feat: Add support for `CommitDiff` to efficiently commit small changes in large delegated accounts #575

snawaz · 2025-10-15T19:41:56Z

This PR does the following things:

Adds support for CommitDiff. So now when a commit is scheduled, it triggers either CommitState or CommitDiff in the delegation-program, depending on the account size and the COMMIT_STATE_SIZE_THRESHOLD.
- CommitDiff is effectively an optimization that reduces the amount of data transferred when committing small changes in large accounts, which improves performance and reduces costs.
- The diff is sent over args, not buffer account.
Adds test using a large OrderBook account (10 KB). I initially wanted to try a few MB, but realized currently that’s not possible yet.
- After 13 book updates , CommitDiff was invoked (in the delegation-program) with only diff len = 286 whereas data len = 10240 (see first screenshot).
- When there’s no diff, CommitDiff still runs with diff len = 8 (encoding the size of account on ER and the number of offset-pairs), and logs a warning (see second screenshot).
- In the zero-diff case, we could optimize for an early return, though currently it seems we cannot.. since Finalize and Undelegate still depend on Commit running fully.

Update dlp.so

Updated test-integration/schedulecommit/elfs/dlp.so to use latest version of DLP with CommitDiff ix.

Changes in the existing tests.

Two kinds of changes:

Since it is CommitTask which decides the exact DLP instruction CommitState or CommitDiff, and many tests which earlier used to get executed as BufferTask, will now be executed as ArgsTask because large accounts with small changes can be executed as ArgsTask as long as the transaction size stays within limit. So made the related changes in the tests.
For some tests, I made the following change:
```
-#[tokio::test]
+#[tokio::test(flavor = "multi_thread", worker_threads = 2)]
```
It is because now CommitTask::new() uses blocking RpcClient to fetch account from the base chain, so the tests fail because they run in a single-threaded environment, giving this error:

can call blocking only when running on the multi-threaded runtime

Using multi_thread with 2 threads makes the tests work again.

Screenshots

Summary by CodeRabbit

New Features
- Order‑book support: init, grow, update, and schedule-commit flows with zero‑copy in‑memory order‑book types.
- Commit flow hybrid: auto‑selects diff vs full‑state based on account size (with forceable state path).
API
- Per‑context seed to select initialization/delegation behavior and new order‑book instructions.
- New commit construction/creation and an order‑book commit verification helper.
Tests
- Deterministic order‑book integration tests added; many tests now run multi‑threaded.
Chores
- Improved log detection, test utilities, and dependency/serialization tooling updates.

snawaz · 2025-10-15T19:42:12Z

This stack of pull requests is managed by Graphite. Learn more about stacking.

coderabbitai · 2025-10-15T19:42:21Z

Walkthrough

Adds a CommitTask constructor that may prefetch a base account and choose commit-diff vs commit-state at runtime; introduces CommittedAccount; integrates a zero-copy OrderBook and new order-book instructions/handlers; threads per-context user_seed through client and tests; updates manifests and many tests; bumps delegation-program rev.

Changes

Cohort / File(s)	Summary
Manifests / workspace deps `Cargo.toml`, `test-integration/Cargo.toml`, `test-integration/programs/schedulecommit/Cargo.toml`, `test-integration/schedulecommit/test-scenarios/Cargo.toml`	Bumped `magicblock-delegation-program` rev (`aa1de56d90c` → `e8d03936`); added `rkyv` and `static_assertions`; minor workspace/dev-deps reordering.
Commitor tasks core `magicblock-committor-service/src/tasks/mod.rs`, `magicblock-committor-service/src/tasks/args_task.rs`, `magicblock-committor-service/src/tasks/task_builder.rs`, `magicblock-committor-service/src/tasks/task_strategist.rs`	Add `CommitTask::new(...)`; add `base_account: Option<Account>` and `force_commit_state: bool`; introduce `COMMIT_STATE_SIZE_THRESHOLD`, `is_commit_diff()` and `create_commit_ix()` with separate state/diff builders; ArgsTask now delegates to `create_commit_ix`; replace struct-literal construction with `CommitTask::new(...)`.
CommittedAccount type `programs/magicblock/src/magic_scheduled_base_intent.rs`	New public `CommittedAccount { pubkey: Pubkey, account: Account }` and `impl From<CommittedAccountRef<'a>> for CommittedAccount`.
OrderBook core (zero-copy) `test-integration/programs/schedulecommit/src/order_book.rs`	New zero-copy OrderBook implementation: `OrderLevel`, `BookUpdate`, `OrderBookHeader`, `OrderBook<'a>`, `OrderBookOwned`; contiguous layout, capacity management, add/update APIs, and Borsh conversions (unsafe pointer logic).
ScheduleCommit program API & handlers `test-integration/programs/schedulecommit/src/api.rs`, `test-integration/programs/schedulecommit/src/lib.rs`	Add Init/Grow/Update/DelegateOrderBook and ScheduleCommitForOrderBook instruction variants and handlers; `DelegateOrderBookArgs` type; `delegate_account_cpi_instruction` now accepts `user_seed`; `MainAccount::SIZE` changed usize→u64; allocation/reallocation and delegation flows implemented.
Client, test context & utils `test-integration/schedulecommit/client/src/schedule_commit_context.rs`, `test-integration/schedulecommit/client/src/verify.rs`, `test-integration/programs/schedulecommit/src/utils/mod.rs`, `test-integration/schedulecommit/test-scenarios/tests/utils/mod.rs`	Thread `user_seed` through ScheduleCommitTestContext constructors and PDA seeds ([user_seed, payer]); added `fetch_and_verify_order_book_commit_result_from_logs`; `AllocateAndAssignAccountArgs.size` changed usize→u64; helper generics and PDA logic updated.
Tests & scenarios many under `test-integration/...` (e.g., `test-scenarios/`, `test-committor-service/`, `test-security/`, `test-ledger-restore/`)	Updated call sites to pass `user_seed`; added deterministic order-book commit tests and helpers; replaced struct-literal `CommitTask` with `CommitTask::new(...)`; switched many tests to tokio multi-thread attributes; minor destructuring/log adjustments.
Test tooling / logs & RPC config `test-integration/test-tools/src/scheduled_commits.rs`, `test-integration/test-tools/src/integration_test_context.rs`	Two-stage ephemeral log fetch (`ephem_logs_l1` / `ephem_logs_l2`) with extra dumps; rpc_client lookup now unwraps (panic if missing); per-label `RpcTransactionConfig.max_supported_transaction_version` set conditionally.
Small wiring / utilities `test-integration/schedulecommit/client/src/schedule_commit_context.rs`, `test-integration/schedulecommit/test-scenarios/tests/01_commits.rs`, `test-integration/schedulecommit/test-scenarios/tests/02_commit_and_undelegate.rs`, `test-integration/schedulecommit/test-scenarios/tests/utils/mod.rs`	PDA derivation switched to `Pubkey::find_program_address` with `user_seed`; init/delegate flows choose instruction variant based on seed (`b"magic_schedule_commit"` vs `b"order_book"`); tests updated to pass seeds.

Sequence Diagram(s)

sequenceDiagram
    autonumber
    participant Caller
    participant CommitTask
    participant RpcClient
    participant DelegationProgram

    Caller->>CommitTask: CommitTask::new(commit_id, allow_undelegation, committed_account)
    CommitTask->>CommitTask: inspect committed_account.account.data.len()
    alt data_len > COMMIT_STATE_SIZE_THRESHOLD
        CommitTask->>RpcClient: fetch base account (RPC)
        RpcClient-->>CommitTask: Account (fetched)
        CommitTask->>CommitTask: store fetched_account
    else
        CommitTask->>CommitTask: proceed without fetched_account
    end

    Caller->>CommitTask: create_commit_ix(validator)
    alt is_commit_diff()
        CommitTask->>CommitTask: create_commit_diff_ix(validator, fetched_account)
        CommitTask->>DelegationProgram: invoke commit_diff
    else
        CommitTask->>CommitTask: create_commit_state_ix(validator)
        CommitTask->>DelegationProgram: invoke commit_state
    end
    CommitTask-->>Caller: Instruction

Estimated code review effort

🎯 4 (Complex) | ⏱️ ~60 minutes

Areas to focus on:

CommitTask branching: threshold logic, RPC prefetch, lifetime/storage of fetched Account, and correct instruction construction for diff vs state.
OrderBook unsafe pointer arithmetic, alignment, capacity checks, and Borsh (de)serialization safety.
New program handlers: allocation/reallocation correctness, CPI delegation seeds, PDA derivation, and MainAccount::SIZE size change implications.
Propagation and semantics of user_seed across client/tests and instruction selection.
Broad test changes (tokio multi-threading, many call-site updates) and two-stage log fetch handling.

Possibly related PRs

Handling of intent execution failures #564 — touches the same task-system refactor (ArgsTask/CommitTask creation and commit-instruction flow).
hotfix: increate finalize + commit compute units #585 — related to commit handling and compute-unit/constants adjustments impacting commit paths.

Suggested reviewers

thlorenz
GabrielePicco

Pre-merge checks and finishing touches

✅ Passed checks (2 passed)

Check name	Status	Explanation
Title check	✅ Passed	The title accurately captures the main feature: adding CommitDiff support for efficiently committing small changes to large accounts.
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.

✨ Finishing touches

📝 Generate docstrings

🧪 Generate unit tests (beta)

Create PR with unit tests
Post copyable unit tests in a comment
Commit unit tests in branch snawaz/commit-diff

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

magicblock-committor-service/src/tasks/mod.rs

github-actions · 2025-10-27T09:46:15Z

Manual Deploy Available

You can trigger a manual deploy of this PR branch to testnet:

Deploy to Testnet 🚀

Alternative: Comment /deploy on this PR to trigger deployment directly.

⚠️ Note: Manual deploy requires authorization. Only authorized users can trigger deployments.

Comment updated automatically when the PR is synchronized.

coderabbitai

Actionable comments posted: 29

Caution

Some comments are outside the diff and can’t be posted inline due to platform limitations.

⚠️ Outside diff range comments (1)

magicblock-committor-service/src/tasks/args_task.rs (1)

229-237: reset_commit_id ignores CommitDiff—update both variants.

Commit IDs must update for Commit and CommitDiff.

Apply:

-        let ArgsTaskType::Commit(commit_task) = &mut self.task_type else {
-            log::error!("reset_commit_id");
-            return;
-        };
-
-        commit_task.commit_id = commit_id;
+        match &mut self.task_type {
+            ArgsTaskType::Commit(task) | ArgsTaskType::CommitDiff(task) => {
+                task.commit_id = commit_id;
+            }
+            _ => {}
+        }

📜 Review details

Configuration used: CodeRabbit UI

Review profile: ASSERTIVE

Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between a1dfd59 and e5c5e15.

⛔ Files ignored due to path filters (2)

Cargo.lock is excluded by !**/*.lock
test-integration/Cargo.lock is excluded by !**/*.lock

📒 Files selected for processing (28)

Cargo.toml (1 hunks)
magicblock-accounts/src/scheduled_commits_processor.rs (3 hunks)
magicblock-committor-service/src/tasks/args_task.rs (6 hunks)
magicblock-committor-service/src/tasks/mod.rs (1 hunks)
magicblock-committor-service/src/tasks/task_builder.rs (3 hunks)
magicblock-committor-service/src/tasks/task_visitors/persistor_visitor.rs (1 hunks)
magicblock-magic-program-api/src/instruction.rs (1 hunks)
magicblock-rpc-client/src/lib.rs (1 hunks)
programs/magicblock/src/magic_scheduled_base_intent.rs (7 hunks)
programs/magicblock/src/magicblock_processor.rs (4 hunks)
programs/magicblock/src/schedule_transactions/process_schedule_commit.rs (2 hunks)
programs/magicblock/src/schedule_transactions/process_scheduled_commit_sent.rs (5 hunks)
test-integration/Cargo.toml (2 hunks)
test-integration/programs/schedulecommit-security/src/lib.rs (2 hunks)
test-integration/programs/schedulecommit/src/api.rs (5 hunks)
test-integration/programs/schedulecommit/src/lib.rs (9 hunks)
test-integration/programs/schedulecommit/src/order_book.rs (1 hunks)
test-integration/programs/schedulecommit/src/utils/mod.rs (3 hunks)
test-integration/schedulecommit/client/src/schedule_commit_context.rs (6 hunks)
test-integration/schedulecommit/client/src/verify.rs (2 hunks)
test-integration/schedulecommit/test-scenarios/Cargo.toml (1 hunks)
test-integration/schedulecommit/test-scenarios/tests/01_commits.rs (2 hunks)
test-integration/schedulecommit/test-scenarios/tests/02_commit_and_undelegate.rs (4 hunks)
test-integration/schedulecommit/test-scenarios/tests/03_commits_fee_payer.rs (1 hunks)
test-integration/schedulecommit/test-scenarios/tests/utils/mod.rs (1 hunks)
test-integration/test-ledger-restore/tests/08_commit_update.rs (2 hunks)
test-integration/test-tools/src/integration_test_context.rs (2 hunks)
test-integration/test-tools/src/scheduled_commits.rs (3 hunks)

🧰 Additional context used

🧠 Learnings (1)

📚 Learning: 2025-10-26T08:49:31.543Z

Learnt from: taco-paco
PR: magicblock-labs/magicblock-validator#585
File: magicblock-committor-service/src/tasks/buffer_task.rs:111-115
Timestamp: 2025-10-26T08:49:31.543Z
Learning: In the magicblock-committor-service, compute units returned by the `compute_units()` method in task implementations (such as `BufferTask`, `ArgsTask`, etc.) represent the compute budget for a single task. Transactions can comprise multiple tasks, and the total compute budget for a transaction is computed as the sum of the compute units of all tasks included in that transaction.

Applied to files:

magicblock-committor-service/src/tasks/args_task.rs

🧬 Code graph analysis (15)

test-integration/test-ledger-restore/tests/08_commit_update.rs (1)

test-integration/test-ledger-restore/src/lib.rs (1)

setup_validator_with_local_remote (97-119)

test-integration/schedulecommit/test-scenarios/tests/03_commits_fee_payer.rs (3)

test-integration/programs/schedulecommit/src/api.rs (1)

schedule_commit_with_payer_cpi_instruction (214-232)

test-integration/schedulecommit/test-scenarios/tests/utils/mod.rs (3)

assert_two_committees_were_committed (68-91)

get_context_with_delegated_committees (16-35)

assert_feepayer_was_committed (94-113)

test-integration/schedulecommit/client/src/verify.rs (1)

fetch_and_verify_commit_result_from_logs (7-14)

test-integration/programs/schedulecommit-security/src/lib.rs (1)

test-integration/schedulecommit/test-security/tests/01_invocations.rs (1)

create_schedule_commit_ix (41-66)

magicblock-committor-service/src/tasks/args_task.rs (4)

magicblock-committor-service/src/tasks/mod.rs (2)

instruction (66-66)

instruction (249-255)

magicblock-committor-service/src/tasks/buffer_task.rs (2)

instruction (65-86)

new (37-45)

magicblock-committor-service/src/config.rs (1)

local (29-35)

magicblock-accounts/src/scheduled_commits_processor.rs (2)

new (66-90)

new (420-436)

programs/magicblock/src/magicblock_processor.rs (3)

magicblock-committor-service/src/tasks/args_task.rs (1)

instruction (58-160)

programs/magicblock/src/schedule_transactions/process_schedule_commit.rs (1)

process_schedule_commit (34-259)

magicblock-committor-program/src/state/changeset.rs (1)

request_undelegation (230-232)

test-integration/schedulecommit/test-scenarios/tests/02_commit_and_undelegate.rs (4)

test-integration/programs/schedulecommit/src/api.rs (4)

schedule_commit_and_undelegate_cpi_instruction (234-252)

schedule_commit_and_undelegate_cpi_with_mod_after_instruction (287-311)

schedule_commit_diff_instruction_for_order_book (193-212)

update_order_book_instruction (175-191)

test-integration/schedulecommit/test-scenarios/tests/utils/mod.rs (3)

get_context_with_delegated_committees (16-35)

assert_one_committee_was_committed (41-65)

assert_one_committee_account_was_undelegated_on_chain (190-196)

test-integration/schedulecommit/client/src/schedule_commit_context.rs (3)

committees (205-209)

ephem_blockhash (322-324)

ephem_client (318-320)

test-integration/schedulecommit/client/src/verify.rs (1)

fetch_and_verify_order_book_commit_result_from_logs (16-23)

test-integration/programs/schedulecommit/src/api.rs (2)

test-integration/programs/schedulecommit/src/order_book.rs (1)

new (85-94)

test-integration/programs/flexi-counter/src/state.rs (1)

pda (32-35)

test-integration/schedulecommit/client/src/verify.rs (2)

test-integration/test-ledger-restore/tests/08_commit_update.rs (1)

ctx (90-91)

test-integration/schedulecommit/test-security/tests/01_invocations.rs (1)

ctx (145-146)

magicblock-committor-service/src/tasks/task_builder.rs (2)

magicblock-accounts/src/scheduled_commits_processor.rs (2)

new (66-90)

new (420-436)

magicblock-committor-service/src/tasks/args_task.rs (1)

new (49-54)

test-integration/programs/schedulecommit/src/lib.rs (2)

test-integration/programs/schedulecommit/src/utils/mod.rs (3)

assert_is_signer (30-44)

assert_keys_equal (16-28)

allocate_account_and_assign_owner (58-106)

test-integration/programs/schedulecommit/src/order_book.rs (1)

new (85-94)

programs/magicblock/src/schedule_transactions/process_schedule_commit.rs (2)

magicblock-committor-service/src/tasks/task_builder.rs (1)

committed_accounts (153-156)

test-integration/test-committor-service/tests/test_ix_commit_local.rs (1)

base_intent (544-549)

test-integration/schedulecommit/client/src/schedule_commit_context.rs (1)

test-integration/programs/schedulecommit/src/api.rs (3)

init_order_book_instruction (36-54)

init_payer_escrow (77-98)

init_account_instruction (16-34)

programs/magicblock/src/magic_scheduled_base_intent.rs (1)

magicblock-committor-service/src/tasks/task_builder.rs (1)

committed_accounts (153-156)

test-integration/schedulecommit/test-scenarios/tests/utils/mod.rs (3)

test-integration/test-ledger-restore/tests/08_commit_update.rs (1)

ctx (90-91)

test-integration/schedulecommit/test-security/tests/01_invocations.rs (1)

ctx (145-146)

test-integration/schedulecommit/client/src/schedule_commit_context.rs (3)

try_new (72-74)

ncommittees (102-121)

try_new_random_keys (66-71)

test-integration/schedulecommit/test-scenarios/tests/01_commits.rs (1)

test-integration/schedulecommit/test-scenarios/tests/utils/mod.rs (1)

get_context_with_delegated_committees (16-35)

⏰ Context from checks skipped due to timeout of 90000ms. You can increase the timeout in your CodeRabbit configuration to a maximum of 15 minutes (900000ms). (4)

GitHub Check: run_make_ci_format
GitHub Check: run_make_ci_test
GitHub Check: run_make_ci_lint
GitHub Check: run_make_ci_test

🔇 Additional comments (34)

test-integration/test-ledger-restore/tests/08_commit_update.rs (1)

55-55: LGTM! Correctly updated to match new function signature.

Both call sites properly destructure the new 3-tuple return value. The _tmpdir binding is necessary to keep the TempDir alive throughout the function scope, preventing premature cleanup of the temporary directory while the validator is still using it.

Also applies to: 170-170

test-integration/programs/schedulecommit/src/utils/mod.rs (2)

53-53: LGTM: Type alignment with Solana API.

