Pc02 allocator data validation (fix merge the pc04)

[nahimterrazas]

Summary

Testing Process

Checklist

• Add a reference to related issues in the PR description.
• Add unit tests if applicable.

Summary by CodeRabbit

• New Features

  • Added support for ERC-7683 ResourceLock orders with canonical Compact signature decoding and claim-hash computation.
  • Added allocator authorization checks that reject unauthorized or malformed allocator data before order processing.

• Tests

  • New unit and end-to-end tests covering valid/shifted/malformed compact signatures and allocator authorization scenarios.

• Chores

  • CI workflow adjusted to ensure tests complete before the rollup job.

[coderabbitai]

Warning

Review limit reached

@nahimterrazas, we couldn't start this review because you've reached your PR review rate limit.

More reviews will be available in 22 minutes and 36 seconds. Learn how PR review limits work.

Your organization has run out of usage credits. Purchase more in the billing tab.

⌛ How to resolve this issue?

After more reviews become available, a review can be triggered using the @coderabbitai review command as a PR comment. Alternatively, push new commits to this PR.

We recommend that you space out your commits to avoid hitting the rate limit.

🚦 How do rate limits work?

CodeRabbit enforces hourly rate limits for each developer per organization.

Our paid plans include higher PR review limits than trial, open-source, and free plans. In all cases, reviews become available again over time. During sustained high-volume PR review activity, CodeRabbit may temporarily slow when the next review becomes available.

Please see our Fair Usage Limits Policy for further information.

ℹ️ Review info

⚙️ Run configuration

Configuration used: defaults

Review profile: CHILL

Plan: Pro

Run ID: 7ae5f7a3-69c2-4455-a2bd-3b836c6309d9

📥 Commits

Reviewing files that changed from the base of the PR and between 6785492 and 2b42a1c.

📒 Files selected for processing (1)

• crates/solver-core/tests/tx_bump_storage_cas.rs

📝 Walkthrough

Walkthrough

This PR implements end-to-end validation for EIP-7683 Compact/ResourceLock orders. It adds canonical signature decoding, EIP-712 claim-hash computation, on-chain allocator authorization checks, refactors the compact signature validator to use shared utilities, extends the test harness and server mocks, and updates both the intake and off-chain discovery pipelines to enforce these validations.

Changes

Compact/EIP-7683 ResourceLock Order Validation

Layer / File(s)	Summary
Compact signature decoding and claim-hash computation crates/solver-types/src/standards/eip7683/{compact_signatures.rs,compact_claims.rs}, crates/solver-types/src/standards/eip7683.rs	Adds decode_compact_signatures to validate and extract canonical ABI-encoded sponsor + allocator data; implements EIP-712 compute_batch_compact_claim_hash with witness and lock hashing; extends ABI interfaces with ITheCompact.getLockDetails and new IAllocator.isClaimAuthorized predicate.
Signature validator trait update and compact module refactoring crates/solver-service/src/eip712/mod.rs, crates/solver-service/src/eip712/compact/mod.rs	SignatureValidator::extract_signature now returns Result<Bytes, APIError>; compact module delegates sponsor extraction and claim-hash computation to shared solver-types utilities, removing in-file hashing helpers.
Allocator authorization validator crates/solver-service/src/validators/compact_allocator.rs, crates/solver-service/src/validators/mod.rs	New validator module resolves allocator per input via TheCompact.getLockDetails, enforces single allocator, optionally checks against configured allocator, and calls isClaimAuthorized on-chain with claim hash, arbiter, sponsor, nonce/expires, inputs, and allocator data.
EIP-7683 signature validator updates crates/solver-service/src/validators/signature.rs	Requires input_settler_compact_address, decodes canonical Compact signatures, validates sponsor EIP-712 signature, and calls allocator authorization validator with decoded allocator data; expanded test suite includes compact-signature builders, mocked delivery for getLockDetails/isClaimAuthorized, and rejection tests for shifted signatures and unauthorized allocator data.
E2E test harness for compact stack deployment crates/solver-e2e-tests/src/lib.rs	Adds optional compact simple allocator deployment (TheCompact, InputSettlerCompact, SimpleAllocator) on origin chain; provides helpers to derive lock tags, approve/deposit tokens, and query domain separator; wires deployed addresses into solver bootstrap configuration.
E2E test for compact allocator intake rejection crates/solver-e2e-tests/tests/compact_allocator_e2e.rs	Test boots harness with compact deployment, constructs order, computes claim hash, signs it, and submits request with invalid allocator data, asserting intake rejects with ORDER_VALIDATION_FAILED.
Server-level mocks and validation tests crates/solver-service/src/server.rs (test module)	Parameterized allocator authorization control, mocked delivery for getLockDetails/isClaimAuthorized responses, ABI encoding helpers, compact signature builders (canonical and shifted), and handle_order tests verifying rejection of shifted signatures and unauthorized allocator data.
Off-chain discovery handler for ResourceLock validation crates/solver-discovery/src/implementations/offchain/_7683.rs	Extends HTTP handler with ResourceLock-specific validation: decodes Compact signatures, resolves TheCompact and allocator addresses, validates non-empty inputs and single-allocator consistency, computes claim hash, and calls allocator authorization; returns BAD_REQUEST with Rejected status on decode/validation failures.

