1)

src/types/attestation.ts (1)

480-494: Unit tests look good, but consider adding size validation.

The tests properly verify that the validation function accepts the new filter fields. However, unlike requester (which validates exactly 20 bytes at line 280-282), there's no size validation for attestationHash or resultCanonical.

If you want to add defensive validation (optional), consider:

   // Validate requester length
   if (input.requester !== undefined) {
     if (input.requester.length !== 20) {
       throw new Error('requester must be exactly 20 bytes');
     }
   }
+
+  // Validate attestationHash length (if you want strict validation)
+  if (input.attestationHash !== undefined) {
+    if (input.attestationHash.length !== 32) {
+      throw new Error('attestationHash must be exactly 32 bytes');
+    }
+  }
+
+  // Note: resultCanonical can be variable length, so no validation needed
 
   // Validate orderBy

This is optional since the backend likely handles invalid sizes gracefully, but it provides earlier error detection.

📜 Review details

Configuration used: CodeRabbit UI

Review profile: CHILL

Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between 7dc98dd and f4e1fa5.

📒 Files selected for processing (3)

• src/contracts-api/attestationAction.ts (2 hunks)
• src/types/attestation.ts (3 hunks)
• tests/integration/attestation.test.ts (1 hunks)

🧰 Additional context used

🧬 Code graph analysis (1)

tests/integration/attestation.test.ts (1)

tests/integration/utils.ts (1)

• testWithDefaultWallet (9-11)

⏰ Context from checks skipped due to timeout of 90000ms. You can increase the timeout in your CodeRabbit configuration to a maximum of 15 minutes (900000ms). (1)

• GitHub Check: test

🔇 Additional comments (5)

src/contracts-api/attestationAction.ts (2)

219-220: LGTM! Documentation accurately reflects the new filters.

The documentation has been properly updated to mention filtering by attestation hash and result canonical bytes.

---

257-258: LGTM! Parameter handling is consistent.

The new filter parameters follow the established pattern of using new Uint8Array(0) to represent null BYTEA values, which is consistent with the requester parameter handling.

tests/integration/attestation.test.ts (1)

412-447: LGTM! Attestation hash filtering test is well-implemented.

The test properly validates the new attestation hash filter by:

1. Retrieving an existing attestation to obtain a valid hash
2. Filtering attestations by that hash
3. Verifying all returned results match the filter criteria

src/types/attestation.ts (2)

103-113: LGTM! New filter fields are properly documented.

The new optional filter fields are well-defined with clear documentation and appropriate types.

---

466-468: LGTM! Test data properly covers the new fields.

The test data has been updated to include the new filter parameters, ensuring validation works correctly with all fields present.

[holdex]

Time Submission Status

Member	Status	Time	Action	Last Update
williamrusdyputra	✅ Submitted	1h	Update time	Nov 20, 2025, 5:51 AM
MicBun	✅ Submitted	10min	Update time	Nov 20, 2025, 6:04 AM

[coderabbitai]

Actionable comments posted: 0

🧹 Nitpick comments (1)

tests/integration/attestation.test.ts (1)

449-511: Tighten resultCanonical test so it always asserts the filter behavior

This test now correctly derives resultCanonical from the signed payload and uses it in listAttestations({ resultCanonical }), which addresses the earlier gap. However, if a signed payload is never obtained within the loop, the else branch only logs and the test exits without any assertion, so the filter behavior might never actually be validated while the test still passes.

To ensure the test always verifies the filter when the feature is broken, you can fail fast if a valid signed payload isn’t obtained, and drop the silent “skip” path. For example:

-        let signed = null;
+        let signed = null;
         for (let i = 0; i < 10; i++) {
           try {
             signed = await attestationAction.getSignedAttestation({
               requestTxId: requestResult.requestTxId,
             });
             if (signed.payload && signed.payload.length > 65) break;
           } catch (e) {
             await new Promise((resolve) => setTimeout(resolve, 2000));
           }
         }
 
-        if (signed && signed.payload) {
+        // Ensure we actually obtained a canonical+signature payload
+        expect(signed && signed.payload && signed.payload.length > 65).toBe(true);
+
+        if (signed && signed.payload && signed.payload.length > 65) {
           // Extract result_canonical from payload (payload = canonical + signature)
           // The canonical portion is everything except the last 65 bytes
           const resultCanonical = signed.payload.slice(0, -65);
@@
-          console.log(`Result canonical filter test completed: found ${filtered.length} attestation(s)`);
-        } else {
-          console.log("Attestation not signed yet, skipping result_canonical filter test");
-        }
+          console.log(`Result canonical filter test completed: found ${filtered.length} attestation(s)`);
+        }

This keeps the polling logic but guarantees the test will fail (and therefore actually protect the feature) if a valid signed attestation is never produced.

📜 Review details

Configuration used: CodeRabbit UI

Review profile: CHILL

Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between f4e1fa5 and ef9f303.

📒 Files selected for processing (1)

• tests/integration/attestation.test.ts (1 hunks)

🧰 Additional context used

🧬 Code graph analysis (1)

tests/integration/attestation.test.ts (1)

tests/integration/utils.ts (1)

• testWithDefaultWallet (9-11)

⏰ Context from checks skipped due to timeout of 90000ms. You can increase the timeout in your CodeRabbit configuration to a maximum of 15 minutes (900000ms). (1)

• GitHub Check: test

🔇 Additional comments (1)

tests/integration/attestation.test.ts (1)

412-447: Attestation-hash filter test is well structured and verifies behavior end-to-end

This test exercises the attestationHash filter in a realistic way: it derives a concrete hash from an existing attestation, re-queries with that hash, and then asserts that all returned attestations share exactly the same hash. That gives solid coverage of the new filter behavior and handles the “no attestations yet” case gracefully with logging.