Add walnut flag to sozo execute and migrate apply commands

[barabanovro]

Description

This PR introduces the --walnut flag, enhancing both the sozo execute and sozo migrate apply commands:

• For the sozo execute command: When this flag is provided, it will output a link to the Walnut page with the transaction, allowing users to debug it.
• For the sozo migrate apply command: When this flag is provided, it will verify the classes declared during migration.

Related issue

Tests

• Yes
• No, because they aren't needed
• No, because I need help

Added to documentation?

• README.md
• Dojo Book
• No documentation needed

Checklist

• I've formatted my code (scripts/prettier.sh, scripts/rust_fmt.sh, scripts/cairo_fmt.sh)
• I've linted my code (scripts/clippy.sh, scripts/docs.sh)
• I've commented my code
• I've requested a review after addressing the comments

Summary by CodeRabbit

• New Features

  • Introduced a new debugging feature for transactions with the --walnut flag, enhancing the debugging capabilities of the Dojo application.
  • Added new optional parameters for various functions to support remote procedure call (RPC) URLs, improving transaction handling and flexibility.
  • Integrated the WalnutDebugger struct for enhanced debugging and verification of Starknet transactions.

• Bug Fixes

  • Enhanced authorization functions to include additional parameters for improved transaction management.

• Documentation

  • Updated documentation to reflect new parameters and features, providing clarity on their usage.

• Chores

  • Updated configuration files for the workspace and examples to align with new dependencies and RPC settings.

[barabanovro]

Could you please advise on the most appropriate way to pass the RPC URL to the following location in the code: /~https://github.com/walnuthq/dojo/blob/f4e27124e0127a0f6d3fe025c08784899e294692/crates/sozo/ops/src/utils.rs#L114

[lambda-0x]

Could you please advise on the most appropriate way to pass the RPC URL to the following location in the code: /~https://github.com/walnuthq/dojo/blob/f4e27124e0127a0f6d3fe025c08784899e294692/crates/sozo/ops/src/utils.rs#L114

Provider trait doesn't provide a way to get the url, so we would need to explicitly pass it from StarknetOptions

[lambda-0x]

@glihm do you think we want to add this integration?

[glihm]

@glihm do you think we want to add this integration?

We are working with @barabanovro and walnut team to integrate walnut debugger on dojo yes. The idea is to provide a way users can debug step by step their contract execution.

@barabanovro however this PR depends on the branch on my fork that is containing the debug info from the sierra. I'll open a branch tomorrow on dojo and your PR should target this branch. 👍

[barabanovro]

I have made changes to pass the RPC URL from StarknetOptions

[glihm]

@barabanovro just changed the base branch, which is rebased on main. 👍

[kariy]

i know this pr is still work in progress, but just left a lil comment about the arg placement

[kariy]

i think we should make setting --walnut also implies using --wait without having to specify it manually.

[barabanovro]

I can't lint my code with scripts/clippy.sh, I am getting an error related to the code that I haven't modified

error: first doc comment paragraph is too long
  --> crates/katana/tasks/src/lib.rs:92:1
   |
92 | / /// A thread-pool for spawning blocking tasks . This is a simple wrapper around *rayon*'s
93 | | /// thread-pool. This is mainly for executing expensive CPU-bound tasks. For spawing blocking
94 | | /// IO-bound tasks, use [TokioTaskSpawner::spawn_blocking] instead.
95 | | ///
96 | | /// Refer to the [CPU-bound tasks and blocking code] section of the *tokio* docs and this [blog
   | |_
   |
   = help: for further information visit https://rust-lang.github.io/rust-clippy/master/index.html#too_long_first_doc_paragraph
   = note: `-D clippy::too-long-first-doc-paragraph` implied by `-D warnings`
   = help: to override `-D warnings` add `#[allow(clippy::too_long_first_doc_paragraph)]`

error: could not compile `katana-tasks` (lib) due to 1 previous error
warning: build failed, waiting for other jobs to finish...