Changing size to u64 aligns with Solana's system_instruction::allocate API, which expects a u64 parameter. This improves type consistency and eliminates the need for type conversions downstream.

70-90: LGTM: Clean implementation with helpful debugging.

The changes correctly handle the type conversion:

Line 71: The cast to usize is necessary for Rent::minimum_balance and is safe given Solana's practical account size limits.

Lines 75-80: The debug log provides useful visibility into lamport requirements during account allocation.

Line 90: Passing size directly as u64 to system_instruction::allocate is cleaner and aligns with the API signature.

test-integration/programs/schedulecommit-security/src/lib.rs (2)

2-2: LGTM: Import addition is correct.

The CommitPolicy import is necessary for the API change on line 149.

143-150: No action required—the two CPI paths use intentionally different APIs.

The review comment's concern about consistency is based on a false premise. The code uses two fundamentally different functions from different modules:

Path 1 (schedule_commit_cpi_instruction): A local program API wrapper with a fixed, simplified interface

Path 2 (create_schedule_commit_ix): An external SDK function with extended configuration options including CommitPolicy

These are not parallel implementations requiring symmetry. The schedule_commit_cpi_instruction function does not support CommitPolicy by design—it wraps commit scheduling with hardcoded policy defaults. Adding CommitPolicy::UseFullBytes to create_schedule_commit_ix is the correct change and requires no corresponding update to schedule_commit_cpi_instruction.

Likely an incorrect or invalid review comment.

test-integration/test-tools/src/integration_test_context.rs (1)

167-171: Transaction version configuration is correct and environment-aware.

The conditional logic properly handles two distinct RPC endpoints:

Chain (Solana devnet): max_supported_transaction_version: Some(0) with 50 retries to handle devnet's known quirk of sometimes returning version responses instead of transaction metadata (noted at line 160-161).

Ephemeral (local validator): None to use default behavior on a controlled, local environment without such quirks.

Git history confirms this change is part of the current PR (commit 4c75d78). The code is correctly differentiated for each environment. No changes needed.

test-integration/test-tools/src/scheduled_commits.rs (1)

182-213: LGTM! Clear hierarchical naming for log variables.

The renaming from ephem_logs/chain_logs to ephem_logs_l1/ephem_logs_l2 improves clarity by establishing a consistent naming convention that reflects the two-level log retrieval hierarchy.

magicblock-committor-service/src/tasks/task_visitors/persistor_visitor.rs (1)

29-33: LGTM: CommitDiff included in strategy persistence.

Cleanly broadens Commit to CommitDiff without changing strategy semantics.

programs/magicblock/src/schedule_transactions/process_schedule_commit.rs (2)

224-230: Diff-aware commit routing is correct; keep logs concise.

Choosing StandaloneDiff when request_diff is true is right. Consider demoting the "StandaloneDiff" ic_msg to debug in production builds to reduce log noise.

Also applies to: 233-238

29-32: All call sites properly initialize request_diff—no corrections needed.

Verification confirms that every process_schedule_commit() invocation explicitly sets both request_undelegation and request_diff fields. All three instruction paths (ScheduleCommit, ScheduleCommitAndUndelegate, ScheduleCommitDiffAndUndelegate) pass values for request_diff, with ScheduleCommitDiffAndUndelegate correctly setting it to true to trigger the CommitType::StandaloneDiff path. No uninitialized defaults are used, and no silent routing to full-state commits can occur.

programs/magicblock/src/schedule_transactions/process_scheduled_commit_sent.rs (1)

29-30: LGTM: commit_diff added end-to-end with safe logging.

Field is carried into printable form and logged only as a flag. Tests initialize the new field.

Also applies to: 44-45, 71-73, 215-217, 254-255

magicblock-committor-service/src/tasks/args_task.rs (1)

197-205: Calibrate compute units for CommitDiff based on diff size.

Fixed 65_000 may be inaccurate. Once diff is precomputed, scale CU by diff length/segments or add headroom to avoid CU errors.

Based on learnings

programs/magicblock/src/magicblock_processor.rs (3)

2-2: LGTM: import added is correct.

51-54: ScheduleCommit: explicit request_diff=false is correct.

90-99: New ScheduleCommitDiffAndUndelegate path correctly flips request_diff=true.

magicblock-committor-service/src/tasks/task_builder.rs (1)

96-105: Per-account Commit vs CommitDiff task selection is correct.

programs/magicblock/src/magic_scheduled_base_intent.rs (6)

104-107: ScheduledBaseIntent::is_commit_diff added — OK.

155-164: MagicBaseIntent::is_commit_diff added — OK.

448-454: CommitType::is_commit_diff implementation — OK.

456-463: Getters updated for StandaloneDiff — OK.

Also applies to: 465-473

475-487: is_empty handles StandaloneDiff — OK.

317-323: StandaloneDiff variant already exists and is actively used in the codebase.

The review's concern assumes StandaloneDiff is a new addition that will shift bincode discriminants. However, the variant is already present in process_schedule_commit.rs (lines 225–226), indicating it exists before this PR or is not new.

If StandaloneDiff was already committed to the codebase:

The bincode discriminant shift already happened (or never was a concern).

The review comment's warning is outdated or misguided.

If the snippet shows the final state (post-changes) and StandaloneDiff was genuinely added in this PR:

Verify the diff shows it was inserted between existing variants (which would shift discriminants).

If it was appended after existing variants, discriminants remain stable and no migration is needed.

Critical finding: No backwards compatibility tests, no versioning code, and no serde external tagging exist. If persisted state truly exists and the variant order changed, this is a risk. However, the evidence suggests StandaloneDiff is not new.

Action for developer: Confirm in the PR diff that you are not reordering existing enum variants. If appending new variants after existing ones, bincode compatibility is safe. If inserting between existing variants, migration is required.

test-integration/schedulecommit/test-scenarios/Cargo.toml (1)

19-20: LGTM!

The addition of rand and borsh as workspace dev-dependencies appropriately supports the new order-book test scenarios introduced in this PR.

test-integration/schedulecommit/test-scenarios/tests/01_commits.rs (1)

30-31: LGTM!

The addition of deterministic seed b"magic_schedule_commit" improves test reproducibility by ensuring consistent PDA derivation across test runs.

test-integration/schedulecommit/test-scenarios/tests/utils/mod.rs (2)

16-35: LGTM!

The seed parameter enables deterministic test context initialization, and explicitly driving the init_committees and delegate_committees workflow steps with debug logging improves test clarity and observability.

41-47: LGTM!

Making assert_one_committee_was_committed generic over type T with appropriate trait bounds enables reuse across different account types (MainAccount, OrderBookOwned, etc.) while maintaining type safety.

test-integration/schedulecommit/test-scenarios/tests/03_commits_fee_payer.rs (2)

23-80: LGTM!

The test properly validates that attempting to commit a fee payer without escrowing lamports fails with the expected "DoesNotHaveEscrowAccount" error. The test structure and assertions are appropriate.

83-135: LGTM!

The test correctly validates the happy path where fee payer commits succeed when lamports are properly escrowed. The verification flow and assertions comprehensively check that both committees and the fee payer were committed and synchronized.
test-integration/schedulecommit/test-scenarios/tests/02_commit_and_undelegate.rs (3)
55-56: LGTM!

The addition of deterministic seed b"magic_schedule_commit" ensures reproducible test behavior across runs.

110-164: LGTM!

The commit_and_undelegate_order_book_account helper follows the established pattern of other commit helpers in this file, properly constructing the update and schedule-commit-diff instructions sequence.

244-312: Excellent reproducibility design for randomized testing.

The test demonstrates best practices for randomized testing:

Prints the RNG seed for reproducibility

Includes the seed in assertion failure messages

Uses seeded RNG (StdRng) for deterministic behavior given a seed

This allows failures to be reproduced by rerunning with the printed seed value.

One optional enhancement: consider adding a way to override the seed via environment variable for easier failure reproduction:
let rng_seed = std::env::var("TEST_RNG_SEED")
    .ok()
    .and_then(|s| s.parse::<u64>().ok())
    .unwrap_or_else(|| OsRng.next_u64());
test-integration/programs/schedulecommit/src/lib.rs (1)

561-571: Use commit_diff for undelegate path; this looks correct.

The diff-based commit is invoked when undelegate is true; good alignment with the new optimization.

Please confirm tests cover both diff and full-commit paths (with/without undelegate).

test-integration/programs/schedulecommit/src/order_book.rs (1)

101-116: Bounds/capacity logic is good; but relies on header being valid.

Once header init is fixed in process_init_order_book, these helpers are fine for basic growth semantics.

Ensure tests cover:

Non-zero existing asks/bids followed by additional inserts (to exercise prefix/suffix behavior).

Capacity exhaustion returning None.

Also applies to: 118-138, 163-184

test-integration/schedulecommit/client/src/schedule_commit_context.rs (1)

260-267: Seed semantics are correct and consistently applied across the codebase.

The verification shows that delegate_account_cpi_instruction() explicitly branches on two supported canonical seeds:

b"magic_schedule_commit" → ScheduleCommitInstruction::DelegateCpi

b"order_book" → ScheduleCommitInstruction::DelegateOrderBook

All test utilities and callers supply only these supported seeds. The delegate_committees() function at lines 260-267 correctly passes &self.user_seed, and all constructors receive only canonical seeds from test callers. PDA derivation and instruction creation use consistent seed semantics.

Cargo.toml

magicblock-accounts/src/scheduled_commits_processor.rs

magicblock-committor-service/src/tasks/args_task.rs

test-integration/schedulecommit/client/src/schedule_commit_context.rs

test-integration/schedulecommit/client/src/verify.rs

test-integration/test-tools/src/integration_test_context.rs

test-integration/test-tools/src/scheduled_commits.rs

coderabbitai

Actionable comments posted: 9

♻️ Duplicate comments (22)

magicblock-rpc-client/src/lib.rs (1)
430-430: Redundant error prefix persists in log message.

The error! macro already includes ERROR level in its output. The explicit "> ERROR:" prefix creates redundancy and reduces log readability.

Apply this diff to remove the redundant prefix:
-            error!("> ERROR: {:?}", err);
+            error!("{:?}", err);
Or add context instead:
-            error!("> ERROR: {:?}", err);
+            error!("Transaction processed status failed: {:?}", err);
test-integration/test-tools/src/scheduled_commits.rs (2)

198-210: Verbose debug output concern still applies.

The past review comment regarding verbose debug output from println! with {:#?} formatting remains applicable to these new debug statements. Consider making the debug output conditional or using a more compact format.

233-235: Unnecessary clone() on Copy type.

The past review comment regarding the redundant .clone() call on Signature (which implements Copy) remains applicable. Use *sig instead of sig.clone().
test-integration/test-tools/src/integration_test_context.rs (1)
157-158: Format the panic message with label.

The panic still prints the literal rpc_client for [{}] does not exist, so the label never appears when this trips. Please inject label into the message.
-        let rpc_client =
-            rpc_client.expect("rpc_client for [{}] does not exist");
+        let rpc_client = rpc_client.unwrap_or_else(|| {
+            panic!("rpc_client for [{}] does not exist", label)
+        });
test-integration/schedulecommit/client/src/verify.rs (1)

16-23: Code duplication: consider the generic implementation suggested in the previous review.

This function duplicates fetch_and_verify_commit_result_from_logs except for the type parameter. A generic implementation with T: borsh::BorshDeserialize would eliminate this duplication.

test-integration/schedulecommit/client/src/schedule_commit_context.rs (2)

115-118: PDA derivation must match program-side seeds.

The PDA is derived using an arbitrary user_seed, which may not match the on-chain program's expected seeds (e.g., [b"order_book", book_manager] or [b"magic_schedule_commit", player]). This mismatch will cause transaction failures.

170-203: Validate user_seed explicitly to prevent silent misconfiguration.

The implicit else branch will execute for any user_seed that isn't b"magic_schedule_commit", including invalid values. Add explicit validation to fail fast with a clear error when an unsupported seed is provided.

test-integration/programs/schedulecommit/src/api.rs (1)

106-109: Derive delegated PDA with canonical seeds to match on-chain expectations.

The PDA is derived using an arbitrary user_seed, but the on-chain program expects fixed seeds like [b"magic_schedule_commit", player] or [b"order_book", book_manager]. This mismatch will cause the delegated_account to not match program-side expectations.
Cargo.toml (1)
112-112: CI/CD will fail: local path dependency not available.

The path ../delegation-program does not exist in the repository or CI environments, causing all builds to fail. Either:

Revert to a git-based dependency (consistent with the learning about using git branch references)

Make delegation-program a workspace member at the correct path

Update CI workflows to checkout the dependency

Verify the intended dependency resolution strategy:
#!/bin/bash
# Check if the delegation-program path exists
if [ -d "../delegation-program" ]; then
    echo "✓ Path exists locally"
    ls -la ../delegation-program/
else
    echo "✗ Path ../delegation-program does not exist"
fi

# Check for any git submodule configuration
echo ""
echo "=== Git submodules ==="
git submodule status 2>/dev/null || echo "No submodules configured"

# Check recent commits for this dependency change
echo ""
echo "=== Recent changes to delegation-program dependency ==="
git log -n 5 --oneline --all -- Cargo.toml | head -10
test-integration/Cargo.toml (1)

40-40: Critical: Local path dependencies will break CI builds.

This issue has already been flagged in previous review comments. The local paths ../../ephemeral-rollups-sdk/rust/sdk and ../../delegation-program do not exist in the CI environment and will cause build failures.

Also applies to: 60-60
test-integration/programs/schedulecommit/src/lib.rs (4)
302-309: Zero the order-book header immediately after allocation.

OrderBook::new reads bids_len/asks_len straight from account data. Leaving those bytes uninitialized means random counts, which makes the next borrow calculate bogus slices and can walk past the buffer. Please clear the header bytes right after allocation (e.g. borrow data, zero the first size_of::<OrderBookHeader>() bytes).

Apply this diff:
     allocate_account_and_assign_owner(AllocateAndAssignAccountArgs {
         payer_info: payer,
         account_info: order_book,
         owner: &crate::ID,
         signer_seeds: &[b"order_book", book_manager.key.as_ref(), &[bump]],
         size: 10 * 1024,
     })?;
 
+    {
+        let mut data = order_book.try_borrow_mut_data()?;
+        let header_len = core::mem::size_of::<OrderBookHeader>();
+        if data.len() < header_len {
+            return Err(ProgramError::AccountDataTooSmall);
+        }
+        for byte in &mut data[..header_len] {
+            *byte = 0;
+        }
+    }
+
     Ok(())
329-334: Fix the PDA assertion message.

The diagnostic still prints payer.key, so a failing check points at the wrong seed. Swap it for book_manager.key as previously requested.

Apply this diff:
     assert_keys_equal(order_book.key, &pda, || {
         format!(
             "PDA for the account ('{}') and for book_manager ('{}') is incorrect",
-            order_book.key, payer.key
+            order_book.key, book_manager.key
         )
     })?;
398-403: Update the log label.

This path is mutating an existing order book, not initializing one. Please change the msg! to say “Update order book” (or equivalent) so logs stay accurate.

424-451: Use the right error kind and require the payer to sign.

When the accounts slice is the wrong length you must emit ProgramError::NotEnoughAccountKeys; MissingRequiredSignature is misleading. More importantly, we still never verify payer.is_signer, so the CPI can run with an unsigned funder. Add assert_is_signer(payer, "payer")? before the CPI.

Apply this diff:
     let [payer, order_book_account, magic_context, magic_program] = accounts
     else {
-        return Err(ProgramError::MissingRequiredSignature);
+        return Err(ProgramError::NotEnoughAccountKeys);
     };
 
+    assert_is_signer(payer, "payer")?;
+
     commit_diff_and_undelegate_accounts(
         payer,
         vec![order_book_account],
         magic_context,
         magic_program,
test-integration/programs/schedulecommit/src/order_book.rs (3)

45-55: deserialize still aliases immutable data mutably (UB).

slice::from_raw_parts_mut on book_bytes forges a &mut [u8] from shared data, violating Rust’s aliasing rules and instantly triggering undefined behaviour. Please replace this with a safe path—e.g. copy into an owned buffer or implement a parser that reads header/levels straight from the immutable slice.

85-93: OrderBook::new assumes alignment that account data does not guarantee.

Casting header_bytes.as_ptr() to *mut OrderBookHeader (and the level pointer to *mut OrderLevel) requires 4/8‑byte alignment, but Solana account data is byte-aligned. The moment you dereference those pointers you trigger UB. Rework this to treat the buffer as raw bytes and read/write fields with from_le_bytes/to_le_bytes instead of typed references.

140-178: Typed slices over account data remain unsafe.

slice::from_raw_parts(_ as *mut OrderLevel, ...) for bids/asks/buffer helpers creates slices of OrderLevel out of unaligned memory. That’s the same UB called out earlier. Please keep the backing store as [u8], then decode/encode each OrderLevel by copying 16 bytes into a local array and using u64::from_le_bytes / u64::to_le_bytes.

magicblock-magic-program-api/src/instruction.rs (1)

111-111: Add documentation for ScheduleCommitDiffAndUndelegate.

This issue was already identified in a previous review. The variant lacks documentation while all sibling variants include doc comments describing the instruction purpose and account references.
magicblock-committor-service/src/tasks/args_task.rs (3)
75-103: Stop hard-coding the RPC endpoint in CommitDiff.

ChainConfig::local(ComputeBudgetConfig::new(1_000_000)) forces every CommitDiff task to dial http://localhost:7799 with Processed commitment and re-create an RPC client each time instruction() is called. In production that URI does not exist, so we immediately fall back to commit_state and never ship a diff; plus every call repeats the network fetch we already warned about. Inject the real ChainConfig/RpcClient from the service (or precompute/cache the diff during task construction) so instruction() stays pure and uses the configured endpoint. Prior feedback on this remains unresolved.

115-116: Do not log raw diff payloads.

Dumping the entire diff at warn level leaks account data and explodes log volume. Log only bounded metadata (e.g., commit_id, pubkey, diff length) instead.
-                log::warn!("DIFF computed: {:?}", args.diff);
+                log::debug!(
+                    "commit_diff computed: commit_id={} pubkey={} len={}",
+                    value.commit_id,
+                    value.committed_account.pubkey,
+                    args.diff.len()
+                );
171-173: Remove the CommitDiff panic in optimize().

optimize() is part of the normal pipeline; panicking here will abort the worker whenever a CommitDiff task flows through. Return Err(self) (mirroring the other variants) so the caller can fall back cleanly.
-            ArgsTaskType::CommitDiff(_) => {
-                panic!("ArgsTaskType::CommitDiff not handled")
-            }
+            ArgsTaskType::CommitDiff(_) => Err(self),
programs/magicblock/src/magicblock_processor.rs (1)

38-38: Avoid logging entire MagicBlockInstruction payloads.

ic_msg!(..., "{:?}", instruction) dumps the full enum—including the diff bytes you just added—on every invocation. That inflates CU cost and spams logs, an issue we already called out earlier. Drop the log or gate it behind a debug-only feature flag so mainnet builds don’t emit the payload.

📜 Review details

Configuration used: CodeRabbit UI

Review profile: ASSERTIVE

Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between e5c5e15 and 693af7f.