Estimated code review effort

🎯 4 (Complex) | ⏱️ ~60 minutes

Possibly related PRs

• openintentsframework/oif-solver#327: Extends the solver-e2e-tests harness—this PR further expands that harness with compact/simple allocator deployment and wiring.

Suggested reviewers

• shahnami
• pepebndc
• tirumerla

Poem

🐇 I nibble bytes and hop through hashes,
Sponsor sigs and allocator stashes,
I check each compact claim with care,
Reject the shifted, keep the fair,
Hooray — ResourceLocks handled with flair!

🚥 Pre-merge checks | ✅ 3 | ❌ 2

❌ Failed checks (1 warning, 1 inconclusive)

Check name	Status	Explanation	Resolution
Description check	⚠️ Warning	The PR description is completely empty except for template headers. All sections (Summary, Testing Process, Checklist items) lack actual content, failing to explain the changes or link related issues.	Fill in the Summary section with a clear explanation of changes, document the testing process used, add issue/PR references, and confirm unit tests have been added.
Title check	❓ Inconclusive	The title 'Pc02 allocator data validation (fix merge the pc04)' is vague and contains unclear references. 'Pc02' and 'pc04' appear to be internal identifiers without explanation, and 'fix merge' is awkward phrasing that doesn't clearly convey the actual changeset.	Clarify the title by removing internal references and using standard phrasing (e.g., 'Add allocator data validation for compact signatures' or 'Implement compact allocator authorization validation').

✅ Passed checks (3 passed)

Check name	Status	Explanation
Docstring Coverage	✅ Passed	Docstring coverage is 100.00% which is sufficient. The required threshold is 80.00%.
Linked Issues check	✅ Passed	Check skipped because no linked issues were found for this pull request.
Out of Scope Changes check	✅ Passed	Check skipped because no linked issues were found for this pull request.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing Touches

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Commit unit tests in branch pc02-allocator-data-validation

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[coderabbitai]

Actionable comments posted: 1

🧹 Nitpick comments (2)

crates/solver-discovery/src/implementations/offchain/_7683.rs (2)

1174-1216: 💤 Low value

Test helper duplication with server.rs.

The abi_word, padded_bytes, shifted_compact_signature, and compact_signature functions are duplicated from crates/solver-service/src/server.rs. Consider extracting these to a shared test utilities module to reduce maintenance burden.

🤖 Prompt for AI Agents

Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

In `@crates/solver-discovery/src/implementations/offchain/_7683.rs` around lines
1174 - 1216, The helper functions abi_word, padded_bytes,
shifted_compact_signature, and compact_signature are duplicated here and in
server.rs; extract them into a single shared test utilities module (e.g., a new
crate or a common tests/util module) and replace the duplicates with imports.
Create a new module exposing pub (or pub(crate) as appropriate) functions named
abi_word, padded_bytes, shifted_compact_signature, and compact_signature, move
the implementations there, update both crates to depend on that module (or add a
path dependency/test-utils crate), and change the uses in this file and in
server.rs to call the shared functions instead of the local copies. Ensure
visibility and Cargo.toml are adjusted so tests can access the shared utilities.