[barabanovro]

@kariy, thanks for the comments, I have addressed them. The PR is ready for review. I am still debugging the issue with inconsistent class hashes, however, no significant changes are expected.

[glihm]

I can't lint my code with scripts/clippy.sh, I am getting an error related to the code that I haven't modified

error: first doc comment paragraph is too long
  --> crates/katana/tasks/src/lib.rs:92:1
   |
92 | / /// A thread-pool for spawning blocking tasks . This is a simple wrapper around *rayon*'s
93 | | /// thread-pool. This is mainly for executing expensive CPU-bound tasks. For spawing blocking
94 | | /// IO-bound tasks, use [TokioTaskSpawner::spawn_blocking] instead.
95 | | ///
96 | | /// Refer to the [CPU-bound tasks and blocking code] section of the *tokio* docs and this [blog
   | |_
   |
   = help: for further information visit https://rust-lang.github.io/rust-clippy/master/index.html#too_long_first_doc_paragraph
   = note: `-D clippy::too-long-first-doc-paragraph` implied by `-D warnings`
   = help: to override `-D warnings` add `#[allow(clippy::too_long_first_doc_paragraph)]`

error: could not compile `katana-tasks` (lib) due to 1 previous error
warning: build failed, waiting for other jobs to finish...

Should be now fixed if you rebase.

[kariy]

@barabanovro can you pls rebase to main after that we should be good to go. the debug stuff have been merged on main #2392.

[coderabbitai]

Walkthrough

Ohayo, sensei! The changes introduce the sozo-walnut module, enhancing the Dojo framework with debugging capabilities for Starknet transactions. Key modifications include updates to various functions to accommodate new parameters for remote procedure calls (RPC) and improved handling of debug information. Configuration files were updated to reflect new dependencies and settings, enhancing the project's structure and modularity.

Changes

File(s)	Change Summary
Cargo.toml, crates/dojo-world/Cargo.toml	Added sozo-walnut module to workspace members, defined new dependencies including walkdir, and updated walkdir dependency to workspace configuration in dojo-world.
bin/sozo/src/commands/auth.rs, execute.rs, register.rs	Enhanced asynchronous functions to include new parameters for handling RPC URLs and improved parameter handling for authorization and transaction options.
crates/sozo/ops/src/utils.rs, migration/auto_auth.rs	Modified functions to accept a reference to WalnutDebugger, improving debugging capabilities during transaction processing.
crates/sozo/walnut/*	Introduced new files for the sozo-walnut module, including functionality for transaction debugging and verification processes, along with utility functions for managing API keys and URLs.
crates/sozo/ops/src/tests/auth.rs	Updated test functions to include optional parameters, enhancing flexibility in testing scenarios.

Sequence Diagram(s)

sequenceDiagram
    participant User
    participant Sozo
    participant WalnutAPI
    participant RPC

    User->>Sozo: Execute command with --walnut flag
    Sozo->>WalnutAPI: Upload source code for verification
    WalnutAPI->>Sozo: Verification result
    Sozo->>RPC: Handle transaction
    RPC->>Sozo: Transaction result
    Sozo->>User: Display result and debug link

Loading

Possibly related PRs

• fix: fix sozo issues with migration on sepolia #2398: Enhancements to the migration process within the Sozo framework, directly related to the modifications made in this PR regarding the Cargo.toml file and the integration of new dependencies and modules, including sozo-walnut.

---

Recent review details

Configuration used: .coderabbit.yaml
Review profile: CHILL

Commits

Files that changed from the base of the PR and between 122f717 and f780cc9.