⛔ Files ignored due to path filters (2)

Cargo.lock is excluded by !**/*.lock
test-integration/Cargo.lock is excluded by !**/*.lock

📒 Files selected for processing (28)

Cargo.toml (1 hunks)
magicblock-accounts/src/scheduled_commits_processor.rs (3 hunks)
magicblock-committor-service/src/tasks/args_task.rs (6 hunks)
magicblock-committor-service/src/tasks/mod.rs (1 hunks)
magicblock-committor-service/src/tasks/task_builder.rs (3 hunks)
magicblock-committor-service/src/tasks/task_visitors/persistor_visitor.rs (1 hunks)
magicblock-magic-program-api/src/instruction.rs (1 hunks)
magicblock-rpc-client/src/lib.rs (1 hunks)
programs/magicblock/src/magic_scheduled_base_intent.rs (7 hunks)
programs/magicblock/src/magicblock_processor.rs (4 hunks)
programs/magicblock/src/schedule_transactions/process_schedule_commit.rs (2 hunks)
programs/magicblock/src/schedule_transactions/process_scheduled_commit_sent.rs (5 hunks)
test-integration/Cargo.toml (2 hunks)
test-integration/programs/schedulecommit-security/src/lib.rs (2 hunks)
test-integration/programs/schedulecommit/src/api.rs (5 hunks)
test-integration/programs/schedulecommit/src/lib.rs (9 hunks)
test-integration/programs/schedulecommit/src/order_book.rs (1 hunks)
test-integration/programs/schedulecommit/src/utils/mod.rs (3 hunks)
test-integration/schedulecommit/client/src/schedule_commit_context.rs (6 hunks)
test-integration/schedulecommit/client/src/verify.rs (2 hunks)
test-integration/schedulecommit/test-scenarios/Cargo.toml (1 hunks)
test-integration/schedulecommit/test-scenarios/tests/01_commits.rs (2 hunks)
test-integration/schedulecommit/test-scenarios/tests/02_commit_and_undelegate.rs (4 hunks)
test-integration/schedulecommit/test-scenarios/tests/03_commits_fee_payer.rs (1 hunks)
test-integration/schedulecommit/test-scenarios/tests/utils/mod.rs (1 hunks)
test-integration/test-ledger-restore/tests/08_commit_update.rs (2 hunks)
test-integration/test-tools/src/integration_test_context.rs (2 hunks)
test-integration/test-tools/src/scheduled_commits.rs (3 hunks)

🧰 Additional context used

🧠 Learnings (4)

📚 Learning: 2025-10-14T09:56:14.047Z

Learnt from: taco-paco
Repo: magicblock-labs/magicblock-validator PR: 564
File: test-integration/programs/flexi-counter/src/processor/call_handler.rs:122-125
Timestamp: 2025-10-14T09:56:14.047Z
Learning: The file test-integration/programs/flexi-counter/src/processor/call_handler.rs contains a test smart contract used for integration testing, not production code.

Applied to files:

test-integration/test-tools/src/integration_test_context.rs
test-integration/programs/schedulecommit/src/utils/mod.rs
test-integration/test-ledger-restore/tests/08_commit_update.rs
test-integration/schedulecommit/test-scenarios/tests/03_commits_fee_payer.rs

📚 Learning: 2025-10-21T14:00:54.642Z

Learnt from: bmuddha
Repo: magicblock-labs/magicblock-validator PR: 578
File: magicblock-aperture/src/requests/websocket/account_subscribe.rs:18-27
Timestamp: 2025-10-21T14:00:54.642Z
Learning: In magicblock-aperture account_subscribe handler (src/requests/websocket/account_subscribe.rs), the RpcAccountInfoConfig fields data_slice, commitment, and min_context_slot are currently ignored—only encoding is applied. This is tracked as technical debt in issue #579: https://github.com/magicblock-labs/magicblock-validator/issues/579

Applied to files:

magicblock-committor-service/src/tasks/mod.rs
test-integration/programs/schedulecommit/src/utils/mod.rs
magicblock-committor-service/src/tasks/args_task.rs
test-integration/programs/schedulecommit/src/api.rs
test-integration/programs/schedulecommit/src/lib.rs
test-integration/programs/schedulecommit/src/order_book.rs

📚 Learning: 2025-10-26T16:54:39.084Z

Learnt from: thlorenz
Repo: magicblock-labs/magicblock-validator PR: 587
File: test-manual/Cargo.toml:0-0
Timestamp: 2025-10-26T16:54:39.084Z
Learning: In the magicblock-validator repository, use git branch references (not commit hashes or tags) for the helius-laserstream dependency to allow automatic updates when the branch is pushed to.

Applied to files:

test-integration/Cargo.toml
Cargo.toml

📚 Learning: 2025-10-26T08:49:31.543Z

Learnt from: taco-paco
Repo: magicblock-labs/magicblock-validator PR: 585
File: magicblock-committor-service/src/tasks/buffer_task.rs:111-115
Timestamp: 2025-10-26T08:49:31.543Z
Learning: In the magicblock-committor-service, compute units returned by the `compute_units()` method in task implementations (such as `BufferTask`, `ArgsTask`, etc.) represent the compute budget for a single task. Transactions can comprise multiple tasks, and the total compute budget for a transaction is computed as the sum of the compute units of all tasks included in that transaction.

Applied to files:

magicblock-committor-service/src/tasks/args_task.rs

🧬 Code graph analysis (15)

test-integration/programs/schedulecommit-security/src/lib.rs (1)

test-integration/schedulecommit/test-security/tests/01_invocations.rs (1)

create_schedule_commit_ix (41-66)

magicblock-committor-service/src/tasks/task_builder.rs (2)

magicblock-committor-service/src/tasks/args_task.rs (1)

new (49-54)

magicblock-accounts/src/scheduled_commits_processor.rs (2)

new (66-90)

new (420-436)

programs/magicblock/src/schedule_transactions/process_schedule_commit.rs (2)

magicblock-committor-service/src/tasks/task_builder.rs (1)

committed_accounts (153-156)

test-integration/test-committor-service/tests/test_ix_commit_local.rs (1)

base_intent (544-549)

test-integration/schedulecommit/client/src/verify.rs (2)

test-integration/test-ledger-restore/tests/08_commit_update.rs (1)

ctx (90-91)

test-integration/schedulecommit/test-security/tests/01_invocations.rs (1)

ctx (145-146)

programs/magicblock/src/magicblock_processor.rs (3)

magicblock-committor-service/src/tasks/args_task.rs (1)

instruction (58-160)

programs/magicblock/src/schedule_transactions/process_schedule_commit.rs (1)

process_schedule_commit (34-259)

magicblock-committor-program/src/state/changeset.rs (1)

request_undelegation (230-232)

test-integration/schedulecommit/test-scenarios/tests/01_commits.rs (1)

test-integration/schedulecommit/test-scenarios/tests/utils/mod.rs (1)

get_context_with_delegated_committees (16-35)

magicblock-committor-service/src/tasks/args_task.rs (3)

magicblock-committor-service/src/tasks/mod.rs (2)

instruction (66-66)

instruction (249-255)

magicblock-committor-service/src/tasks/buffer_task.rs (1)

instruction (65-86)

magicblock-committor-service/src/config.rs (1)

local (29-35)

test-integration/schedulecommit/test-scenarios/tests/utils/mod.rs (3)

test-integration/test-ledger-restore/tests/08_commit_update.rs (1)

ctx (90-91)

test-integration/schedulecommit/test-security/tests/01_invocations.rs (1)

ctx (145-146)

test-integration/schedulecommit/client/src/schedule_commit_context.rs (3)

try_new (72-74)

ncommittees (102-121)

try_new_random_keys (66-71)

programs/magicblock/src/magic_scheduled_base_intent.rs (1)

magicblock-committor-service/src/tasks/task_builder.rs (1)

committed_accounts (153-156)

test-integration/schedulecommit/client/src/schedule_commit_context.rs (2)

test-integration/programs/schedulecommit/src/api.rs (3)

init_order_book_instruction (36-54)

init_payer_escrow (77-98)

init_account_instruction (16-34)

test-integration/test-tools/src/integration_test_context.rs (1)

try_new (113-115)

test-integration/test-ledger-restore/tests/08_commit_update.rs (1)

test-integration/test-ledger-restore/src/lib.rs (1)

setup_validator_with_local_remote (97-119)

test-integration/programs/schedulecommit/src/api.rs (2)

test-integration/programs/schedulecommit/src/order_book.rs (1)

new (85-94)

test-integration/programs/flexi-counter/src/state.rs (1)

pda (32-35)

test-integration/schedulecommit/test-scenarios/tests/03_commits_fee_payer.rs (4)

test-integration/test-runner/bin/run_tests.rs (1)

run_test (777-796)

test-integration/programs/schedulecommit/src/api.rs (1)

schedule_commit_with_payer_cpi_instruction (214-232)

test-integration/schedulecommit/test-scenarios/tests/utils/mod.rs (4)

assert_two_committees_synchronized_count (139-169)

assert_two_committees_were_committed (68-91)

get_context_with_delegated_committees (16-35)

assert_feepayer_was_committed (94-113)

test-integration/schedulecommit/client/src/verify.rs (1)

fetch_and_verify_commit_result_from_logs (7-14)

test-integration/programs/schedulecommit/src/lib.rs (2)

test-integration/programs/schedulecommit/src/utils/mod.rs (3)

assert_is_signer (30-44)

assert_keys_equal (16-28)

allocate_account_and_assign_owner (58-106)

test-integration/programs/schedulecommit/src/order_book.rs (1)

new (85-94)

test-integration/schedulecommit/test-scenarios/tests/02_commit_and_undelegate.rs (4)

test-integration/programs/schedulecommit/src/api.rs (3)

schedule_commit_and_undelegate_cpi_with_mod_after_instruction (287-311)

schedule_commit_diff_instruction_for_order_book (193-212)

update_order_book_instruction (175-191)

test-integration/schedulecommit/test-scenarios/tests/utils/mod.rs (3)

get_context_with_delegated_committees (16-35)

assert_one_committee_was_committed (41-65)

assert_one_committee_account_was_undelegated_on_chain (190-196)

test-integration/schedulecommit/client/src/schedule_commit_context.rs (3)

committees (205-209)

ephem_blockhash (322-324)

ephem_client (318-320)

test-integration/schedulecommit/client/src/verify.rs (1)

fetch_and_verify_order_book_commit_result_from_logs (16-23)

⏰ Context from checks skipped due to timeout of 90000ms. You can increase the timeout in your CodeRabbit configuration to a maximum of 15 minutes (900000ms). (3)

GitHub Check: run_make_ci_test
GitHub Check: run_make_ci_lint
GitHub Check: run_make_ci_test

🔇 Additional comments (20)

test-integration/programs/schedulecommit/src/utils/mod.rs (3)

49-55: LGTM: Type alignment with Solana API.

Changing size from usize to u64 correctly aligns with Solana's system_instruction::allocate signature, which expects space: u64.

75-79: LGTM: Helpful debug logging.

The added logging for lamport requirements and payer balance aids in troubleshooting account allocation issues during testing.

90-90: Critical fix: Correct system_instruction::allocate signature.

The updated call now correctly provides both required arguments (pubkey and space) to system_instruction::allocate. The previous implementation appears to have been missing the pubkey argument, which would not match the function signature: pub fn allocate(pubkey: &Pubkey, space: u64) -> Instruction.

test-integration/test-tools/src/scheduled_commits.rs (1)

182-213: Variable renaming improves clarity.

The renaming of log variables to ephem_logs_l1 and ephem_logs_l2 clearly distinguishes the two-level log fetching process, and the updated error context at line 206 now correctly references the first-level logs. These changes enhance code readability.

test-integration/programs/schedulecommit-security/src/lib.rs (2)

2-2: LGTM!

The CommitPolicy import is correctly added to support the new argument at line 149.

143-150: Ignore this review comment. The original comment incorrectly assumes that schedule_commit_cpi_instruction and create_schedule_commit_ix should be consistent, but they are two distinct functions from different crates with different purposes:

schedule_commit_cpi_instruction (from program_schedulecommit::api) is a local CPI helper that does not accept a CommitPolicy parameter

create_schedule_commit_ix (from ephemeral_rollups_sdk::ephem) is an SDK function that accepts CommitPolicy as a parameter

The two functions have intentionally different signatures. There is no test inconsistency to address.

Likely an incorrect or invalid review comment.

test-integration/test-ledger-restore/tests/08_commit_update.rs (1)

55-61: No issues found—code is correct as written.

The TempDir returned by setup_validator_with_local_remote is created specifically for temporary config storage during validator initialization (written in start_magicblock_validator_with_config_struct at line 225: fs::write(&config_path, config_toml)). After the validator process is spawned, this directory is no longer needed and is safely dropped. The actual ledger directory is managed separately by the main _tmpdir at line 42 of the test, which persists for the entire test duration. The binding to _tmpdir with an underscore prefix correctly signals that this return value is intentionally unused beyond validator initialization.

test-integration/programs/schedulecommit/src/api.rs (3)

36-54: LGTM!

The init_order_book_instruction follows the standard instruction builder pattern with appropriate account metadata.

56-75: LGTM!

The grow_order_book_instruction correctly constructs the instruction with the additional_space parameter.

175-212: LGTM!

Both update_order_book_instruction and schedule_commit_diff_instruction_for_order_book follow correct instruction builder patterns with appropriate account metadata.

test-integration/schedulecommit/test-scenarios/tests/01_commits.rs (1)

30-31: LGTM! Deterministic seed ensures reproducible test contexts.

The hard-coded seed b"magic_schedule_commit" provides deterministic PDA derivation and context initialization, which improves test reliability and debugging.

Also applies to: 84-85
test-integration/schedulecommit/test-scenarios/tests/03_commits_fee_payer.rs (2)
82-135: LGTM! Fee payer escrow test properly verifies expected behavior.

The test correctly verifies that with proper escrow setup, the fee payer commit succeeds and all expected assertions pass.

34-41: Fix struct field destructuring: payer_ephem field and ephem_blockhash retrieval.

The code attempts to destructure non-existent struct fields:

Line 35: payer field doesn't exist in ScheduleCommitTestContextFields — should be payer_ephem: payer

Line 39: ephem_blockhash is not a struct field — must be fetched separately via ephem_client.get_latest_blockhash().unwrap()

Lines 58, 112: Remove dereference (*) from ephem_blockhash once corrected

See 01_commits.rs (lines 34, 54) for the correct pattern.

Also applies to: 88-95, 112
⛔ Skipped due to learnings
Learnt from: bmuddha
Repo: magicblock-labs/magicblock-validator PR: 578
File: magicblock-aperture/src/requests/websocket/account_subscribe.rs:18-27
Timestamp: 2025-10-21T14:00:54.642Z
Learning: In magicblock-aperture account_subscribe handler (src/requests/websocket/account_subscribe.rs), the RpcAccountInfoConfig fields data_slice, commitment, and min_context_slot are currently ignored—only encoding is applied. This is tracked as technical debt in issue #579: https://github.com/magicblock-labs/magicblock-validator/issues/579
programs/magicblock/src/magic_scheduled_base_intent.rs (3)

104-106: LGTM!

The is_commit_diff() method correctly delegates to the base intent, following the same pattern as the existing is_undelegate() method.

155-163: LGTM!

The is_commit_diff() method correctly handles all MagicBaseIntent variants, properly delegating to the underlying CommitType for both Commit and CommitAndUndelegate cases.

458-458: LGTM!

The accessor methods correctly handle the new StandaloneDiff variant, treating it identically to Standalone since both contain Vec<CommittedAccount>.

Also applies to: 468-468, 480-482

magicblock-committor-service/src/tasks/task_visitors/persistor_visitor.rs (2)

29-33: LGTM!

The match correctly handles both Commit and CommitDiff variants identically, as both contain CommitTask and should be persisted the same way.

59-59: ****

The review comment is incorrect. BufferTaskType intentionally has only a single Commit variant because it represents buffer-based commit operations. CommitDiff is a separate task variant that belongs exclusively to ArgsTaskType and is handled through a different code path.

Evidence:

ArgsTaskType includes CommitDiff(CommitTask), but BufferTaskType does not

ArgsTaskType::CommitDiff explicitly panics with "ArgsTaskType::CommitDiff not handled" when attempting conversion, indicating CommitDiff is intentionally not converted to BufferTask

The refutable pattern at line 59 is safe because BufferTaskType can only ever contain a single variant

No code changes are needed; the refutable pattern is correct as implemented.

Likely an incorrect or invalid review comment.

programs/magicblock/src/schedule_transactions/process_schedule_commit.rs (2)

31-31: LGTM!

The request_diff field addition cleanly extends the options structure to control diff-based commit scheduling.

231-238: LGTM!

The commit_action is correctly used in both the undelegation and non-undelegation paths, enabling diff-based commits for both scenarios while preserving existing semantics.

magicblock-committor-service/src/tasks/args_task.rs

programs/magicblock/src/schedule_transactions/process_schedule_commit.rs

test-integration/programs/schedulecommit/src/utils/mod.rs

test-integration/schedulecommit/test-scenarios/tests/02_commit_and_undelegate.rs

test-integration/schedulecommit/test-scenarios/tests/utils/mod.rs

coderabbitai

Actionable comments posted: 1

♻️ Duplicate comments (8)

test-integration/Cargo.toml (1)

40-40: ⚠️ Path dependency concerns from prior review remain unresolved.

The migration from git-based to local path dependencies for ephemeral-rollups-sdk and magicblock-delegation-program still poses the same critical CI/CD risks flagged in the previous review: these paths do not exist in the repository, CI workflows do not clone them, and builds will fail in CI/CD and for contributors without manual setup.

The prior review's recommendations still apply:

Update CI to clone both external repositories, OR

Switch back to git-based references, OR

Add clear setup documentation with exact clone commands and relative paths

Also applies to: 60-60
magicblock-committor-service/src/tasks/args_task.rs (2)
228-234: reset_commit_id must handle CommitDiff variant.

The current implementation only updates the commit_id for Commit tasks and silently returns for CommitDiff. When a CommitDiff task is recycled, the stale commit_id will remain, causing desynced submissions.

Apply this fix to handle both variants:
 fn reset_commit_id(&mut self, commit_id: u64) {
-    // TODO (snawaz): handle CommitDiff as well? what is it about?
-    let ArgsTaskType::Commit(commit_task) = &mut self.task_type else {
-        return;
-    };
-
-    commit_task.commit_id = commit_id;
+    match &mut self.task_type {
+        ArgsTaskType::Commit(task) | ArgsTaskType::CommitDiff(task) => {
+            task.commit_id = commit_id;
+        }
+        _ => {
+            // Only Commit and CommitDiff tasks have commit_id
+        }
+    }
 }
74-122: Network I/O inside instruction() remains a major concern.

The instruction() method performs RPC calls and diff computation on every invocation, which is expensive and risky:

instruction() may be called multiple times (e.g., via involved_accounts), multiplying RPC calls

TOCTOU: base-chain account can change between diff calculation and transaction submission

Coupling to network hinders testing and determinism

Per previous discussion, this is acknowledged as temporary and will be addressed in subsequent PRs. Consider tracking this technical debt.
programs/magicblock/src/schedule_transactions/process_schedule_commit.rs (1)

224-228: Consider enhancing observability as previously suggested.

The conditional logic correctly selects the commit type based on request_diff. However, a past review comment suggests improving the log messages to include the number of committed accounts and the flag value for better operational visibility.

test-integration/programs/schedulecommit/src/order_book.rs (2)

99-119: Unaligned typed reference to OrderBookHeader remains a critical issue.

Line 114 creates a typed reference &mut OrderBookHeader via raw pointer cast. While alignment is asserted at runtime (lines 102-110), Solana account data does not guarantee alignment for arbitrary types. This is undefined behavior if the account data is not aligned to align_of::<OrderBookHeader>().

