Add eco-tests protecting Mentat indexer storage reads#2818
Conversation
…ensor into fix/balancer-performance
Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
…g back the initial stake when the recycle or burn leg fails.
Fix balancer performance
Apply tx & dispatch extensions conditionally
eco-tests changed — indexer review requiredThis PR modifies files under Changed files
|
🛡️ AI Review — Skeptic (security review)VERDICT: VULNERABLE BASELINE scrutiny: gztensor has repo write permission and substantial contribution history; not in the trusted Gittensor allowlists; branch test/eco-mentat-indexer -> devnet-ready includes non-author commits, so branch history was treated as an extra review signal. Static Skeptic review only. No Findings
ConclusionThe PR is not malicious, but the coldkey swap change bypasses the destination account's explicit locked-alpha opt-out and allows unsolicited locked stake to be assigned without the destination signing. 🔍 AI Review — Auditor (domain review)VERDICT: 👍 Gittensor LIKELY: not found in trusted allowlists, but author has repo write permission and substantial recent subtensor history; PR includes one initial commit authored by The PR body is substantive and matches the test-only scope. No Duplicate-work check: #2817 overlaps all three changed files and appears to be the same Mentat eco-test work. Based on the fetched PR diff, this branch now includes the follow-up fix for the prior mock runtime API issue, so this PR is the better candidate. Recommend closing #2817. The other overlapping PRs appear incidental by title/scope. Verification was static. I did not run FindingsNo findings. Prior-comment reconciliation
ConclusionApproving: the prior compile-blocking mock API omission is addressed in the fetched diff, and the remaining changes are scoped to compile-time eco-tests that lock Mentat-facing storage, extrinsic, and runtime API signatures. 📜 Previous run (superseded)
|
|
🔄 AI review updated — Skeptic: SAFE Auditor: 👎 |
|
🔄 AI review updated — Skeptic: SAFE Auditor: 👎 |
|
🔄 AI review updated — Skeptic: SAFE Auditor: 👎 |
|
🔄 AI review updated — Skeptic: SAFE Auditor: 👎 |
Enforce conviction
Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
|
🔄 AI review updated — Skeptic: SAFE Auditor: 👍 |
|
|
||
| // Temporarily allow the destination coldkey to receive this stake even if some of it is | ||
| // locked; swap_coldkey_locks will copy the source AccountFlags over afterward. | ||
| Self::set_accept_locked_alpha(new_coldkey, true); |
There was a problem hiding this comment.
[MEDIUM] Coldkey swap bypasses locked-alpha opt-out
This flips the destination to accept_locked_alpha before swap_coldkey_locks reads new_coldkey_rejects_locked_alpha, so an announced coldkey swap can push locked alpha into an account that is default-rejecting or explicitly called set_reject_locked_alpha(true). The public setter documents that this flag opts the caller out of locked alpha from coldkey swaps, and swap_coldkey_locks still enforces AccountRejectsLockedAlpha when called directly. Since swap_coldkey_announced only requires the old coldkey signature, not a destination signature, this becomes an unsolicited locked-stake/griefing path. Require the destination coldkey to opt in instead of overriding its flag here.
|
🔄 AI review updated — Skeptic: VULNERABLE |
Description
Adds eco-tests for the Mentat indexer, as recommended by the foundation for infrastructure that relies on protocol storage reads. These tests lock the signatures of the storage items, extrinsics, and runtime APIs that Mentat depends on, so that any type change, rename, removed item, or altered argument list on the protocol side breaks compilation in CI — surfacing the change before it ships rather than after it hits production.
Type of Change
Checklist
./scripts/fix_rust.shto ensure my code is formatted and linted correctly