Files ignored due to path filters (3)

• Cargo.lock is excluded by !**/*.lock
• spawn-and-move-db.tar.gz is excluded by !**/*.gz
• types-test-db.tar.gz is excluded by !**/*.gz

Files selected for processing (7)

• crates/sozo/ops/src/migration/mod.rs (5 hunks)
• crates/sozo/ops/src/tests/model.rs (1 hunks)
• crates/sozo/walnut/src/debugger.rs (1 hunks)
• crates/sozo/walnut/src/lib.rs (1 hunks)
• crates/sozo/walnut/src/transaction.rs (1 hunks)
• crates/sozo/walnut/src/utils.rs (1 hunks)
• crates/sozo/walnut/src/verification.rs (1 hunks)

Files skipped from review due to trivial changes (1)

• crates/sozo/walnut/src/verification.rs

Files skipped from review as they are similar to previous changes (4)

• crates/sozo/ops/src/tests/model.rs
• crates/sozo/walnut/src/debugger.rs
• crates/sozo/walnut/src/lib.rs
• crates/sozo/walnut/src/transaction.rs

Additional comments not posted (4)

crates/sozo/walnut/src/utils.rs (1)

5-7: Ensure robust error handling for API key retrieval.

The function walnut_get_api_key retrieves the API key from an environment variable and correctly handles the case where it is missing by returning a custom error. This is a good practice as it ensures that the application can gracefully handle missing configuration.

crates/sozo/ops/src/migration/mod.rs (3)

138-139: Proper initialization of WalnutDebugger.

The WalnutDebugger is initialized with the txn_config.walnut flag and the RPC URL. This setup ensures that the debugger is only activated when explicitly requested, which is a prudent approach to avoid unintended side effects during migrations.

---

222-224: Ensure API key verification for WalnutDebugger.

The conditional API key verification based on the txn_config.walnut flag is a secure practice. It prevents the debugger from being used without proper authorization, aligning with security best practices.

---

376-378: Verify migration strategy with WalnutDebugger.

The integration of WalnutDebugger to verify the migration strategy is a significant enhancement. This step ensures that the migration strategy is validated against expected parameters, providing an additional layer of assurance before the migration is finalized.

---

Thank you for using CodeRabbit. We offer it for free to the OSS community and would appreciate your support in helping us grow. If you find it useful, would you consider giving us a shout-out on your favorite social media?

Share

• X
• Mastodon
• Reddit
• LinkedIn

Tips

Chat

There are 3 ways to chat with CodeRabbit:

• Review comments: Directly reply to a review comment made by CodeRabbit. Example:
  • I pushed a fix in commit <commit_id>.
  • Generate unit testing code for this file.
  • Open a follow-up GitHub issue for this discussion.
• Files and specific lines of code (under the "Files changed" tab): Tag @coderabbitai in a new review comment at the desired location with your query. Examples:
  • @coderabbitai generate unit testing code for this file.
  • @coderabbitai modularize this function.
• PR comments: Tag @coderabbitai in a new PR comment to ask questions about the PR branch. For the best results, please provide a very specific query, as very limited context is provided in this mode. Examples:
  • @coderabbitai generate interesting stats about this repository and render them as a table.
  • @coderabbitai show all the console.log statements in this repository.
  • @coderabbitai read src/utils.ts and generate unit testing code.
  • @coderabbitai read the files in the src/scheduler package and generate a class diagram using mermaid and a README in the markdown format.
  • @coderabbitai help me debug CodeRabbit configuration file.

Note: Be mindful of the bot's finite context window. It's strongly recommended to break down tasks such as reading entire modules into smaller chunks. For a focused discussion, use review comments to chat about specific files and their changes, instead of using the PR comments.

CodeRabbit Commands (Invoked using PR comments)

• @coderabbitai pause to pause the reviews on a PR.
• @coderabbitai resume to resume the paused reviews.
• @coderabbitai review to trigger an incremental review. This is useful when automatic reviews are disabled for the repository.
• @coderabbitai full review to do a full review from scratch and review all the files again.
• @coderabbitai summary to regenerate the summary of the PR.
• @coderabbitai resolve resolve all the CodeRabbit review comments.
• @coderabbitai configuration to show the current CodeRabbit configuration for the repository.
• @coderabbitai help to get help.

Other keywords and placeholders

• Add @coderabbitai ignore anywhere in the PR description to prevent this PR from being reviewed.
• Add @coderabbitai summary to generate the high-level summary at a specific location in the PR description.
• Add @coderabbitai anywhere in the PR title to generate the title automatically.