The assertion will catch misalignment at runtime, but the proper fix is to avoid typed references entirely. Consider reading/writing the header fields as raw bytes using little-endian encoding.

165-178: Typed slices over potentially unaligned memory (OrderLevel).

Lines 166 and 173-174 use slice::from_raw_parts to create typed slices of OrderLevel (which contains u64 fields requiring 8-byte alignment). Account data alignment is not guaranteed by Solana, leading to undefined behavior on read.

Per previous review: store levels as raw bytes and provide accessors that read/write fields via u64::from_le_bytes/to_le_bytes, or use a packed representation without taking references to fields.
test-integration/programs/schedulecommit/src/lib.rs (2)
280-311: Critical: OrderBook header is never initialized.

After allocate_account_and_assign_owner returns (line 308), the account data contains uninitialized memory. Subsequent calls to OrderBook::new will read uninitialized bids_len and asks_len values, causing undefined behavior.

Apply this fix immediately after allocation:
     allocate_account_and_assign_owner(AllocateAndAssignAccountArgs {
         payer_info: payer,
         account_info: order_book,
         owner: &crate::ID,
         signer_seeds: &[b"order_book", book_manager.key.as_ref(), &[bump]],
         size: 10 * 1024,
     })?;
 
+    // Initialize header to zero
+    let mut data = order_book.try_borrow_mut_data()?;
+    let header_size = core::mem::size_of::<OrderBookHeader>();
+    for b in &mut data[..header_size] {
+        *b = 0;
+    }
 
     Ok(())
329-334: Incorrect identifier in PDA assertion error message.

Line 332 incorrectly references payer.key in the error message, which should be book_manager.key to accurately reflect the PDA derivation.

Apply this fix:
     assert_keys_equal(order_book.key, &pda, || {
         format!(
             "PDA for the account ('{}') and for book_manager ('{}') is incorrect",
-            order_book.key, payer.key
+            order_book.key, book_manager.key
         )
     })?;

📜 Review details

Configuration used: CodeRabbit UI

Review profile: ASSERTIVE

Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between 693af7f and 99f2e8f.

⛔ Files ignored due to path filters (2)

Cargo.lock is excluded by !**/*.lock
test-integration/Cargo.lock is excluded by !**/*.lock

📒 Files selected for processing (8)

magicblock-committor-service/src/tasks/args_task.rs (6 hunks)
programs/magicblock/src/magic_scheduled_base_intent.rs (7 hunks)
programs/magicblock/src/magicblock_processor.rs (2 hunks)
programs/magicblock/src/schedule_transactions/process_schedule_commit.rs (2 hunks)
test-integration/Cargo.toml (4 hunks)
test-integration/programs/schedulecommit/Cargo.toml (1 hunks)
test-integration/programs/schedulecommit/src/lib.rs (9 hunks)
test-integration/programs/schedulecommit/src/order_book.rs (1 hunks)

🧰 Additional context used

🧠 Learnings (2)

📚 Learning: 2025-10-21T14:00:54.642Z

Learnt from: bmuddha
Repo: magicblock-labs/magicblock-validator PR: 578
File: magicblock-aperture/src/requests/websocket/account_subscribe.rs:18-27
Timestamp: 2025-10-21T14:00:54.642Z
Learning: In magicblock-aperture account_subscribe handler (src/requests/websocket/account_subscribe.rs), the RpcAccountInfoConfig fields data_slice, commitment, and min_context_slot are currently ignored—only encoding is applied. This is tracked as technical debt in issue #579: https://github.com/magicblock-labs/magicblock-validator/issues/579

Applied to files:

magicblock-committor-service/src/tasks/args_task.rs
test-integration/programs/schedulecommit/src/order_book.rs
test-integration/programs/schedulecommit/src/lib.rs

📚 Learning: 2025-10-26T08:49:31.543Z

Learnt from: taco-paco
Repo: magicblock-labs/magicblock-validator PR: 585
File: magicblock-committor-service/src/tasks/buffer_task.rs:111-115
Timestamp: 2025-10-26T08:49:31.543Z
Learning: In the magicblock-committor-service, compute units returned by the `compute_units()` method in task implementations (such as `BufferTask`, `ArgsTask`, etc.) represent the compute budget for a single task. Transactions can comprise multiple tasks, and the total compute budget for a transaction is computed as the sum of the compute units of all tasks included in that transaction.

Applied to files:

magicblock-committor-service/src/tasks/args_task.rs

🧬 Code graph analysis (5)

magicblock-committor-service/src/tasks/args_task.rs (3)

magicblock-committor-service/src/tasks/mod.rs (2)

instruction (66-66)

instruction (249-255)

magicblock-committor-service/src/tasks/buffer_task.rs (1)

instruction (65-86)

magicblock-committor-service/src/config.rs (1)

local (29-35)

programs/magicblock/src/magicblock_processor.rs (1)

programs/magicblock/src/schedule_transactions/process_schedule_commit.rs (1)

process_schedule_commit (34-258)

programs/magicblock/src/schedule_transactions/process_schedule_commit.rs (2)

magicblock-committor-service/src/tasks/task_builder.rs (1)

committed_accounts (153-156)

test-integration/test-committor-service/tests/test_ix_commit_local.rs (1)

base_intent (544-549)

programs/magicblock/src/magic_scheduled_base_intent.rs (1)

magicblock-committor-service/src/tasks/task_builder.rs (1)

committed_accounts (153-156)

test-integration/programs/schedulecommit/src/lib.rs (2)

test-integration/programs/schedulecommit/src/utils/mod.rs (3)

assert_is_signer (30-44)

assert_keys_equal (16-28)

allocate_account_and_assign_owner (58-106)

test-integration/programs/schedulecommit/src/order_book.rs (1)

new (99-119)

🔇 Additional comments (11)

test-integration/Cargo.toml (1)

72-72: Now let me check the codebase for actual usage of these dependencies to confirm they are necessary:

Based on my verification, I can now generate the rewritten review comment:

Both dependencies are compatible with Solana 2.2 and appropriate for this PR.

rkyv 0.7.45 supports no_std and no_alloc configurations, making it suitable for Solana on-chain programs. It supports no-std builds for targets without a standard library and no-alloc builds for targets where allocations cannot be made. The Solana VM guarantees that account data is byte-aligned to a multiple of 8, which enables rkyv's zero-copy deserialization to function safely on account data. static_assertions 1.1.0 is a stable, widely-adopted crate (225,914,390 downloads all time) providing compile-time assertion macros useful for validating account structure layouts and sizes—a common pattern in Solana programs.

No further verification needed.

test-integration/programs/schedulecommit/Cargo.toml (1)

11-12: LGTM! Dependencies properly support order book implementation.

The additions of rkyv and static_assertions are well-utilized in order_book.rs for alignment guarantees and compile-time size/alignment checks.

programs/magicblock/src/schedule_transactions/process_schedule_commit.rs (1)

31-31: LGTM! New field enables diff-based commit path.

The request_diff flag properly controls whether to use CommitType::StandaloneDiff or CommitType::Standalone, enabling the optimization for large accounts with small changes.

programs/magicblock/src/magicblock_processor.rs (2)

44-59: LGTM! Existing instructions properly default to non-diff path.

Both ScheduleCommit and ScheduleCommitAndUndelegate correctly set request_diff: false to maintain existing behavior.

85-92: LGTM! New instruction variant correctly enables diff-based commit with undelegation.

The ScheduleCommitDiffAndUndelegate instruction properly sets both request_undelegation: true and request_diff: true, mirroring ScheduleCommitAndUndelegate behavior while enabling the diff optimization.

test-integration/programs/schedulecommit/src/order_book.rs (1)

48-75: LGTM! Mutable aliasing UB resolved with aligned copy.

The implementation now safely copies the input buffer into rkyv::AlignedVec before creating mutable references, avoiding the undefined behavior from the previous approach. The comment clearly explains the rationale.

magicblock-committor-service/src/tasks/args_task.rs (2)

171-172: LGTM! CommitDiff correctly returns Err(self) in optimize().

Returning Err(self) for CommitDiff is correct since the diff is already optimized by design—it sends only the differences rather than full account data. Converting to BufferTask would be counterproductive.

Per previous discussion, this is the correct semantic since CommitDiff is already using the most efficient data transfer strategy.

196-203: LGTM! Compute units appropriately set for CommitDiff.

The 65,000 compute units for CommitDiff (vs 70,000 for Commit) reflects the reduced work from transmitting only the diff. This aligns with the test observation showing lower CU usage.

Based on learnings: these are compute units per task, and transactions may comprise multiple tasks.

test-integration/programs/schedulecommit/src/lib.rs (3)

203-203: LGTM! Type change to u64 is appropriate.

Changing MainAccount::SIZE from usize to u64 aligns with the size parameter type in allocate_account_and_assign_owner (line 255) and Solana's account size conventions.

398-414: LGTM! Log message and signer check are correct.

Line 402 now uses the accurate log message "Update orderbook", and line 407 properly validates that the payer is a signer before allowing the update.

419-439: LGTM! Handler correctly uses diff-based commit with undelegation.

The implementation properly:

Returns NotEnoughAccountKeys when accounts are missing (line 426)

Validates payer is a signer (line 429)

Invokes commit_diff_and_undelegate_accounts for the optimized diff path (line 431)

programs/magicblock/src/magic_scheduled_base_intent.rs

coderabbitai

Actionable comments posted: 1

Caution

Some comments are outside the diff and can’t be posted inline due to platform limitations.

⚠️ Outside diff range comments (1)

magicblock-committor-service/src/tasks/args_task.rs (1)
228-235: Critical: reset_commit_id silently ignores CommitDiff tasks.

When a CommitDiff task is recycled, the current code silently returns without updating its commit_id (line 230-232), leaving stale IDs that will cause:

Desynchronization with actual commit state

Failed submissions with wrong nonce

Data integrity issues

A past review correctly identified this issue.

Apply this fix to handle both Commit and CommitDiff:
     fn reset_commit_id(&mut self, commit_id: u64) {
-        // TODO (snawaz): handle CommitDiff as well? what is it about?
-        let ArgsTaskType::Commit(commit_task) = &mut self.task_type else {
-            return;
-        };
-
-        commit_task.commit_id = commit_id;
+        match &mut self.task_type {
+            ArgsTaskType::Commit(task) | ArgsTaskType::CommitDiff(task) => {
+                task.commit_id = commit_id;
+            }
+            _ => {
+                // Other task types don't have commit_id
+            }
+        }
     }

♻️ Duplicate comments (7)

programs/magicblock/src/magic_scheduled_base_intent.rs (1)
389-446: CRITICAL: try_from_args cannot construct StandaloneDiff.

The try_from_args method only handles CommitTypeArgs::Standalone and CommitTypeArgs::WithBaseActions, but does not handle CommitTypeArgs::StandaloneDiff. This means:

Code paths using try_from_args (e.g., process_schedule_base_intent) cannot construct CommitType::StandaloneDiff

Only process_schedule_commit can create it programmatically

Any attempt to deserialize CommitTypeArgs::StandaloneDiff from instruction data will fail

This creates a critical inconsistency where the StandaloneDiff variant cannot be fully utilized across all code paths.

The method needs a new match arm similar to:
 pub fn try_from_args(
     args: CommitTypeArgs,
     context: &ConstructionContext<'_, '_>,
 ) -> Result<CommitType, InstructionError> {
     match args {
         CommitTypeArgs::Standalone(accounts) => {
             // ... existing code ...
             Ok(CommitType::Standalone(committed_accounts))
         }
+        CommitTypeArgs::StandaloneDiff(accounts) => {
+            let committed_accounts_ref = Self::extract_commit_accounts(
+                &accounts,
+                context.transaction_context,
+            )?;
+            Self::validate_accounts(&committed_accounts_ref, context)?;
+            let committed_accounts = committed_accounts_ref
+                .into_iter()
+                .map(|el| {
+                    let mut committed_account: CommittedAccount = el.into();
+                    committed_account.account.owner = context
+                        .parent_program_id
+                        .unwrap_or(committed_account.account.owner);
+                    committed_account
+                })
+                .collect();
+            Ok(CommitType::StandaloneDiff(committed_accounts))
+        }
         CommitTypeArgs::WithBaseActions { ... } => {
             // ... existing code ...
         }
     }
 }
Based on past review comment.
programs/magicblock/src/schedule_transactions/process_schedule_commit.rs (1)
224-228: Add observability logging for commit type selection.

The conditional logic correctly selects the commit type, but lacks logging to indicate which path was taken. This makes debugging and auditing more difficult.

Based on past review comment, consider adding:
 let commit_action = if opts.request_diff {
+    ic_msg!(
+        invoke_context,
+        "ScheduleCommit: using StandaloneDiff for {} accounts",
+        committed_accounts.len()
+    );
     CommitType::StandaloneDiff(committed_accounts)
 } else {
+    ic_msg!(
+        invoke_context,
+        "ScheduleCommit: using Standalone for {} accounts",
+        committed_accounts.len()
+    );
     CommitType::Standalone(committed_accounts)
 };
magicblock-committor-service/src/tasks/args_task.rs (1)
74-122: Network I/O in instruction() confirmed as unresolved; improve fallback logging.

The RPC-in-instruction issue is genuine and remains present despite the past review claiming it was addressed in commit 99f2e8f (which does not exist in the repository).

Confirmed concerns:

instruction() called multiple times per task: The method is invoked from delivery_preparator.rs (line 377, mapped over cleanup_tasks), tasks/utils.rs (line 58, mapped over tasks), and task_strategist.rs (line 217, in optimization loop). Each call triggers RPC I/O on the base-chain, multiplying network overhead and creating TOCTOU race conditions.

ChainConfig hardcoded locally (line 76): ChainConfig is properly injected into the service/processor but ArgsTask hardcodes ChainConfig::local() instead of receiving injected config. This remains unresolved.

Fallback log incomplete (line 90): The message contains a typo ("commmit_id" with 3 m's) and is missing the pubkey context for debugging. Improve clarity:
-                        log::warn!("Fallback to commit_state and send full-bytes, as rpc failed to fetch the delegated-account from base chain, commmit_id: {} , error: {}", value.commit_id, e);
+                        log::warn!(
+                            "Fallback to commit_state for account {}: RPC fetch failed, commit_id={} - {}",
+                            value.committed_account.pubkey,
+                            value.commit_id,
+                            e
+                        );
The architectural concerns about performing RPC I/O during instruction building should be addressed, and the config injection pattern needs to be established.
test-integration/programs/schedulecommit/src/lib.rs (3)
280-311: Header remains uninitialized after allocation—subsequent reads are undefined.

After allocate_account_and_assign_owner, the header fields (bids_len, asks_len) are still uninitialized. Any call to OrderBook::new on this account will read garbage.

Apply this fix to zero the header immediately after allocation:
     allocate_account_and_assign_owner(AllocateAndAssignAccountArgs {
         payer_info: payer,
         account_info: order_book,
         owner: &crate::ID,
         signer_seeds: &[b"order_book", book_manager.key.as_ref(), &[bump]],
         size: 10 * 1024,
     })?;
 
+    // Initialize header to zero
+    let mut data = order_book.try_borrow_mut_data()?;
+    data[..core::mem::size_of::<OrderBookHeader>()].fill(0);
 
     Ok(())
329-334: Error message references wrong key.

The PDA assertion message incorrectly shows payer.key instead of book_manager.key, making debugging harder.
     assert_keys_equal(order_book.key, &pda, || {
         format!(
             "PDA for the account ('{}') and for book_manager ('{}') is incorrect",
-            order_book.key, payer.key
+            order_book.key, book_manager.key
         )
     })?;
402-402: Inconsistent log message casing.

Message says "Update orderbook" but other logs use "OrderBook" with capital letters and space for consistency.
-    msg!("Update orderbook");
+    msg!("Update order book");
test-integration/Cargo.toml (1)
40-40: Local path dependencies will break CI/CD builds.

These local path dependencies point to repositories outside the current codebase (../../ephemeral-rollups-sdk and ../../delegation-program) that are not cloned by the CI workflow. This will cause build failures for all contributors and in continuous integration.

Choose one of the following solutions:

Revert to git-based dependencies (recommended for now):
-ephemeral-rollups-sdk = { path = "../../ephemeral-rollups-sdk/rust/sdk"}
+ephemeral-rollups-sdk = { git = "https://github.com/magicblock-labs/ephemeral-rollups-sdk.git", rev = "..." }
Update CI to clone required repositories before build steps in .github/workflows/ci-test-integration.yml

Document the local setup in README with explicit clone instructions if local paths are intended for development only

Based on learnings: This appears to be a transition to local development setup but lacks the corresponding CI infrastructure updates.

Also applies to: 60-60

📜 Review details

Configuration used: CodeRabbit UI

Review profile: ASSERTIVE

Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between 99f2e8f and 7eaaa13.

⛔ Files ignored due to path filters (2)

Cargo.lock is excluded by !**/*.lock
test-integration/Cargo.lock is excluded by !**/*.lock

📒 Files selected for processing (8)

magicblock-committor-service/src/tasks/args_task.rs (6 hunks)
programs/magicblock/src/magic_scheduled_base_intent.rs (7 hunks)
programs/magicblock/src/magicblock_processor.rs (2 hunks)
programs/magicblock/src/schedule_transactions/process_schedule_commit.rs (2 hunks)
test-integration/Cargo.toml (4 hunks)
test-integration/programs/schedulecommit/Cargo.toml (1 hunks)
test-integration/programs/schedulecommit/src/lib.rs (9 hunks)
test-integration/programs/schedulecommit/src/order_book.rs (1 hunks)

🧰 Additional context used

🧠 Learnings (2)

📚 Learning: 2025-10-21T14:00:54.642Z

Learnt from: bmuddha
Repo: magicblock-labs/magicblock-validator PR: 578
File: magicblock-aperture/src/requests/websocket/account_subscribe.rs:18-27
Timestamp: 2025-10-21T14:00:54.642Z
Learning: In magicblock-aperture account_subscribe handler (src/requests/websocket/account_subscribe.rs), the RpcAccountInfoConfig fields data_slice, commitment, and min_context_slot are currently ignored—only encoding is applied. This is tracked as technical debt in issue #579: https://github.com/magicblock-labs/magicblock-validator/issues/579

Applied to files:

magicblock-committor-service/src/tasks/args_task.rs
test-integration/programs/schedulecommit/src/lib.rs
test-integration/programs/schedulecommit/src/order_book.rs

📚 Learning: 2025-10-26T08:49:31.543Z

Learnt from: taco-paco
Repo: magicblock-labs/magicblock-validator PR: 585
File: magicblock-committor-service/src/tasks/buffer_task.rs:111-115
Timestamp: 2025-10-26T08:49:31.543Z
Learning: In the magicblock-committor-service, compute units returned by the `compute_units()` method in task implementations (such as `BufferTask`, `ArgsTask`, etc.) represent the compute budget for a single task. Transactions can comprise multiple tasks, and the total compute budget for a transaction is computed as the sum of the compute units of all tasks included in that transaction.