---

641-761: ⚖️ Poor tradeoff

Consider extracting shared allocator validation logic to reduce duplication.

This function largely duplicates the logic in crates/solver-service/src/validators/compact_allocator.rs::validate_allocator_authorization. The main difference is this version uses DynProvider directly while the service version uses DeliveryService. Consider extracting the common validation logic into a shared utility in solver-types that both can reuse, parameterized over the RPC call mechanism.

🤖 Prompt for AI Agents

Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

In `@crates/solver-discovery/src/implementations/offchain/_7683.rs` around lines
641 - 761, The validate_resource_lock_allocator_authorization function
duplicates allocator validation logic present in
validate_allocator_authorization; extract the shared steps (resolving
network/provider, parsing TheCompact and allocator addresses, iterating inputs
to resolve a single allocator, optional configured allocator check, computing
claim_hash via compute_batch_compact_claim_hash, and calling isClaimAuthorized
on IAllocator) into a new shared utility (e.g., in solver-types) that accepts:
origin_chain_id/network config, a pluggable RPC client trait or async closure
(to support DynProvider or DeliveryService), the order and allocator_data, and
returns Result<(), DiscoveryError>; then update
validate_resource_lock_allocator_authorization and the service validator to call
this new utility (keeping provider-specific adapters that implement the RPC
trait or wrap provider vs DeliveryService). Ensure you reference
functions/types: validate_resource_lock_allocator_authorization,
validate_allocator_authorization, compute_batch_compact_claim_hash, ITheCompact,
IAllocator, AlloyAddress, and DynProvider when extracting and parameterizing the
logic.

🤖 Prompt for all review comments with AI agents

Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

Inline comments:
In `@crates/solver-service/src/validators/compact_allocator.rs`:
- Around line 116-123: The code calls
AlloyAddress::from_slice(&configured_allocator.0) which will panic if
configured_allocator.0 is not exactly 20 bytes; add an explicit length check
before conversion: verify configured_allocator.0.len() == 20 (or pattern-match
the inner bytes) and return Err(validation_error(...)) with a clear message
(e.g. "configured allocator_address must be 20 bytes") if the length is wrong,
then only call AlloyAddress::from_slice(&configured_allocator.0) and compare to
allocator; adjust the existing branch around configured_allocator to perform
this validation using the configured_allocator identifier and keep the same
validation_error flow used in ResourceLock checks.

---

Nitpick comments:
In `@crates/solver-discovery/src/implementations/offchain/_7683.rs`:
- Around line 1174-1216: The helper functions abi_word, padded_bytes,
shifted_compact_signature, and compact_signature are duplicated here and in
server.rs; extract them into a single shared test utilities module (e.g., a new
crate or a common tests/util module) and replace the duplicates with imports.
Create a new module exposing pub (or pub(crate) as appropriate) functions named
abi_word, padded_bytes, shifted_compact_signature, and compact_signature, move
the implementations there, update both crates to depend on that module (or add a
path dependency/test-utils crate), and change the uses in this file and in
server.rs to call the shared functions instead of the local copies. Ensure
visibility and Cargo.toml are adjusted so tests can access the shared utilities.
- Around line 641-761: The validate_resource_lock_allocator_authorization
function duplicates allocator validation logic present in
validate_allocator_authorization; extract the shared steps (resolving
network/provider, parsing TheCompact and allocator addresses, iterating inputs
to resolve a single allocator, optional configured allocator check, computing
claim_hash via compute_batch_compact_claim_hash, and calling isClaimAuthorized
on IAllocator) into a new shared utility (e.g., in solver-types) that accepts:
origin_chain_id/network config, a pluggable RPC client trait or async closure
(to support DynProvider or DeliveryService), the order and allocator_data, and
returns Result<(), DiscoveryError>; then update
validate_resource_lock_allocator_authorization and the service validator to call
this new utility (keeping provider-specific adapters that implement the RPC
trait or wrap provider vs DeliveryService). Ensure you reference
functions/types: validate_resource_lock_allocator_authorization,
validate_allocator_authorization, compute_batch_compact_claim_hash, ITheCompact,
IAllocator, AlloyAddress, and DynProvider when extracting and parameterizing the
logic.