Documentation and Community

• Visit our Documentation for detailed information on how to use CodeRabbit.
• Join our Discord Community to get help, request features, and share feedback.
• Follow us on X/Twitter for updates and announcements.

[coderabbitai]

Actionable comments posted: 7

Outside diff range, codebase verification and nitpick comments (5)

crates/sozo/ops/src/account.rs (1)

Line range hint 251-281: Ensure consistent handling of the walnut flag in transaction configurations.

Ohayo, sensei! The addition of the walnut flag to the TxnAction::Send variant is a crucial update. It's important to ensure that this flag is consistently handled across different parts of the transaction configuration to avoid any discrepancies or unintended behaviors.

Consider verifying that the walnut flag is appropriately used in all relevant parts of the transaction process, particularly in how it affects the transaction's execution and finality conditions. Here's a snippet to illustrate proper integration:

TxnAction::Send { wait, receipt, max_fee_raw, fee_estimate_multiplier, walnut } => {
    let txn_config = TxnConfig { fee_estimate_multiplier, wait, receipt, max_fee_raw, walnut };
+   // Ensure walnut flag is considered in transaction execution logic
+   if walnut {
+       // Specific logic for walnut-enabled transactions
+   }
    do_account_deploy(
        max_fee,
        txn_config,
        target_deployment_address,
        no_confirmation,
        account_deployment,
        &provider,
        poll_interval,
        &mut account,
    )
    .await?;
}

This modification ensures that the walnut flag's presence is actively considered during the deployment process.

crates/dojo-lang/src/compiler.rs (3)

Line range hint 91-184: Refactor suggestion for the main compilation loop.

The main compilation loop in the compile method has a TODO comment about simplifying and optimizing the loop. This is crucial as it directly impacts the performance and maintainability of the compilation process.

Consider breaking down the loop into smaller, more manageable functions or utilizing more efficient data structures or algorithms to enhance clarity and performance.

---

Line range hint 147-184: Enhanced error handling and diagnostics in contract validation.

The error handling in the contract validation step is robust, providing detailed diagnostics about unsupported library functions. However, it could be further improved by externalizing error messages or using a dedicated error handling framework to manage different types of contract validation errors more systematically.

Refactor the error handling to use a dedicated module or service that handles different types of errors and can be easily extended or modified without changing the core compilation logic.

- ws.config().ui().warn(diagnostic);
+ contract_validator.warn(diagnostic); // Assuming `contract_validator` is an abstraction over different validation scenarios

---

Line range hint 276-433: Review of the update_files function and related artifact handling.

The update_files function has been significantly modified to handle the new debug information structure. The changes are well-integrated, but there's a potential improvement in how artifacts are managed and saved.

Consider abstracting the artifact handling into a separate class or module to reduce the complexity of the update_files function and improve the separation of concerns.

- compiled_artifacts: HashMap<String, (Felt, ContractClass, Option<SierraToCairoDebugInfo>)>,
+ compiled_artifacts: CompiledArtifacts // Where CompiledArtifacts is a new class handling the specifics of artifact management

crates/sozo/ops/src/utils.rs (1)

Line range hint 80-123: Ohayo, sensei! Enhanced debugging capabilities in transaction handling.

The addition of rpc_url and debug_with_walnut parameters to the handle_transaction_result function is a commendable enhancement. It allows developers to optionally debug transactions using Walnut, which can significantly aid in troubleshooting and ensuring transaction integrity.

The conditional logic to check if debug_with_walnut is true and then attempt to use the rpc_url to debug the transaction is well-implemented. This ensures that the debugging feature is optional and does not affect the existing functionality if not used.

However, it would be beneficial to ensure that the rpc_url is not just present but also valid before attempting to use it. Adding a simple validation check could prevent potential runtime errors or confusion during debugging sessions.

Consider adding a validation step for rpc_url to ensure it is not only present but also a valid URL before attempting to debug with Walnut. This could be done using the url::Url::parse method to catch any malformed URLs early in the process.