Applied to files:

magicblock-committor-service/src/tasks/args_task.rs

🧬 Code graph analysis (5)

magicblock-committor-service/src/tasks/args_task.rs (4)

magicblock-committor-service/src/tasks/mod.rs (2)

instruction (66-66)

instruction (249-255)

magicblock-committor-service/src/tasks/buffer_task.rs (2)

instruction (65-86)

new (37-45)

magicblock-committor-service/src/config.rs (1)

local (29-35)

magicblock-accounts/src/scheduled_commits_processor.rs (2)

new (66-90)

new (420-436)

programs/magicblock/src/magic_scheduled_base_intent.rs (1)

magicblock-committor-service/src/tasks/task_builder.rs (1)

committed_accounts (153-156)

programs/magicblock/src/magicblock_processor.rs (1)

programs/magicblock/src/schedule_transactions/process_schedule_commit.rs (1)

process_schedule_commit (34-258)

programs/magicblock/src/schedule_transactions/process_schedule_commit.rs (2)

magicblock-committor-service/src/tasks/task_builder.rs (1)

committed_accounts (153-156)

test-integration/test-committor-service/tests/test_ix_commit_local.rs (1)

base_intent (544-549)

test-integration/programs/schedulecommit/src/lib.rs (2)

test-integration/programs/schedulecommit/src/utils/mod.rs (3)

assert_is_signer (30-44)

assert_keys_equal (16-28)

allocate_account_and_assign_owner (58-106)

test-integration/programs/schedulecommit/src/order_book.rs (1)

new (105-125)

⏰ Context from checks skipped due to timeout of 90000ms. You can increase the timeout in your CodeRabbit configuration to a maximum of 15 minutes (900000ms). (3)

GitHub Check: run_make_ci_format
GitHub Check: run_make_ci_test
GitHub Check: run_make_ci_test

🔇 Additional comments (14)

programs/magicblock/src/schedule_transactions/process_schedule_commit.rs (1)

29-32: Field addition looks correct.

The new request_diff field is properly scoped as pub(crate) and the Default trait will initialize it to false, maintaining backward compatibility.

programs/magicblock/src/magicblock_processor.rs (2)

44-51: ScheduleCommit handler correctly configured.

The handler properly sets request_diff: false to maintain the existing full-commit behavior for standard commits.

85-92: New instruction handler correctly implemented.

The ScheduleCommitDiffAndUndelegate handler properly enables both undelegation and diff-based commits by setting both flags to true. The implementation follows the established pattern from the other handlers.

programs/magicblock/src/magic_scheduled_base_intent.rs (4)

104-106: Delegation method correctly implemented.

The is_commit_diff() method appropriately delegates to the underlying base_intent, following the established pattern for other query methods in this struct.

155-163: Commit diff detection logic is correct.

The method correctly returns false for BaseActions and properly delegates to the commit-related variants to determine if differential commits are enabled.

317-327: StandaloneDiff variant added correctly.

The new variant follows the same structure as Standalone, holding Vec<CommittedAccount>. Note that full account data is stored here; the actual diff computation likely occurs downstream during commit processing.

448-484: Accessor methods properly handle StandaloneDiff.

All match expressions are now exhaustive and correctly handle the new StandaloneDiff variant. The is_commit_diff() method correctly returns true only for StandaloneDiff, and the accessor methods treat it consistently with Standalone.

magicblock-committor-service/src/tasks/args_task.rs (4)

1-24: LGTM: Imports support the CommitDiff feature.

All new imports are necessary for the RPC client setup, diff computation, and configuration.

30-30: LGTM: CommitDiff variant added.

Reusing CommitTask for the CommitDiff variant is appropriate since they share the same data requirements.

171-172: LGTM: Returning Err(self) for CommitDiff is correct.

The past review discussion thoroughly analyzed this and concluded that CommitDiff should return Err(self) (no optimization) because:

CommitDiff is already optimized by design—it transmits only the diff (e.g., 286 bytes) vs. full account data (10,240 bytes per your test)

Converting CommitDiff to BufferTask would be counterproductive and defeat its purpose

Err(self) correctly signals "no further optimization possible"

Suggestion: The TODO on line 171 can be resolved and removed based on the past review's analysis.

199-199: LGTM: Compute units appropriately reduced for CommitDiff.

The 65,000 compute unit allocation (5k less than Commit's 70k) aligns with your test observations and reflects the reduced data processing for diff-based commits.

test-integration/programs/schedulecommit/src/lib.rs (1)

419-439: LGTM—signer validation and error handling are now correct.

The function now properly returns NotEnoughAccountKeys when the accounts array doesn't match, and validates that payer is a signer before proceeding with the CPI call.

test-integration/programs/schedulecommit/Cargo.toml (1)

11-12: LGTM—dependencies appropriately support zero-copy OrderBook.

The rkyv crate provides AlignedVec for safe buffer allocation, and static_assertions enables compile-time layout verification. Both are correctly utilized in order_book.rs.

test-integration/Cargo.toml (1)

72-72: LGTM—workspace dependencies properly declared.

The rkyv and static_assertions crates are correctly added at the workspace level, enabling their use across integration test crates for zero-copy structures and compile-time assertions.

Also applies to: 91-91

magicblock-committor-service/src/tasks/args_task.rs

coderabbitai

Actionable comments posted: 3

📜 Review details

Configuration used: CodeRabbit UI

Review profile: ASSERTIVE

Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between 45d5b50 and 4a5d8e2.

📒 Files selected for processing (5)

test-integration/schedulecommit/client/src/schedule_commit_context.rs (6 hunks)
test-integration/schedulecommit/test-security/tests/01_invocations.rs (1 hunks)
test-integration/test-committor-service/tests/common.rs (2 hunks)
test-integration/test-committor-service/tests/test_transaction_preparator.rs (3 hunks)
test-integration/test-tools/src/integration_test_context.rs (2 hunks)

🧰 Additional context used

🧠 Learnings (2)

📚 Learning: 2025-10-21T14:00:54.642Z

Learnt from: bmuddha
Repo: magicblock-labs/magicblock-validator PR: 578
File: magicblock-aperture/src/requests/websocket/account_subscribe.rs:18-27
Timestamp: 2025-10-21T14:00:54.642Z
Learning: In magicblock-aperture account_subscribe handler (src/requests/websocket/account_subscribe.rs), the RpcAccountInfoConfig fields data_slice, commitment, and min_context_slot are currently ignored—only encoding is applied. This is tracked as technical debt in issue #579: https://github.com/magicblock-labs/magicblock-validator/issues/579

Applied to files:

test-integration/schedulecommit/client/src/schedule_commit_context.rs

📚 Learning: 2025-10-14T09:56:14.047Z

Learnt from: taco-paco
Repo: magicblock-labs/magicblock-validator PR: 564
File: test-integration/programs/flexi-counter/src/processor/call_handler.rs:122-125
Timestamp: 2025-10-14T09:56:14.047Z
Learning: The file test-integration/programs/flexi-counter/src/processor/call_handler.rs contains a test smart contract used for integration testing, not production code.

Applied to files:

test-integration/test-tools/src/integration_test_context.rs

🧬 Code graph analysis (4)

test-integration/schedulecommit/test-security/tests/01_invocations.rs (1)

test-integration/schedulecommit/client/src/schedule_commit_context.rs (2)

try_new (72-74)

try_new_random_keys (66-71)

test-integration/test-committor-service/tests/test_transaction_preparator.rs (3)

magicblock-committor-service/src/tasks/args_task.rs (1)

new (36-41)

magicblock-committor-service/src/tasks/mod.rs (1)

new (123-152)

magicblock-committor-service/src/tasks/buffer_task.rs (2)

new (37-45)

new_preparation_required (30-35)

test-integration/test-committor-service/tests/common.rs (1)

magicblock-committor-service/src/tasks/mod.rs (1)

new (123-152)

test-integration/schedulecommit/client/src/schedule_commit_context.rs (3)

test-integration/programs/schedulecommit/src/api.rs (3)

init_order_book_instruction (36-54)

init_payer_escrow (77-98)

init_account_instruction (16-34)

test-integration/test-tools/src/integration_test_context.rs (1)

try_new (113-115)

test-integration/programs/flexi-counter/src/state.rs (1)

pda (32-35)

⏰ Context from checks skipped due to timeout of 90000ms. You can increase the timeout in your CodeRabbit configuration to a maximum of 15 minutes (900000ms). (3)

GitHub Check: run_make_ci_lint
GitHub Check: run_make_ci_test
GitHub Check: Build Project

🔇 Additional comments (7)

test-integration/test-tools/src/integration_test_context.rs (1)

157-159: LGTM! Format placeholder bug fixed.

The panic message now correctly includes the label parameter, addressing the previous review comment. The error will properly indicate which rpc_client is missing.

test-integration/schedulecommit/client/src/schedule_commit_context.rs (3)

66-80: LGTM: Constructor API properly updated for user_seed support.

The constructor signatures are consistently updated to accept user_seed parameter, which is necessary for supporting different commit paths (standard vs. OrderBook). The breaking API change aligns with the PR objectives.

170-211: LGTM: Seed-based branching and error handling are well-implemented.

The match expression correctly handles both supported seeds (magic_schedule_commit and order_book) and provides a clear error message for unsupported seeds. The branching logic appropriately calls the corresponding initialization instructions for each path.

268-277: LGTM: user_seed correctly propagated to delegation instruction.

The user_seed is properly passed to delegate_account_cpi_instruction, ensuring consistent PDA derivation throughout the delegation flow.

test-integration/schedulecommit/test-security/tests/01_invocations.rs (1)

28-42: LGTM: Test helper correctly updated for new API.

The prepare_ctx_with_account_to_commit helper properly passes b"magic_schedule_commit" to both try_new and try_new_random_keys, which is appropriate for these security-focused invocation tests. The API migration is consistent and correct.

test-integration/test-committor-service/tests/test_transaction_preparator.rs (1)

38-42: LGTM! Consistent adoption of the new CommitTask::new() API.

All test cases have been correctly updated to use CommitTask::new() instead of direct struct construction. The argument order (commit_id, allow_undelegation, committed_account) is consistent across all call sites, and the tests correctly wrap CommitTask in either ArgsTask or BufferTask as appropriate.

Also applies to: 92-95, 99-103, 186-189

test-integration/test-committor-service/tests/common.rs (1)

150-166: The RPC client creation and network call in CommitTask::new() are correctly implemented, but the helper function doesn't exercise the CommitDiff optimization path.

The change correctly adopts the new CommitTask::new() API. However, there are two concerns worth verifying:

RPC call behavior: CommitTask::new() creates an RpcClient pointing to localhost:7799 and synchronously calls get_account() for accounts larger than 200 bytes (lines 138–144 in magicblock-committor-service/src/tasks/mod.rs). Since create_commit_task() uses Pubkey::new_unique(), these accounts don't exist on-chain, so the fetch will always return None and fetched_account will never be populated.

CommitDiff not exercised: The is_commit_diff() method (line 158 in mod.rs) returns true only when both data > 200 bytes AND fetched_account.is_some(). With this helper, the second condition is never met, so tests using create_commit_task() won't exercise the CommitDiff optimization path.

Other tests in the suite (e.g., test_ix_commit_local.rs) use different account creation patterns with various sizes (100 bytes, 800 bytes, 1KB, 10KB). Verify that those tests properly set up on-chain accounts so the CommitDiff path is tested elsewhere.

test-integration/schedulecommit/client/src/schedule_commit_context.rs

test-integration/test-tools/src/integration_test_context.rs

coderabbitai

Actionable comments posted: 1

♻️ Duplicate comments (1)

magicblock-committor-service/src/tasks/mod.rs (1)

123-173: CommitDiff path never executes.

CommitTask::new always stores None in fetched_account, and there’s no other setter. As a result create_commit_ix always falls back to create_commit_state_ix, so the new CommitDiff flow is dead code and the feature flag can never trip in production. Please thread in the fetched base-chain account (or fetch it here using the configured RPC client) so large accounts actually take the diff path, and drop the temporary println! once that logic is in place.

A minimal option is to accept an Option<Account> (or a ready-to-use client) when constructing CommitTask and pass in Some(account) when the caller has fetched it; otherwise we should re-enable the RPC fetch behind the size threshold so fetched_account becomes Some(...). Until then CommitDiff can’t function.

📜 Review details

Configuration used: CodeRabbit UI

Review profile: ASSERTIVE

Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between 4a5d8e2 and 0ac18ab.

📒 Files selected for processing (2)

magicblock-committor-service/src/tasks/mod.rs (10 hunks)
test-integration/test-committor-service/tests/test_delivery_preparator.rs (4 hunks)

🧰 Additional context used

🧠 Learnings (1)

📚 Learning: 2025-10-21T14:00:54.642Z

Learnt from: bmuddha
Repo: magicblock-labs/magicblock-validator PR: 578
File: magicblock-aperture/src/requests/websocket/account_subscribe.rs:18-27
Timestamp: 2025-10-21T14:00:54.642Z
Learning: In magicblock-aperture account_subscribe handler (src/requests/websocket/account_subscribe.rs), the RpcAccountInfoConfig fields data_slice, commitment, and min_context_slot are currently ignored—only encoding is applied. This is tracked as technical debt in issue #579: https://github.com/magicblock-labs/magicblock-validator/issues/579

Applied to files:

magicblock-committor-service/src/tasks/mod.rs

🧬 Code graph analysis (2)

test-integration/test-committor-service/tests/test_delivery_preparator.rs (3)

test-integration/test-committor-service/tests/common.rs (1)

new (52-55)

magicblock-committor-service/src/transaction_preparator/delivery_preparator.rs (1)

new (49-59)

magicblock-committor-service/src/transaction_preparator/mod.rs (1)

new (54-69)

magicblock-committor-service/src/tasks/mod.rs (2)

magicblock-committor-service/src/tasks/args_task.rs (1)

instruction (45-85)

magicblock-committor-service/src/tasks/buffer_task.rs (1)

instruction (65-86)

🪛 GitHub Actions: Run CI - Lint

magicblock-committor-service/src/tasks/mod.rs

[error] 22-22: unused import: solana_rpc_client::rpc_client::RpcClient

[error] 24-24: unused import: commitment_config::CommitmentConfig

[error] 29-29: unused imports: ComputeBudgetConfig and config::ChainConfig

⏰ Context from checks skipped due to timeout of 90000ms. You can increase the timeout in your CodeRabbit configuration to a maximum of 15 minutes (900000ms). (2)

GitHub Check: run_make_ci_test
GitHub Check: Build Project

magicblock-committor-service/src/tasks/mod.rs

coderabbitai

Actionable comments posted: 4

📜 Review details

Configuration used: CodeRabbit UI

Review profile: ASSERTIVE

Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between 0ac18ab and a30f507.

📒 Files selected for processing (2)

magicblock-committor-service/src/tasks/mod.rs (10 hunks)
test-integration/test-committor-service/tests/test_delivery_preparator.rs (4 hunks)

🧰 Additional context used

🧠 Learnings (2)

📚 Learning: 2025-10-14T09:56:14.047Z

Learnt from: taco-paco
Repo: magicblock-labs/magicblock-validator PR: 564
File: test-integration/programs/flexi-counter/src/processor/call_handler.rs:122-125
Timestamp: 2025-10-14T09:56:14.047Z
Learning: The file test-integration/programs/flexi-counter/src/processor/call_handler.rs contains a test smart contract used for integration testing, not production code.

Applied to files:

test-integration/test-committor-service/tests/test_delivery_preparator.rs

📚 Learning: 2025-10-21T14:00:54.642Z

Learnt from: bmuddha
Repo: magicblock-labs/magicblock-validator PR: 578
File: magicblock-aperture/src/requests/websocket/account_subscribe.rs:18-27
Timestamp: 2025-10-21T14:00:54.642Z
Learning: In magicblock-aperture account_subscribe handler (src/requests/websocket/account_subscribe.rs), the RpcAccountInfoConfig fields data_slice, commitment, and min_context_slot are currently ignored—only encoding is applied. This is tracked as technical debt in issue #579: https://github.com/magicblock-labs/magicblock-validator/issues/579

Applied to files:

magicblock-committor-service/src/tasks/mod.rs

🧬 Code graph analysis (1)

test-integration/test-committor-service/tests/test_delivery_preparator.rs (3)

test-integration/test-committor-service/tests/common.rs (1)

new (52-55)

magicblock-committor-service/src/transaction_preparator/delivery_preparator.rs (1)

new (49-59)

magicblock-committor-service/src/transaction_preparator/mod.rs (1)

new (54-69)

⏰ Context from checks skipped due to timeout of 90000ms. You can increase the timeout in your CodeRabbit configuration to a maximum of 15 minutes (900000ms). (3)

GitHub Check: Build Project
GitHub Check: run_make_ci_lint
GitHub Check: run_make_ci_test

🔇 Additional comments (1)

test-integration/test-committor-service/tests/test_delivery_preparator.rs (1)

19-19: Clarify the multi-threading test strategy.

The test suite shows inconsistent use of the multi-thread tokio runtime:

Lines 19, 213, 295: Multi-thread flavor with 2 workers

Lines 83, 162: Single-thread (default)

Since these appear to be sequential integration tests rather than concurrency tests, please clarify:

Is multi-threading intended to test thread-safety of the code under test?

Should the threading model be consistent across all tests?

Are there specific tests that require multi-threading while others don't?

If multi-threading is not necessary for these tests, consider using the default single-threaded runtime for simplicity and determinism.

Also applies to: 83-83, 213-213, 295-295

magicblock-committor-service/src/tasks/mod.rs

test-integration/test-committor-service/tests/test_delivery_preparator.rs

coderabbitai

Actionable comments posted: 2

♻️ Duplicate comments (17)

test-integration/programs/schedulecommit/src/utils/mod.rs (1)

53-53: Field type change aligns with system instruction signature.

Changing size from usize to u64 correctly matches the signature of system_instruction::allocate. The unchecked as usize cast at line 71 is acceptable for Solana's 64-bit runtime environment, though a checked conversion would be more defensive (as noted in prior review).

Also applies to: 71-71, 90-90
magicblock-committor-service/src/tasks/args_task.rs (1)
151-156: reset_commit_id still doesn't handle CommitDiff variant.

As flagged in previous reviews, reset_commit_id only updates the Commit variant and silently returns for CommitDiff. When a CommitDiff task is recycled, it will retain the old commit_id, causing desync.

Apply the fix from the previous review:
-        let ArgsTaskType::Commit(commit_task) = &mut self.task_type else {
-            return;
-        };
-
-        commit_task.commit_id = commit_id;
+        match &mut self.task_type {
+            ArgsTaskType::Commit(task) => {
+                task.commit_id = commit_id;
+            }
+            _ => {
+                // No commit_id to reset for non-commit tasks
+            }
+        }
Note: If CommitDiff is a separate variant that also needs updating, include it in the match arms.
test-integration/schedulecommit/test-scenarios/tests/utils/mod.rs (2)
16-35: user_seed parameter is good; remove debug prints.

Adding the user_seed parameter enables deterministic test contexts, which is valuable for reproducibility.

However, as flagged in the previous review, the debug println! statements (lines 26, 29, 32) clutter test output. Consider removing them or making them conditional:
-    println!("get_context_with_delegated_committees inside");
-
     let txhash = ctx.init_committees().unwrap();
-    println!("txhash (init_committees): {}", txhash);
-
     let txhash = ctx.delegate_committees().unwrap();
-    println!("txhash (delegate_committees): {}", txhash);
41-47: Remove unnecessary trait bounds.

As noted in the previous review, the trait bounds borsh::BorshDeserialize + PartialEq + Eq are not used by this function. The function body only checks the structure of ScheduledCommitResult (lines 48-65) without deserializing or comparing values of type T.

Apply this diff:
 pub fn assert_one_committee_was_committed<T>(
     ctx: &ScheduleCommitTestContext,
     res: &ScheduledCommitResult<T>,
     is_single_stage: bool,
-) 
-where
-    T: std::fmt::Debug + borsh::BorshDeserialize + PartialEq + Eq,
-{
+) {
Even std::fmt::Debug appears unnecessary since the function doesn't format T values in assertions.
test-integration/schedulecommit/client/src/verify.rs (1)
16-23: Code duplication persists—consider generic implementation.