🪄 Autofix (Beta)

Fix all unresolved CodeRabbit comments on this PR:

• Push a commit to this branch (recommended)
• Create a new PR with the fixes

---

ℹ️ Review info

⚙️ Run configuration

Configuration used: defaults

Review profile: CHILL

Plan: Pro

Run ID: ace8317d-c24c-4ae7-b973-d32ca88b3b04

📥 Commits

Reviewing files that changed from the base of the PR and between 801619b and fca6314.

📒 Files selected for processing (12)

• crates/solver-discovery/src/implementations/offchain/_7683.rs
• crates/solver-e2e-tests/src/lib.rs
• crates/solver-e2e-tests/tests/compact_allocator_e2e.rs
• crates/solver-service/src/eip712/compact/mod.rs
• crates/solver-service/src/eip712/mod.rs
• crates/solver-service/src/server.rs
• crates/solver-service/src/validators/compact_allocator.rs
• crates/solver-service/src/validators/mod.rs
• crates/solver-service/src/validators/signature.rs
• crates/solver-types/src/standards/eip7683.rs
• crates/solver-types/src/standards/eip7683/compact_claims.rs
• crates/solver-types/src/standards/eip7683/compact_signatures.rs

[coderabbitai]

⚠️ Potential issue | 🟡 Minor | ⚡ Quick win

Missing length validation for configured_allocator.

The Address wrapper could theoretically contain a non-20-byte slice. Converting directly via AlloyAddress::from_slice(&expected.0) would panic if the length is incorrect. The downstream usage in solver-discovery/_7683.rs (context snippet 1, lines 719-726) explicitly checks for 20-byte length before conversion.

🛡️ Proposed fix to add length validation

 	// If the solver pins an allocator, the resolved one must match it.
 	if let Some(expected) = configured_allocator {
+		if expected.0.len() != 20 {
+			return Err(validation_error(
+				"Invalid configured allocator address length",
+			));
+		}
 		let expected = AlloyAddress::from_slice(&expected.0);
 		if expected != allocator {

🤖 Prompt for AI Agents

Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

In `@crates/solver-service/src/validators/compact_allocator.rs` around lines 116 -
123, The code calls AlloyAddress::from_slice(&configured_allocator.0) which will
panic if configured_allocator.0 is not exactly 20 bytes; add an explicit length
check before conversion: verify configured_allocator.0.len() == 20 (or
pattern-match the inner bytes) and return Err(validation_error(...)) with a
clear message (e.g. "configured allocator_address must be 20 bytes") if the
length is wrong, then only call
AlloyAddress::from_slice(&configured_allocator.0) and compare to allocator;
adjust the existing branch around configured_allocator to perform this
validation using the configured_allocator identifier and keep the same
validation_error flow used in ResourceLock checks.

[codecov]

Codecov Report

❌ Patch coverage is 95.04734% with 68 lines in your changes missing coverage. Please review.

Files with missing lines	Patch %	Lines
...er-discovery/src/implementations/offchain/_7683.rs	81.9%	55 Missing ⚠️
...-types/src/standards/eip7683/compact_signatures.rs	96.7%	5 Missing ⚠️
...solver-service/src/validators/compact_allocator.rs	98.5%	4 Missing ⚠️
crates/solver-service/src/eip712/compact/mod.rs	97.5%	2 Missing ⚠️
crates/solver-service/src/server.rs	99.6%	1 Missing ⚠️
...lver-types/src/standards/eip7683/compact_claims.rs	99.3%	1 Missing ⚠️

📢 Thoughts on this report? Let us know!