[coderabbitai]

Ohayo, sensei! Security concern with the exposed private key.

The update to the private_key is noted, but exposing private keys in configuration files poses a significant security risk. Consider using environment variables or a secure vault solution.

Tools

Gitleaks

16-16: Detected a Generic API Key, potentially exposing access to various services and sensitive operations.

(generic-api-key)

[coderabbitai]

Ohayo, sensei! Walnut debugging function looks good.

The implementation of walnut_debug_transaction is approved. Consider adding more detailed documentation about when and how to use this function effectively.

Would you like help with drafting the documentation?

[coderabbitai]

Ohayo, sensei! Consider setting a default value for walnut.

The addition of the walnut field in TxnConfig is a wise move to enhance functionality. However, it's crucial to ensure that this field is initialized properly to avoid any undefined behavior. Consider setting a default value in the Default trait implementation for TxnConfig.

[coderabbitai]

Ohayo, sensei! Review of new verification functionality in walnut_verify_migration_strategy.

The implementation of the walnut_verify_migration_strategy function is robust, providing a comprehensive approach to verifying classes declared during migration. The function checks network conditions, collects source code, prepares verification payloads, and handles API interactions efficiently.

A few points to consider:

• Ensure that the API key and URL retrieval (walnut_get_api_key, walnut_get_api_url) are secure and handle possible errors gracefully.
• The use of join_all for running verification tasks concurrently is efficient and appropriate for this context.
• Error handling and user feedback through the UI are well-implemented, providing clear and informative messages.

Consider adding more detailed logging or debugging information to help trace the verification process in case of issues. Also, ensure that all external interactions are secure and handle potential data sensitivity appropriately.

Consider enhancing logging or debugging outputs to provide more detailed insights during the verification process, which could be crucial for troubleshooting in production environments.

[coderabbitai]

Review the handling of the --walnut flag in auto_authorize calls.

Ohayo, sensei! It appears that the --walnut flag's effect is not explicitly managed within the auto_authorize function calls. From the previous discussions and the screenshot provided by kariy, it seems necessary to adjust how the --walnut flag is handled to avoid unintended debugging or verification during certain transactions.

Consider implementing the suggested fix by kariy to manage the --walnut flag more appropriately within these calls. Here's how you might adjust the configuration:

match auto_authorize(
    ws,
    &world,
    &txn_config,
+   &TxnConfig { walnut: false, ..txn_config.clone() },
    &default_namespace,
    &grant,
    &revoke,
    &Url::parse(&rpc_url).ok(),
)
.await

This change ensures that the --walnut flag is disabled for transactions where it's not applicable, aligning with the intended use of this feature.

Committable suggestion

‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.

Suggested change

	match auto_authorize(
	ws,
	&world,
	&txn_config,
	&default_namespace,
	&grant,
	&revoke,
	&Url::parse(&rpc_url).ok(),
	)
	.await
	{
	match auto_authorize(
	ws,
	&world,
	&TxnConfig { walnut: false, ..txn_config.clone() },
	&default_namespace,
	&grant,
	&revoke,
	&Url::parse(&rpc_url).ok(),
	)
	.await
	{

[coderabbitai]

Verify the integration of the new optional parameter in auto_authorize.

Ohayo, sensei! The addition of an optional parameter (&None) to the auto_authorize function call is an interesting change. It's essential to ensure that this new parameter is correctly handled within the function to avoid any unintended consequences or errors.

Consider adding tests or checks to verify that the auto_authorize function behaves as expected when this new parameter is utilized. Here's a suggestion for a test case:

#[tokio::test]
async fn test_auto_authorize_with_optional_param() {
    let result = auto_authorize(&ws, &world, &txn_config, &default_namespace, &grant, &revoke, &None).await;
    assert!(result.is_ok(), "auto_authorize should handle the optional parameter correctly");
}

This test ensures that the function can handle the optional parameter without issues, maintaining the robustness of the migration process.