As noted in the previous review, this function duplicates the logic of fetch_and_verify_commit_result_from_logs but with a different type parameter. A generic implementation would reduce duplication:
pub fn fetch_and_verify_commit_result_from_logs<T>(
    ctx: &ScheduleCommitTestContext,
    sig: Signature,
) -> ScheduledCommitResult<T>
where
    T: borsh::BorshDeserialize,
{
    let res = ctx.fetch_schedule_commit_result(sig).unwrap();
    res.confirm_commit_transactions_on_chain(ctx).unwrap();
    res
}
Then call with turbofish: fetch_and_verify_commit_result_from_logs::<OrderBookOwned>(&ctx, sig).

However, since this is test code, the current duplication is acceptable if refactoring is deferred.
test-integration/test-committor-service/tests/test_delivery_preparator.rs (3)
18-19: Remove commented-out code.

As flagged in the previous review, the commented-out #[tokio::test] annotation should be removed to maintain code cleanliness.

Apply this diff:
-//#[tokio::test]
 #[tokio::test(flavor = "multi_thread", worker_threads = 2)]
21-23: Remove debug print statements.

As noted in the previous review, these println! statements clutter test output. Consider removing them or making them conditional:
-    println!("TestFixture::new()");
     let fixture = TestFixture::new().await;
-    println!("TestFixture::new() done");
82-82: Remove commented-out multi-thread annotation.

As flagged in the previous review, the commented-out attribute should be removed. If there's a specific reason why test_prepare_multiple_buffers should remain single-threaded while similar tests use multi-threading, document it.
-//#[tokio::test(flavor = "multi_thread", worker_threads = 2)]
 #[tokio::test]
magicblock-committor-service/src/tasks/task_strategist.rs (2)
98-98: Remove debug println statements from production code.

As flagged in the previous review, these raw println! statements bypass the service's logging pipeline and will clutter production output. Remove this line and the matching one at line 170.
-            println!("snawaz: inside build_strategy");
             Err(TaskStrategistError::FailedToFitError)
Alternatively, convert to log::debug! if the diagnostic information is valuable during debugging.

169-171: Remove debug println from error path.

Same issue as line 98—this raw println! bypasses logging. Remove or convert to log::debug!:
-                Err(TaskStrategistError::FailedToFitError) => {
-                    println!("snawaz: inside optimize_strategy");
-                    Ok(usize::MAX)
-                }
+                Err(TaskStrategistError::FailedToFitError) => Ok(usize::MAX),
test-integration/schedulecommit/test-scenarios/tests/02_commit_and_undelegate.rs (1)
160-160: Replace println! with debug! for consistency.

This line still uses println! while the codebase uses log macros elsewhere. Though marked as addressed in past reviews, the println! remains.

Apply this diff:
-    println!("txhash (scheduled_commit): {:?}", tx_res);
+    debug!("txhash (scheduled_commit): {:?}", tx_res);
test-integration/programs/schedulecommit/src/lib.rs (1)
332-332: CRITICAL: Unchecked addition can overflow and corrupt account size.

Line 332 computes order_book.data_len() + additional_space as usize without overflow protection. On BPF release builds, this can wrap when the sum exceeds usize::MAX, potentially shrinking the buffer instead of growing it, leading to data corruption or truncation.

Apply this diff to prevent overflow:
-    let new_size = order_book.data_len() + additional_space as usize;
+    let additional = additional_space as usize;
+    let new_size = order_book
+        .data_len()
+        .checked_add(additional)
+        .ok_or(ProgramError::InvalidArgument)?;
test-integration/programs/schedulecommit/src/order_book.rs (4)
105-125: CRITICAL: Unaligned typed reference to OrderBookHeader causes undefined behavior.

Lines 119-120 create a typed &mut OrderBookHeader reference by casting the raw pointer:
&mut *(header_bytes.as_ptr() as *mut OrderBookHeader)
Even though the code checks alignment at lines 108-116, Solana account data does not guarantee alignment beyond byte alignment. If the account data is not aligned to align_of::<OrderBookHeader>() (4 bytes for u32), this dereference is immediate undefined behavior.

Fix: Avoid typed references. Read/write the header as raw bytes:
pub struct OrderBook<'a> {
    header_bytes: &'a mut [u8; 8], // HEADER_SIZE
    capacity: usize,
    levels: *mut u8, // Store as bytes, not OrderLevel
}

impl<'a> OrderBook<'a> {
    pub fn new(data: &'a mut [u8]) -> Self {
        let (header_bytes, levels_bytes) = data.split_at_mut(HEADER_SIZE);
        Self {
            header_bytes: header_bytes.try_into().unwrap(),
            capacity: levels_bytes.len() / ORDER_LEVEL_SIZE,
            levels: levels_bytes.as_mut_ptr(),
        }
    }
    
    pub fn bids_len(&self) -> usize {
        u32::from_le_bytes(self.header_bytes[0..4].try_into().unwrap()) as usize
    }
    
    fn set_bids_len(&mut self, len: u32) {
        self.header_bytes[0..4].copy_from_slice(&len.to_le_bytes());
    }
    
    // Similar for asks_len...
}
171-184: CRITICAL: Typed slices over potentially unaligned memory cause undefined behavior.

Lines 172 and 179-182 create typed &[OrderLevel] slices from raw pointers using slice::from_raw_parts. Since OrderLevel contains u64 fields requiring 8-byte alignment, and account data alignment is not guaranteed, these operations invoke undefined behavior on every read.

Fix: Store and access levels as raw bytes, not typed slices:
pub fn bids(&self) -> Vec<OrderLevel> {
    let count = self.bids_len();
    let mut result = Vec::with_capacity(count);
    for i in 0..count {
        let offset = i * ORDER_LEVEL_SIZE;
        let bytes = unsafe {
            std::slice::from_raw_parts(self.levels.add(offset), ORDER_LEVEL_SIZE)
        };
        let price = u64::from_le_bytes(bytes[0..8].try_into().unwrap());
        let size = u64::from_le_bytes(bytes[8..16].try_into().unwrap());
        result.push(OrderLevel { price, size });
    }
    result
}
This avoids creating typed references to potentially unaligned data.

127-130: Silent failure on capacity exhaustion can cause data loss.

update_from ignores the Option returned by add_bids and add_asks (lines 128-129). If capacity is exhausted, updates are silently dropped, leading to partial application (e.g., bids applied but asks lost) and state inconsistencies that are difficult to debug.

Fix: Propagate or panic on capacity exhaustion:
-    pub fn update_from(&mut self, updates: BookUpdate) {
-        self.add_bids(&updates.bids);
-        self.add_asks(&updates.asks);
+    pub fn update_from(&mut self, updates: BookUpdate) -> Result<(), &'static str> {
+        self.add_bids(&updates.bids).ok_or("insufficient capacity for bids")?;
+        self.add_asks(&updates.asks).ok_or("insufficient capacity for asks")?;
+        Ok(())
     }
Update callers in lib.rs to handle the Result.

211-215: Integer overflow risk in capacity calculation.

Line 213 performs self.header.bids_len + self.header.asks_len as u32 arithmetic, which can overflow before the cast to usize. If the sum wraps (e.g., both lengths are large), checked_sub may incorrectly succeed, returning invalid remaining capacity.

Fix: Perform checked addition on usize to prevent overflow:
 fn remaining_capacity(&self) -> usize {
-    self.capacity
-        .checked_sub((self.header.bids_len + self.header.asks_len) as usize)
-        .expect("remaining_capacity must exist")
+    let total_used = (self.header.bids_len as usize)
+        .checked_add(self.header.asks_len as usize)
+        .expect("bids_len + asks_len overflows usize");
+    self.capacity
+        .checked_sub(total_used)
+        .expect("remaining_capacity must exist")
 }
Better yet, return Option<usize> instead of panicking on corrupted headers.
magicblock-committor-service/src/tasks/mod.rs (1)

118-156: CRITICAL: CommitDiff feature is completely disabled—PR objective not met.

The constructor always sets fetched_account = None (lines 143, 145) because the RPC fetch logic is commented out (lines 126-142). This means:

is_commit_diff() will always return false (line 164 checks fetched_account.is_some())

create_commit_ix() will never call create_commit_diff_ix() (line 168)

CommitDiff will never execute in any environment

The PR's stated objective—"efficiently commit small changes in large delegated accounts"—is not achieved

The size threshold check (lines 123-124) serves no purpose

This is a blocking issue. The PR cannot be merged until either:

Option A: Uncomment and properly inject an RPC client (accept it as a constructor parameter or obtain from config), handle errors gracefully, and enable the diff path, or

Option B: Remove all CommitDiff code paths, revert to CommitState only, and update the PR description to reflect that CommitDiff support is deferred to a future PR

Do you want me to generate a fix that properly injects and uses an RPC client to enable CommitDiff?

📜 Review details

Configuration used: CodeRabbit UI

Review profile: ASSERTIVE

Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between a30f507 and 33fe0bc.

⛔ Files ignored due to path filters (2)

Cargo.lock is excluded by !**/*.lock
test-integration/Cargo.lock is excluded by !**/*.lock

📒 Files selected for processing (25)

Cargo.toml (1 hunks)
magicblock-committor-service/src/tasks/args_task.rs (3 hunks)
magicblock-committor-service/src/tasks/mod.rs (10 hunks)
magicblock-committor-service/src/tasks/task_builder.rs (1 hunks)
magicblock-committor-service/src/tasks/task_strategist.rs (4 hunks)
programs/magicblock/src/magic_scheduled_base_intent.rs (1 hunks)
test-integration/Cargo.toml (4 hunks)
test-integration/programs/schedulecommit/Cargo.toml (1 hunks)
test-integration/programs/schedulecommit/src/api.rs (5 hunks)
test-integration/programs/schedulecommit/src/lib.rs (8 hunks)
test-integration/programs/schedulecommit/src/order_book.rs (1 hunks)
test-integration/programs/schedulecommit/src/utils/mod.rs (3 hunks)
test-integration/schedulecommit/client/src/schedule_commit_context.rs (6 hunks)
test-integration/schedulecommit/client/src/verify.rs (2 hunks)
test-integration/schedulecommit/test-scenarios/Cargo.toml (1 hunks)
test-integration/schedulecommit/test-scenarios/tests/01_commits.rs (2 hunks)
test-integration/schedulecommit/test-scenarios/tests/02_commit_and_undelegate.rs (4 hunks)
test-integration/schedulecommit/test-scenarios/tests/utils/mod.rs (1 hunks)
test-integration/schedulecommit/test-security/tests/01_invocations.rs (1 hunks)
test-integration/test-committor-service/tests/common.rs (2 hunks)
test-integration/test-committor-service/tests/test_delivery_preparator.rs (4 hunks)
test-integration/test-committor-service/tests/test_transaction_preparator.rs (3 hunks)
test-integration/test-ledger-restore/tests/08_commit_update.rs (2 hunks)
test-integration/test-tools/src/integration_test_context.rs (2 hunks)
test-integration/test-tools/src/scheduled_commits.rs (3 hunks)

🧰 Additional context used

🧠 Learnings (3)

📚 Learning: 2025-10-14T09:56:14.047Z

Learnt from: taco-paco
Repo: magicblock-labs/magicblock-validator PR: 564
File: test-integration/programs/flexi-counter/src/processor/call_handler.rs:122-125
Timestamp: 2025-10-14T09:56:14.047Z
Learning: The file test-integration/programs/flexi-counter/src/processor/call_handler.rs contains a test smart contract used for integration testing, not production code.

Applied to files:

test-integration/test-committor-service/tests/test_delivery_preparator.rs
test-integration/programs/schedulecommit/src/utils/mod.rs
test-integration/test-tools/src/integration_test_context.rs
test-integration/test-tools/src/scheduled_commits.rs
magicblock-committor-service/src/tasks/args_task.rs
test-integration/test-ledger-restore/tests/08_commit_update.rs

📚 Learning: 2025-10-21T14:00:54.642Z

Learnt from: bmuddha
Repo: magicblock-labs/magicblock-validator PR: 578
File: magicblock-aperture/src/requests/websocket/account_subscribe.rs:18-27
Timestamp: 2025-10-21T14:00:54.642Z
Learning: In magicblock-aperture account_subscribe handler (src/requests/websocket/account_subscribe.rs), the RpcAccountInfoConfig fields data_slice, commitment, and min_context_slot are currently ignored—only encoding is applied. This is tracked as technical debt in issue #579: https://github.com/magicblock-labs/magicblock-validator/issues/579

Applied to files:

programs/magicblock/src/magic_scheduled_base_intent.rs
test-integration/programs/schedulecommit/src/utils/mod.rs
magicblock-committor-service/src/tasks/args_task.rs
test-integration/programs/schedulecommit/src/api.rs
test-integration/programs/schedulecommit/src/order_book.rs
magicblock-committor-service/src/tasks/mod.rs
test-integration/schedulecommit/client/src/schedule_commit_context.rs
test-integration/programs/schedulecommit/src/lib.rs

📚 Learning: 2025-10-26T16:54:39.084Z

Learnt from: thlorenz
Repo: magicblock-labs/magicblock-validator PR: 587
File: test-manual/Cargo.toml:0-0
Timestamp: 2025-10-26T16:54:39.084Z
Learning: In the magicblock-validator repository, use git branch references (not commit hashes or tags) for the helius-laserstream dependency to allow automatic updates when the branch is pushed to.

Applied to files:

test-integration/Cargo.toml
Cargo.toml

🧬 Code graph analysis (14)

test-integration/schedulecommit/test-scenarios/tests/01_commits.rs (1)

test-integration/schedulecommit/test-scenarios/tests/utils/mod.rs (1)

get_context_with_delegated_committees (16-35)

test-integration/test-committor-service/tests/test_delivery_preparator.rs (3)

test-integration/test-committor-service/tests/common.rs (1)

new (52-55)

magicblock-committor-service/src/transaction_preparator/delivery_preparator.rs (1)

new (49-59)

magicblock-committor-service/src/transaction_preparator/mod.rs (1)

new (54-69)

magicblock-committor-service/src/tasks/task_builder.rs (2)

magicblock-committor-service/src/tasks/mod.rs (1)

new (118-156)

magicblock-committor-service/src/tasks/args_task.rs (1)

new (36-41)

test-integration/schedulecommit/client/src/verify.rs (2)

test-integration/schedulecommit/test-security/tests/01_invocations.rs (1)

ctx (148-149)

test-integration/test-ledger-restore/tests/08_commit_update.rs (1)

ctx (90-91)

test-integration/schedulecommit/test-scenarios/tests/02_commit_and_undelegate.rs (4)

test-integration/programs/schedulecommit/src/api.rs (2)

schedule_commit_diff_instruction_for_order_book (193-212)

update_order_book_instruction (175-191)

test-integration/schedulecommit/test-scenarios/tests/utils/mod.rs (3)

get_context_with_delegated_committees (16-35)

assert_one_committee_was_committed (41-65)

assert_one_committee_account_was_undelegated_on_chain (190-196)

test-integration/programs/schedulecommit/src/order_book.rs (1)

bids (171-173)

test-integration/schedulecommit/client/src/verify.rs (1)

fetch_and_verify_order_book_commit_result_from_logs (16-23)

test-integration/schedulecommit/test-security/tests/01_invocations.rs (1)

test-integration/schedulecommit/client/src/schedule_commit_context.rs (2)

try_new (72-74)

try_new_random_keys (66-71)

test-integration/test-committor-service/tests/common.rs (1)

magicblock-committor-service/src/tasks/mod.rs (1)

new (118-156)

test-integration/schedulecommit/test-scenarios/tests/utils/mod.rs (3)

test-integration/schedulecommit/test-security/tests/01_invocations.rs (1)

ctx (148-149)

test-integration/test-ledger-restore/tests/08_commit_update.rs (1)

ctx (90-91)

test-integration/schedulecommit/client/src/schedule_commit_context.rs (3)

try_new (72-74)

ncommittees (102-121)

try_new_random_keys (66-71)

test-integration/test-committor-service/tests/test_transaction_preparator.rs (3)

magicblock-committor-service/src/tasks/mod.rs (1)

new (118-156)

magicblock-committor-service/src/tasks/args_task.rs (1)

new (36-41)

magicblock-committor-service/src/tasks/buffer_task.rs (2)

new (37-45)

new_preparation_required (30-35)

test-integration/programs/schedulecommit/src/api.rs (2)

test-integration/programs/schedulecommit/src/order_book.rs (1)

new (105-125)

test-integration/programs/flexi-counter/src/state.rs (1)

pda (32-35)

test-integration/schedulecommit/client/src/schedule_commit_context.rs (1)

test-integration/programs/schedulecommit/src/api.rs (3)

init_order_book_instruction (36-54)

init_payer_escrow (77-98)

init_account_instruction (16-34)

test-integration/programs/schedulecommit/src/lib.rs (2)

test-integration/programs/schedulecommit/src/utils/mod.rs (3)

assert_is_signer (30-44)

assert_keys_equal (16-28)

allocate_account_and_assign_owner (58-106)

test-integration/programs/schedulecommit/src/order_book.rs (1)

new (105-125)

magicblock-committor-service/src/tasks/task_strategist.rs (4)

magicblock-committor-service/src/tasks/utils.rs (1)

assemble_tasks_tx (62-79)

magicblock-committor-service/src/tasks/mod.rs (1)

new (118-156)

magicblock-committor-service/src/tasks/args_task.rs (1)

new (36-41)

magicblock-committor-service/src/transactions.rs (1)

serialize_and_encode_base64 (69-75)

test-integration/test-ledger-restore/tests/08_commit_update.rs (1)

test-integration/test-ledger-restore/src/lib.rs (1)

setup_validator_with_local_remote (97-119)

⏰ Context from checks skipped due to timeout of 90000ms. You can increase the timeout in your CodeRabbit configuration to a maximum of 15 minutes (900000ms). (3)

GitHub Check: run_make_ci_test
GitHub Check: run_make_ci_lint
GitHub Check: Build Project

🔇 Additional comments (28)

test-integration/test-tools/src/integration_test_context.rs (1)

157-159: LGTM! Format placeholder issue fixed.

The error message now correctly formats the label into the panic message using unwrap_or_else with a closure, resolving the previous issue where the placeholder [{}] would be printed literally.

test-integration/test-tools/src/scheduled_commits.rs (1)

182-236: LGTM! Clear two-stage log capture implementation.

The refactor to explicitly separate first-level and second-level ephemeral log fetches improves code clarity. The variable naming (ephem_logs_l1 and ephem_logs_l2) makes the staged nature of the log capture immediately apparent, and the error context at line 206 helpfully includes the first-level logs for debugging.

The logic flow is correct:

Fetch L1 logs from the initial signature and extract scheduled_commmit_sent_sig

Use that extracted signature to fetch L2 logs

Extract commit information from the L2 logs

Process included accounts and dump chain logs per signature

The dereference at line 234 (*sig) correctly handles the Copy trait on Signature.

test-integration/schedulecommit/test-scenarios/Cargo.toml (1)

19-20: LGTM!

Adding rand and borsh as dev-dependencies is appropriate for the expanded test scenarios involving OrderBook serialization and randomized test data generation.

test-integration/test-ledger-restore/tests/08_commit_update.rs (2)

55-61: LGTM!

Capturing _tmpdir extends the temporary directory's lifetime to match the test scope, preventing premature cleanup. This is a standard Rust RAII pattern.

170-176: LGTM!

Consistent with the pattern established in the write function, properly managing temporary directory lifetime.

programs/magicblock/src/magic_scheduled_base_intent.rs (1)

286-301: LGTM! Type definitions are well-formed.