[coderabbitai]

Actionable comments posted: 0

Outside diff range, codebase verification and nitpick comments (1)

crates/sozo/ops/src/migration/auto_auth.rs (1)

17-17: Ohayo, sensei! Some calls to auto_authorize need updating.

The auto_authorize function signature has been updated to include the rpc_url parameter. However, not all calls to this function have been updated to pass this new parameter. Please ensure the following locations are updated:

• crates/sozo/ops/src/test_utils/setup.rs: The call to auto_authorize does not include the rpc_url parameter.
• crates/sozo/ops/src/migration/mod.rs: The call to auto_authorize does not include the rpc_url parameter.

Analysis chain

Updated function signature to include rpc_url.

The addition of the rpc_url parameter to the auto_authorize function is crucial for enabling RPC URL customization in transaction configurations. This change aligns with the PR's objectives to enhance debugging capabilities. Ensure that all calls to this function are updated to pass the new parameter.

Scripts executed

The following scripts were executed for the analysis:

Script:

#!/bin/bash
# Description: Verify all function calls to `auto_authorize` include the new `rpc_url` parameter.

# Test: Search for the function usage. Expect: Only occurrences with the new parameter.
rg --type rust -A 5 $'auto_authorize'

Length of output: 3070

[coderabbitai]

Actionable comments posted: 1

[coderabbitai]

Review of walnut_debug_transaction function

The implementation of walnut_debug_transaction looks solid, sensei! Here are a few observations and suggestions:

1. Error Handling: The function correctly handles the scenario where the RPC URL is localhost by returning an UnsupportedNetwork error. This is a good practice as it prevents misuse of the function in unsupported environments.
2. URL Construction: The use of urlencoding::encode to safely encode the RPC URL and the detailed construction of the transaction URL using path_segments_mut and query_pairs_mut are commendable. This ensures that the URL is correctly formatted and safe from injection attacks.
3. Documentation: As previously noted, consider adding more detailed documentation about when and how to use this function effectively. This will aid other developers in understanding the purpose and limitations of the function.

Would you like help with drafting the documentation?

[glihm]

@barabanovro great job on that, let's iterate with this first version and ensure server wise it matches on your end. We can iterate for the next version if required.

[coderabbitai]

Actionable comments posted: 2

[coderabbitai]

Consider adding error handling for API URL retrieval.

The function walnut_get_api_url retrieves the Walnut API URL from an environment variable, providing a default value if the variable isn't set. While this approach avoids runtime errors, it might be beneficial to log a warning or inform the user when the default URL is being used, to ensure transparency in the application's behavior.

Consider adding a logging statement or user notification mechanism to inform when the default URL is being used. This could improve the observability of the application and help in troubleshooting configuration issues.

[coderabbitai]

Review the handling of the --walnut flag in auto_authorize calls.

It appears that the --walnut flag's effect is not explicitly managed within the auto_authorize function calls. From the previous discussions and the screenshot provided by kariy, it seems necessary to adjust how the --walnut flag is handled to avoid unintended debugging or verification during certain transactions.

Consider implementing the suggested fix by kariy to manage the --walnut flag more appropriately within these calls. Here's how you might adjust the configuration:

match auto_authorize(
    ws,
    &world,
    &txn_config,
+   &TxnConfig { walnut: false, ..txn_config.clone() },
    &default_namespace,
    &grant,
    &revoke,
    &Url::parse(&rpc_url).ok(),
)
.await

This change ensures that the --walnut flag is disabled for transactions where it's not applicable, aligning with the intended use of this feature.

Committable suggestion

‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.

Suggested change

	match auto_authorize(
	ws,
	&world,
	&txn_config,
	&default_namespace,
	&grant,
	&revoke,
	&walnut_debugger,
	)
	.await
	{
	match auto_authorize(
	ws,
	&world,
	&TxnConfig { walnut: false, ..txn_config.clone() },
	&default_namespace,
	&grant,
	&revoke,
	&walnut_debugger,
	)
	.await
	{