The CommittedAccount struct and its From implementation correctly convert borrowed account data into an owned representation. The conversion properly handles the RefCell borrow and AccountSharedData → Account transformation.

Note: A previous review flagged that CommitType::StandaloneDiff is never constructed in try_from_args (lines 374-431). Since this file's diff doesn't show changes to try_from_args, verify separately that the construction logic has been updated to recognize CommitTypeArgs::StandaloneDiff and build the corresponding variant.

test-integration/programs/schedulecommit/src/utils/mod.rs (1)

75-79: LGTM! Helpful diagnostic logging.

The added logging provides useful visibility into lamport requirements and payer balance during account allocation.

Cargo.toml (1)

111-114: LGTM! Dependency update aligns with CommitDiff feature.

The delegation-program revision update to e8d03936 brings in the necessary support for the new CommitDiff functionality. The git-based dependency avoids the CI path issues noted in previous reviews.

test-integration/schedulecommit/test-scenarios/tests/01_commits.rs (2)

30-31: LGTM! Seed parameter enables deterministic testing.

Adding the user_seed parameter makes test setup reproducible, which is beneficial for debugging and test stability.

84-85: LGTM! Consistent seed usage across tests.

Using the same seed across test cases ensures consistent test behavior.

test-integration/schedulecommit/test-security/tests/01_invocations.rs (1)

29-36: LGTM! Seed parameter adds determinism to security tests.

The user_seed parameter makes these security test scenarios reproducible, which is especially valuable for regression testing and debugging security-related issues.

test-integration/test-committor-service/tests/common.rs (1)

152-165: LGTM! Constructor usage improves encapsulation.

Using CommitTask::new() instead of direct struct initialization is good practice. It centralizes construction logic and allows the constructor to handle internal branching (e.g., size-based threshold checks for CommitDiff vs CommitState).

test-integration/programs/schedulecommit/Cargo.toml (1)

11-12: LGTM! Dependencies added correctly for CommitDiff support.

The additions of rkyv and static_assertions are appropriate for zero-copy serialization and compile-time checks needed by the CommitDiff functionality.

magicblock-committor-service/src/tasks/args_task.rs (3)

1-1: LGTM! Import cleanup after refactoring.

Removing CommitStateArgs is correct since commit instruction creation is now delegated to CommitTask::create_commit_ix.

47-47: LGTM! Proper delegation to CommitTask.

Delegating instruction creation to value.create_commit_ix(validator) correctly enables the task to choose between CommitState and CommitDiff based on the commit type.

91-94: LGTM! Correct optimization guard for CommitDiff.

Returning Err(self) for CommitDiff is the right approach. As noted in past reviews, CommitDiff is already optimized by design (sends only the diff, not full state), so converting it to BufferTask would be counterproductive.

magicblock-committor-service/src/tasks/task_builder.rs (1)

92-96: LGTM! Clean refactoring to constructor-based API.

Replacing struct literal initialization with CommitTask::new(commit_id, allow_undelegation, account.clone()) is a good practice that encapsulates initialization logic and enables the task to determine the appropriate commit path internally.

magicblock-committor-service/src/tasks/task_strategist.rs (2)

161-161: TODO flags potential performance issue.

The TODO comment notes that heavy computations are being discarded. This is worth investigating for optimization—consider caching the transaction assembly result or restructuring to avoid repeated expensive calculations.

271-284: LGTM! Test helper correctly updated.

The test helper now uses CommitTask::new(...) instead of struct literals, aligning with the new constructor-based API.

test-integration/Cargo.toml (2)

60-62: LGTM! Delegation program dependency updated.

The revision update for magicblock-delegation-program to e8d03936 aligns with the CommitDiff feature implementation across the codebase.

74-74: LGTM! Dependencies added for CommitDiff support.

The additions of rkyv (0.7.45) for zero-copy serialization and static_assertions (1.1.0) for compile-time checks correctly support the CommitDiff feature.

Also applies to: 93-93

test-integration/schedulecommit/test-scenarios/tests/02_commit_and_undelegate.rs (1)

244-312: LGTM! Well-structured test with reproducible randomness.

The test correctly uses seeded randomness (OsRng + StdRng) for reproducibility and logs the seed in failure messages. The random order book generation and verification flow are sound.

test-integration/test-committor-service/tests/test_transaction_preparator.rs (1)

38-42: LGTM! Constructor migration applied consistently.

The updates correctly replace direct struct initialization with CommitTask::new(commit_id, allow_undelegation, committed_account) across all test scenarios. The API usage is consistent and correct.

Also applies to: 92-105, 186-189

test-integration/schedulecommit/client/src/schedule_commit_context.rs (1)

66-158: LGTM! User seed integration is sound.

The user_seed parameter is correctly threaded through constructors and stored in the context. PDA derivation at lines 115-118 uses [user_seed, payer_ephem.pubkey()], which will match on-chain derivation as long as callers pass the correct seed (b"magic_schedule_commit" or b"order_book"). The validation at lines 208-210 properly rejects unsupported seeds with a clear error message.
test-integration/programs/schedulecommit/src/api.rs (2)
36-54: LGTM! New order book instruction builders are well-structured.

The new instruction constructors (init_order_book_instruction, grow_order_book_instruction, update_order_book_instruction, schedule_commit_diff_instruction_for_order_book) correctly set up account metas and instruction data. The PDA derivation and account ordering align with the corresponding handlers in lib.rs.

Also applies to: 56-75, 175-212

100-142: Verify caller responsibility for seed correctness.

The function derives the PDA using the provided user_seed (lines 106-109) and then branches instruction construction based on that seed (lines 126-139). This design assumes callers will pass the correct seed that matches the on-chain program's expectations.

Ensure that:

Callers always pass b"magic_schedule_commit" for MainAccount PDAs

Callers always pass b"order_book" for OrderBook PDAs

Passing an incorrect seed will result in a PDA mismatch and instruction failure

Consider adding a doc comment warning callers about this responsibility:
/// # Important
/// `user_seed` must match the on-chain PDA derivation:
/// - Use `b"magic_schedule_commit"` for MainAccount delegation
/// - Use `b"order_book"` for OrderBook delegation
/// Incorrect seeds will cause instruction execution to fail with PDA mismatch errors.
pub fn delegate_account_cpi_instruction(
    payer: Pubkey,
    player_or_book_manager: Pubkey,
    user_seed: &[u8],
) -> Instruction {
test-integration/programs/schedulecommit/src/lib.rs (2)
276-307: Verify that account header is properly initialized.

The allocate_account_and_assign_owner call (lines 298-304) allocates space but doesn't explicitly zero-initialize the header. Past review comments flagged this as critical, marked as addressed. Please confirm that either:

The allocation guarantees zero-initialized memory, or

A subsequent commit explicitly initializes bids_len and asks_len to zero

Without initialization, subsequent reads of the header in OrderBook::new() may encounter garbage values.

If initialization is missing, add it immediately after allocation:
allocate_account_and_assign_owner(AllocateAndAssignAccountArgs {
    // ... existing args
})?;

// Initialize header to zero
let mut data = order_book.try_borrow_mut_data()?;
if data.len() < std::mem::size_of::<OrderBookHeader>() {
    return Err(ProgramError::AccountDataTooSmall);
}
// Zero the header
data[..std::mem::size_of::<OrderBookHeader>()].fill(0);
356-389: LGTM! Order book delegation and commit handlers are correct.

The process_delegate_order_book (lines 356-389) and process_schedulecommit_for_orderbook (lines 415-435) handlers properly validate signers, construct delegate accounts, and invoke the appropriate CPI functions. The seeds match the PDA derivation in the init handler.

Also applies to: 415-435

magicblock-committor-service/src/tasks/mod.rs

coderabbitai

Actionable comments posted: 3

♻️ Duplicate comments (3)

test-integration/test-committor-service/tests/test_delivery_preparator.rs (1)
22-24: Remove temporary debug print statements.

These println! statements appear to be temporary debugging output and were previously flagged for removal. Consider removing them or replacing with proper test logging if diagnostics are needed.

Apply this diff to remove the debug statements:
-    println!("TestFixture::new()");
     let fixture = TestFixture::new().await;
-    println!("TestFixture::new() done");
magicblock-committor-service/src/tasks/mod.rs (2)
116-116: Document the rationale for COMMIT_STATE_SIZE_THRESHOLD.

The 200-byte threshold determines when to use CommitDiff (RPC-based) vs CommitState (direct), but there's no explanation of:

Why 200 bytes was chosen

The trade-offs (RPC overhead vs instruction data size)

Whether this should be configurable

Add a doc comment:
 impl CommitTask {
+    /// Accounts larger than 200 bytes use CommitDiff to reduce instruction size.
+    /// Below 200 bytes, the RPC overhead of fetching base-chain state exceeds
+    /// the benefit of sending a diff instead of full state.
+    /// TODO: Consider making this configurable via config/env.
     const COMMIT_STATE_SIZE_THRESHOLD: usize = 200;
Based on past review comments.

118-156: CRITICAL: Blocking RPC call with hard-coded localhost in constructor.

This constructor has multiple critical issues that prevent CommitDiff from working in production:

Blocking network I/O in constructor: Constructors should not make network calls. This blocks the thread and violates async/sync boundaries. The PR notes mention tests now require #[tokio::test(flavor = "multi_thread")] precisely because of this blocking call.

Hard-coded localhost endpoint: Lines 133-141 create an RPC client pointing to http://localhost:7799 via ChainConfig::local. In any non-local environment (dev, staging, prod), this fetch will always fail, causing CommitDiff to never execute and always fall back to CommitState. This defeats the entire purpose of the PR.

Silent error handling: Line 143 uses .ok() which swallows all RPC errors without logging. When the fetch fails in production, there's no visibility into why.

No caching: This expensive RPC call runs on every CommitTask::new(), even for the same account.

TOCTOU window: Fetching at construction time and using later widens the time-of-check-to-time-of-use gap.

The TODO at lines 126-127 acknowledges this is the "ugliest piece of code" but it's a blocker - the feature is non-functional outside localhost.

Required fixes:

Remove blocking call from constructor: Accept a pre-fetched Option<Account> parameter instead, or make this an async constructor, or use a builder pattern with async fetch.

Inject the configured RPC client: Accept ChainConfig or Arc<RpcClient> as a parameter so the real endpoint is used, not localhost.

Add error logging: Log when RPC fetch fails so there's visibility in production.

Consider caching layer: As the TODO mentions, implement caching to avoid repeated fetches.

Example approach (inject config):
 impl CommitTask {
     pub fn new(
         commit_id: u64,
         allow_undelegation: bool,
         committed_account: CommittedAccount,
+        chain_config: &ChainConfig,
     ) -> Self {
         let fetched_account = if committed_account.account.data.len()
             > CommitTask::COMMIT_STATE_SIZE_THRESHOLD
         {
-            use solana_rpc_client::rpc_client::RpcClient;
-            use solana_sdk::commitment_config::CommitmentConfig;
-
-            use crate::{config::ChainConfig, ComputeBudgetConfig};
-
-            let chain_config =
-                ChainConfig::local(ComputeBudgetConfig::new(1_000_000));
-
             let rpc_client = RpcClient::new_with_commitment(
                 chain_config.rpc_uri.to_string(),
                 CommitmentConfig {
                     commitment: chain_config.commitment,
                 },
             );
 
-            rpc_client.get_account(&committed_account.pubkey).ok()
+            match rpc_client.get_account(&committed_account.pubkey) {
+                Ok(account) => Some(account),
+                Err(e) => {
+                    log::warn!("Failed to fetch base account {} for commit_id {}: {}", 
+                               committed_account.pubkey, commit_id, e);
+                    None
+                }
+            }
         } else {
             None
         };
Or better yet, move the RPC fetch out of the constructor entirely and accept base_account: Option<Account> as a parameter.

📜 Review details

Configuration used: CodeRabbit UI

Review profile: ASSERTIVE

Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between db80cab and dcaafd1.

📒 Files selected for processing (2)

magicblock-committor-service/src/tasks/mod.rs (10 hunks)
test-integration/test-committor-service/tests/test_delivery_preparator.rs (4 hunks)

🧰 Additional context used

🧠 Learnings (2)

📚 Learning: 2025-10-14T09:56:14.047Z

Learnt from: taco-paco
Repo: magicblock-labs/magicblock-validator PR: 564
File: test-integration/programs/flexi-counter/src/processor/call_handler.rs:122-125
Timestamp: 2025-10-14T09:56:14.047Z
Learning: The file test-integration/programs/flexi-counter/src/processor/call_handler.rs contains a test smart contract used for integration testing, not production code.

Applied to files:

test-integration/test-committor-service/tests/test_delivery_preparator.rs

📚 Learning: 2025-10-21T14:00:54.642Z

Learnt from: bmuddha
Repo: magicblock-labs/magicblock-validator PR: 578
File: magicblock-aperture/src/requests/websocket/account_subscribe.rs:18-27
Timestamp: 2025-10-21T14:00:54.642Z
Learning: In magicblock-aperture account_subscribe handler (src/requests/websocket/account_subscribe.rs), the RpcAccountInfoConfig fields data_slice, commitment, and min_context_slot are currently ignored—only encoding is applied. This is tracked as technical debt in issue #579: https://github.com/magicblock-labs/magicblock-validator/issues/579

Applied to files:

magicblock-committor-service/src/tasks/mod.rs

🧬 Code graph analysis (2)

test-integration/test-committor-service/tests/test_delivery_preparator.rs (2)

magicblock-committor-service/src/tasks/mod.rs (1)

new (118-156)

test-integration/test-committor-service/tests/common.rs (1)

new (52-55)

magicblock-committor-service/src/tasks/mod.rs (3)

magicblock-committor-service/src/tasks/args_task.rs (1)

new (36-41)

magicblock-committor-service/src/tasks/buffer_task.rs (1)

new (37-45)

magicblock-committor-service/src/config.rs (1)

local (29-35)

⏰ Context from checks skipped due to timeout of 90000ms. You can increase the timeout in your CodeRabbit configuration to a maximum of 15 minutes (900000ms). (3)

GitHub Check: Build Project
GitHub Check: run_make_ci_lint
GitHub Check: run_make_ci_test

🔇 Additional comments (4)

test-integration/test-committor-service/tests/test_delivery_preparator.rs (4)

18-20: LGTM! Clear documentation of runtime requirement.

The TODO comment properly explains the necessity for multi-threaded test execution due to blocking RpcClient calls in CommitTask::new(). The change is well-justified and aligns with the PR objectives.

83-85: LGTM! Consistent with multi-threaded runtime requirement.

The TODO comment and multi-threaded test attribute are consistent with the blocking RpcClient issue documented in PR #575. The test creates large buffers (10KB, 500KB) that trigger the threshold requiring RPC prefetch.

164-164: Correctly remains single-threaded.

This test appropriately uses the standard #[tokio::test] attribute since it only creates small data (10, 20, 30 bytes), which is well below the COMMIT_STATE_SIZE_THRESHOLD and won't trigger blocking RpcClient calls in CommitTask::new().

215-217: LGTM! Consistent multi-threaded runtime configuration.

Both TODO comments and test attribute changes are appropriate and consistent with the pattern established throughout the file. The tests create large buffers (10KB+ and 12KB/64KB respectively) that exceed the threshold and require blocking RPC calls.

Also applies to: 299-301

magicblock-committor-service/src/tasks/mod.rs

coderabbitai

Actionable comments posted: 1

📜 Review details

Configuration used: CodeRabbit UI

Review profile: ASSERTIVE

Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between dcaafd1 and 10f1f92.

⛔ Files ignored due to path filters (1)

test-integration/schedulecommit/elfs/dlp.so is excluded by !**/*.so

📒 Files selected for processing (1)

test-integration/test-committor-service/tests/test_ix_commit_local.rs (1 hunks)

🧰 Additional context used

🧠 Learnings (1)

📚 Learning: 2025-10-14T09:56:14.047Z

Learnt from: taco-paco
Repo: magicblock-labs/magicblock-validator PR: 564
File: test-integration/programs/flexi-counter/src/processor/call_handler.rs:122-125
Timestamp: 2025-10-14T09:56:14.047Z
Learning: The file test-integration/programs/flexi-counter/src/processor/call_handler.rs contains a test smart contract used for integration testing, not production code.

Applied to files:

test-integration/test-committor-service/tests/test_ix_commit_local.rs

⏰ Context from checks skipped due to timeout of 90000ms. You can increase the timeout in your CodeRabbit configuration to a maximum of 15 minutes (900000ms). (3)

GitHub Check: Build Project
GitHub Check: run_make_ci_lint
GitHub Check: run_make_ci_test

🔇 Additional comments (1)

test-integration/test-committor-service/tests/test_ix_commit_local.rs (1)

216-218: AI summary incorrectly identifies the changed test.

The AI summary states the change applies to test_ix_commit_four_accounts_1kb_2kb_5kb_10kb_single_bundle, but the actual change is to test_commit_20_accounts_1kb_bundle_size_2 (line 219).

test-integration/test-committor-service/tests/test_ix_commit_local.rs

coderabbitai

Actionable comments posted: 1

♻️ Duplicate comments (1)

test-integration/test-committor-service/tests/test_ix_commit_local.rs (1)
216-218: Apply the multi-threaded annotation consistently to all commit_20_accounts_1kb tests.

This annotation was added to prevent runtime panics when CommitTask::new() executes blocking RpcClient calls. However, as identified in the previous review, the following tests execute the identical code path and require the same annotation:

Line 288: test_commit_20_accounts_1kb_bundle_size_3

Line 296: test_commit_20_accounts_1kb_bundle_size_4

Line 305: test_commit_20_accounts_1kb_bundle_size_6

Line 319: test_commit_20_accounts_1kb_bundle_size_20

Line 341: test_commit_20_accounts_1kb_bundle_size_8

The bundle_size parameter only affects bundle creation logic (line 414) and does not bypass the blocking CommitTask::new() call.

Apply this pattern to all affected tests:
+// TODO (snawaz): use #[tokio::test] once CommitTask::new() stops using blocking RpcClient
+// # see the PR #575 for more context.
+#[tokio::test(flavor = "multi_thread", worker_threads = 2)]
-#[tokio::test]
 async fn test_commit_20_accounts_1kb_bundle_size_X() {

📜 Review details

Configuration used: CodeRabbit UI

Review profile: ASSERTIVE

Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between 10f1f92 and 03efa01.

⛔ Files ignored due to path filters (1)

test-integration/schedulecommit/elfs/dlp.so is excluded by !**/*.so

📒 Files selected for processing (2)

test-integration/test-committor-service/tests/test_ix_commit_local.rs (2 hunks)
test-integration/test-committor-service/tests/utils/transactions.rs (1 hunks)

🧰 Additional context used

🧠 Learnings (2)

📚 Learning: 2025-10-14T09:56:14.047Z

Learnt from: taco-paco
Repo: magicblock-labs/magicblock-validator PR: 564
File: test-integration/programs/flexi-counter/src/processor/call_handler.rs:122-125
Timestamp: 2025-10-14T09:56:14.047Z
Learning: The file test-integration/programs/flexi-counter/src/processor/call_handler.rs contains a test smart contract used for integration testing, not production code.

Applied to files:

test-integration/test-committor-service/tests/test_ix_commit_local.rs

📚 Learning: 2025-10-21T14:00:54.642Z

Learnt from: bmuddha
Repo: magicblock-labs/magicblock-validator PR: 578
File: magicblock-aperture/src/requests/websocket/account_subscribe.rs:18-27
Timestamp: 2025-10-21T14:00:54.642Z
Learning: In magicblock-aperture account_subscribe handler (src/requests/websocket/account_subscribe.rs), the RpcAccountInfoConfig fields data_slice, commitment, and min_context_slot are currently ignored—only encoding is applied. This is tracked as technical debt in issue #579: https://github.com/magicblock-labs/magicblock-validator/issues/579

Applied to files:

test-integration/test-committor-service/tests/test_ix_commit_local.rs

⏰ Context from checks skipped due to timeout of 90000ms. You can increase the timeout in your CodeRabbit configuration to a maximum of 15 minutes (900000ms). (3)

GitHub Check: Build Project
GitHub Check: run_make_ci_lint
GitHub Check: run_make_ci_test

🔇 Additional comments (1)

test-integration/test-committor-service/tests/test_ix_commit_local.rs (1)

150-151: LGTM!

The TODO comment clearly documents future test coverage plans for larger commit sizes.

test-integration/test-committor-service/tests/utils/transactions.rs

coderabbitai

Actionable comments posted: 1

♻️ Duplicate comments (1)

magicblock-committor-service/src/tasks/mod.rs (1)

124-149: Hard-coded localhost RPC disables CommitDiff outside dev boxes

CommitTask::new spins up an RpcClient with ChainConfig::local(...) (http://localhost:7799, Processed) and uses it to fetch the base account. In production the committor talks to the configured cluster RPC, so this call always fails, leaving base_account = None. That forces create_commit_ix to fall back to commit_state, so the CommitDiff path never executes anywhere except a localhost setup. It also re-opens the redundant client/TOCTOU problem raised earlier. Please inject the real ChainConfig/RpcClient from the service layer and reuse it here instead of hard-coding ChainConfig::local, so the diff fetch succeeds in real deployments.

📜 Review details

Configuration used: CodeRabbit UI

Review profile: ASSERTIVE

Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between 9ed65ad and 2ff5502.

📒 Files selected for processing (2)

magicblock-committor-service/src/tasks/args_task.rs (3 hunks)
magicblock-committor-service/src/tasks/mod.rs (10 hunks)

🧰 Additional context used

🧠 Learnings (2)

📚 Learning: 2025-10-21T14:00:54.642Z

Learnt from: bmuddha
Repo: magicblock-labs/magicblock-validator PR: 578
File: magicblock-aperture/src/requests/websocket/account_subscribe.rs:18-27
Timestamp: 2025-10-21T14:00:54.642Z
Learning: In magicblock-aperture account_subscribe handler (src/requests/websocket/account_subscribe.rs), the RpcAccountInfoConfig fields data_slice, commitment, and min_context_slot are currently ignored—only encoding is applied. This is tracked as technical debt in issue #579: https://github.com/magicblock-labs/magicblock-validator/issues/579

Applied to files:

magicblock-committor-service/src/tasks/args_task.rs
magicblock-committor-service/src/tasks/mod.rs

📚 Learning: 2025-10-14T09:56:14.047Z

Learnt from: taco-paco
Repo: magicblock-labs/magicblock-validator PR: 564
File: test-integration/programs/flexi-counter/src/processor/call_handler.rs:122-125
Timestamp: 2025-10-14T09:56:14.047Z
Learning: The file test-integration/programs/flexi-counter/src/processor/call_handler.rs contains a test smart contract used for integration testing, not production code.

Applied to files:

magicblock-committor-service/src/tasks/args_task.rs

🧬 Code graph analysis (2)

magicblock-committor-service/src/tasks/args_task.rs (2)

magicblock-committor-service/src/tasks/mod.rs (1)

new (119-158)

magicblock-committor-service/src/tasks/buffer_task.rs (2)

new (37-45)

new_preparation_required (30-35)

magicblock-committor-service/src/tasks/mod.rs (1)

magicblock-committor-service/src/config.rs (1)

local (29-35)

⏰ Context from checks skipped due to timeout of 90000ms. You can increase the timeout in your CodeRabbit configuration to a maximum of 15 minutes (900000ms). (3)

GitHub Check: run_make_ci_test
GitHub Check: Build Project
GitHub Check: run_make_ci_lint

magicblock-committor-service/src/tasks/args_task.rs

coderabbitai

Actionable comments posted: 1

Caution

Some comments are outside the diff and can’t be posted inline due to platform limitations.

⚠️ Outside diff range comments (1)

test-integration/test-committor-service/tests/test_ix_commit_local.rs (1)

173-246: Fix threshold inconsistency: single-account tests (800B, 1KB, 10KB) should expect Args, not FromBuffer.

The COMMIT_STATE_SIZE_THRESHOLD is 200 bytes. CommitDiff (Args strategy) is used when account size > 200 bytes AND base_account is successfully fetched.

The multi-account tests correctly expect Args for account sizes > 200 bytes (lines 179–235). However, the single-account tests contradict this:

Line 83: 800 bytes expects FromBuffer → should expect Args (800 > 200)

Line 90: 800 bytes expects FromBuffer → should expect Args

Line 97: 1KB expects FromBuffer → should expect Args

Line 104: 10KB expects FromBuffer → should expect Args

Update these four tests to expect CommitStrategy::Args to align with the threshold logic and the multi-account test expectations.

♻️ Duplicate comments (5)

magicblock-committor-service/src/tasks/args_task.rs (1)
91-100: CRITICAL: CommitDiff optimization is completely disabled.

This code defeats the entire CommitDiff feature that the PR is intended to add:

When is_commit_diff() returns true (large account with fetched base), this branch executes

force_commit_state() is called, setting a flag that makes is_commit_diff() return false

The task is wrapped in a BufferTask

When BufferTask later calls create_commit_ix(), the forced flag causes fallback to create_commit_state_ix()

Result: Full account state is sent instead of the diff, nullifying the optimization

According to your test results, CommitDiff should send diff len = 286 bytes versus data len = 10240 bytes. But with this code, the 10KB full state will always be sent for large accounts.

The strategist always calls optimize(), so this branch fires 100% of the time for diff-capable tasks.

Per the TODO comment, if BufferTask cannot support CommitDiff, then return Err(self) here (like BaseAction, Finalize, Undelegate do) so the task stays on the Args path and can actually submit the diff.

Apply this fix:
-            ArgsTaskType::Commit(mut value) if value.is_commit_diff() => {
-                //TODO (snawaz): We do not currently support executing CommitDiff as BufferTask, which is why we're forcing CommitTask to use CommitState before converting this task into BufferTask
-                // Once CommitDiff is supported by BufferTask, we do not have to
-                // force_commit_state.
-
-                value.force_commit_state();
-                Ok(Box::new(BufferTask::new_preparation_required(
-                    BufferTaskType::Commit(value),
-                )))
-            }
+            ArgsTaskType::Commit(value) if value.is_commit_diff() => {
+                // CommitDiff cannot be converted to BufferTask because the diff
+                // is computed against the current base-chain state and must be
+                // sent directly in instruction args. Return Err to keep on Args path.
+                Err(self)
+            }
Based on past review comments.
magicblock-committor-service/src/tasks/mod.rs (4)
117-117: Document the rationale for COMMIT_STATE_SIZE_THRESHOLD.

The 200-byte threshold determines when to attempt CommitDiff (with RPC fetch) versus direct CommitState. Adding a comment would help maintainers understand:

Why 200 bytes was chosen

The trade-offs (RPC overhead vs instruction data size)

Whether this should be configurable

Example:
 impl CommitTask {
+    // Accounts larger than 200 bytes may use CommitDiff to reduce instruction size.
+    // Below 200 bytes, the RPC overhead outweighs the benefit of sending a diff.
+    // TODO: Make this threshold configurable based on network conditions.
     const COMMIT_STATE_SIZE_THRESHOLD: usize = 200;
Based on past review comments.

119-158: CRITICAL: Hard-coded localhost RPC prevents CommitDiff in production.

The constructor creates an RpcClient pointing to ChainConfig::local() which hard-codes "http://localhost:7799" (see config.rs:28-34). This means CommitDiff will NEVER work in any non-local environment:

Production/staging validators don't run RPC on localhost:7799

get_account() will fail, setting base_account = None

is_commit_diff() returns false, falling back to full state

Your test showing "diff len = 286" only works because it runs locally

Additional problems:

Blocking RPC call in constructor blocks the tokio runtime

No timeout configured—hangs indefinitely on slow/dead endpoints

TOCTOU: base-chain account can change between fetch and submit

Constructor doing network I/O is an anti-pattern

Solution: Inject a configured RpcClient (or ChainConfig) into CommitTask::new() from the service layer that creates tasks. The service already has the real chain config—pass it through the task builder.
 pub fn new(
     commit_id: u64,
     allow_undelegation: bool,
     committed_account: CommittedAccount,
+    rpc_client: Option<&RpcClient>,
 ) -> Self {
     let fetched_account = if committed_account.account.data.len()
         > CommitTask::COMMIT_STATE_SIZE_THRESHOLD
     {
-        use solana_rpc_client::rpc_client::RpcClient;
-        use solana_sdk::commitment_config::CommitmentConfig;
-
-        use crate::{config::ChainConfig, ComputeBudgetConfig};
-
-        let chain_config =
-            ChainConfig::local(ComputeBudgetConfig::new(1_000_000));
-
-        let rpc_client = RpcClient::new_with_commitment(
-            chain_config.rpc_uri.to_string(),
-            CommitmentConfig {
-                commitment: chain_config.commitment,
-            },
-        );
-
-        rpc_client.get_account(&committed_account.pubkey).ok()
+        rpc_client.and_then(|client| {
+            client.get_account(&committed_account.pubkey).ok()
+        })
     } else {
         None
     };
-
-    println!("fetched_account: {:#?}", fetched_account);
Based on past review comments.

129-132: Move imports to module level.

Imports inside the constructor (lines 129-131) are a code smell suggesting this code was added hastily. These should be at module level with other imports.

However, once you fix the critical RPC-in-constructor issue by injecting the client, these imports may no longer be needed here at all.

Based on past review comments.

149-149: Remove debug println! statements.

Debug println! at lines 149, 186, and 217 flood stdout and bypass configured log levels. Remove them before merge, or replace with log::debug! if needed for troubleshooting.
-        println!("fetched_account: {:#?}", fetched_account);
Also applies to: 186-186, 217-217

Based on past review comments.

📜 Review details

Configuration used: CodeRabbit UI

Review profile: ASSERTIVE

Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between 2ff5502 and fb096a7.

📒 Files selected for processing (3)

magicblock-committor-service/src/tasks/args_task.rs (3 hunks)
magicblock-committor-service/src/tasks/mod.rs (10 hunks)
test-integration/test-committor-service/tests/test_ix_commit_local.rs (10 hunks)

🧰 Additional context used

🧠 Learnings (2)

📚 Learning: 2025-10-14T09:56:14.047Z

Learnt from: taco-paco
Repo: magicblock-labs/magicblock-validator PR: 564
File: test-integration/programs/flexi-counter/src/processor/call_handler.rs:122-125
Timestamp: 2025-10-14T09:56:14.047Z
Learning: The file test-integration/programs/flexi-counter/src/processor/call_handler.rs contains a test smart contract used for integration testing, not production code.

Applied to files:

test-integration/test-committor-service/tests/test_ix_commit_local.rs
magicblock-committor-service/src/tasks/args_task.rs

📚 Learning: 2025-10-21T14:00:54.642Z

Learnt from: bmuddha
Repo: magicblock-labs/magicblock-validator PR: 578
File: magicblock-aperture/src/requests/websocket/account_subscribe.rs:18-27
Timestamp: 2025-10-21T14:00:54.642Z
Learning: In magicblock-aperture account_subscribe handler (src/requests/websocket/account_subscribe.rs), the RpcAccountInfoConfig fields data_slice, commitment, and min_context_slot are currently ignored—only encoding is applied. This is tracked as technical debt in issue #579: https://github.com/magicblock-labs/magicblock-validator/issues/579

Applied to files:

test-integration/test-committor-service/tests/test_ix_commit_local.rs
magicblock-committor-service/src/tasks/mod.rs
magicblock-committor-service/src/tasks/args_task.rs

🧬 Code graph analysis (3)

test-integration/test-committor-service/tests/test_ix_commit_local.rs (1)

magicblock-validator/src/main.rs (1)

init_logger (13-50)

magicblock-committor-service/src/tasks/mod.rs (1)

magicblock-committor-service/src/config.rs (1)

local (29-35)

magicblock-committor-service/src/tasks/args_task.rs (2)

magicblock-committor-service/src/tasks/mod.rs (1)

new (119-158)

magicblock-committor-service/src/tasks/buffer_task.rs (2)

new (37-45)

new_preparation_required (30-35)

⏰ Context from checks skipped due to timeout of 90000ms. You can increase the timeout in your CodeRabbit configuration to a maximum of 15 minutes (900000ms). (3)

GitHub Check: Build Project
GitHub Check: run_make_ci_test
GitHub Check: run_make_ci_lint

🔇 Additional comments (12)

magicblock-committor-service/src/tasks/args_task.rs (3)

1-1: LGTM: Import cleanup aligns with delegation pattern.

Removing CommitStateArgs from imports is correct since commit instruction creation is now delegated to CommitTask::create_commit_ix() at line 47.

47-47: LGTM: Proper delegation to CommitTask.

Delegating instruction creation to CommitTask::create_commit_ix() is the correct approach, allowing CommitTask to internally choose between CommitState and CommitDiff paths.

157-163: LGTM: reset_commit_id correctly handles both commit paths.

This implementation is correct. Both CommitState and CommitDiff execution paths use the same ArgsTaskType::Commit(CommitTask) variant, so this code properly resets the commit_id for all commit-related tasks.

The distinction between diff and state is internal to CommitTask (via is_commit_diff()), not a separate enum variant.

magicblock-committor-service/src/tasks/mod.rs (6)

1-4: LGTM: Necessary imports for CommitDiff functionality.

The new imports (CommitDiffArgs, CommitStateArgs, compute_diff) are required to support both commit instruction variants.

20-20: LGTM: Required imports for account handling.

Account and ReadableAccount imports are necessary for the base_account field and RPC operations.

160-169: LGTM: Helper methods correctly implement diff detection logic.

The is_commit_diff() and force_commit_state() methods properly encapsulate the logic for determining when to use CommitDiff versus CommitState. The checks for threshold, base_account presence, and force flag are appropriate.

171-177: LGTM: Clean dispatch logic for commit instruction creation.

The create_commit_ix() method cleanly dispatches to the appropriate instruction builder based on whether a base account was fetched. This is the correct entry point for instruction generation.

195-225: LGTM: CommitDiff logic correctly computes and sends diff.

The create_commit_diff_ix() method properly:

Calls compute_diff() with base and current account data

Constructs CommitDiffArgs with the computed diff

Uses the DLP instruction builder

The defensive check at lines 200-205 is redundant (since create_commit_ix() already handles this), but it's not harmful and provides an extra safety layer.

Note: The println! at line 217 should be removed (already flagged separately).

432-446: LGTM: Test correctly updated to use new CommitTask constructor.

The test properly uses CommitTask::new() instead of struct literal initialization, aligning with the new API. The small account data (3 bytes) won't trigger CommitDiff path, which is appropriate for a serialization test.

Also applies to: 492-506, 517-531

test-integration/test-committor-service/tests/test_ix_commit_local.rs (3)

64-106: Multi-threading annotations correctly applied.

All single-account tests now properly use #[tokio::test(flavor = "multi_thread", worker_threads = 2)] to avoid runtime panics from blocking RpcClient calls in CommitTask::new(). This addresses the issue identified in previous reviews.

The TODO comments, while repetitive, provide clear context for future refactoring when the blocking call is removed.

248-391: Comprehensive test coverage with consistent multi-threading annotations.

All remaining tests properly use multi-threaded runtime annotations and cover various scenarios:

Different bundle sizes (2, 3, 4, 5, 6, 8, 20 accounts per bundle)

Multiple account counts (5, 8, 20 accounts total)

Commit-only and commit-with-undelegate flows

The strategy expectations have been systematically updated to reflect CommitDiff behavior, maintaining consistency across the test suite.

569-575: The review comment is incorrect—the assertion already handles both CommitState and CommitDiff correctly.

The tx_logs_contain utility function (in tests/utils/transactions.rs lines 124–129) explicitly handles both instruction types when checking for "CommitState". The function's logic checks log.contains("CommitState") || log.contains("CommitDiff") when the needle is "CommitState". The comments in that function explain this was an intentional design to avoid requiring tests to compute which strategy was used and pass the correct instruction name.

The assertion at line 570 is correct as-is and requires no changes.

Likely an incorrect or invalid review comment.

magicblock-committor-service/src/tasks/mod.rs

…fficiently commit changes in delegated accounts

…any tests

coderabbitai

Actionable comments posted: 2

Caution

Some comments are outside the diff and can’t be posted inline due to platform limitations.

⚠️ Outside diff range comments (1)

magicblock-committor-service/src/tasks/task_strategist.rs (1)

159-171: TODO flags valid performance concern.

The TODO comment correctly identifies that the calculate_tx_length closure performs heavy computations that may be discarded during the optimization loop. Consider tracking which tasks have already been serialized/measured to avoid redundant work, or restructure the optimization to be more incremental.

♻️ Duplicate comments (16)

test-integration/test-tools/src/scheduled_commits.rs (1)

198-198: Consider verbosity of debug output.

The println! statements with {:#?} pretty-printing could produce very verbose output, especially if the log arrays are large. While acceptable for test tooling, this may clutter test output and make it harder to identify actual test failures.

Consider either:

Making these conditional via an environment variable (e.g., MAGICBLOCK_DEBUG_LOGS)

Using a more compact format like {:?}, or

Confirming this is temporary debugging code to be removed before merge

Also applies to: 210-210
test-integration/schedulecommit/client/src/schedule_commit_context.rs (1)
166-169: Consider extracting compute budget values as named constants.

The compute unit limit (1,400,000) and price (10,000) are hardcoded. Extracting these as named constants would improve maintainability.

Example:
const INIT_COMPUTE_UNIT_LIMIT: u32 = 1_400_000;
const INIT_COMPUTE_UNIT_PRICE: u64 = 10_000;

let mut ixs = vec![
    ComputeBudgetInstruction::set_compute_unit_limit(INIT_COMPUTE_UNIT_LIMIT),
    ComputeBudgetInstruction::set_compute_unit_price(INIT_COMPUTE_UNIT_PRICE),
];
test-integration/test-committor-service/tests/test_delivery_preparator.rs (3)

81-83: Same multi-threading workaround applied consistently.

This test also requires the multi-threaded runtime due to the blocking RpcClient calls in CommitTask::new().

213-215: Multi-threading workaround applied consistently.

This test similarly requires the multi-threaded runtime due to blocking RpcClient calls.

297-299: Multi-threading workaround applied consistently.

This test also requires the multi-threaded runtime for the same reason documented in earlier tests.

programs/magicblock/src/magic_scheduled_base_intent.rs (1)

374-431: Critical: Missing StandaloneDiff handling in try_from_args.

The PR objectives describe a new CommitDiff flow, but CommitType::try_from_args only constructs Standalone and WithBaseActions variants. According to past review comments, there should be a StandaloneDiff variant that needs to be constructed from CommitTypeArgs::StandaloneDiff. Without this, the new diff-based commit instruction cannot function—all is_commit_diff() calls will return false and the runtime will continue down the full-commit path.

Please extend try_from_args to recognize CommitTypeArgs::StandaloneDiff and construct the corresponding CommitType::StandaloneDiff variant, including extracting and storing the diff bytes into the CommittedAccount representation.

test-integration/test-committor-service/tests/test_ix_commit_local.rs (1)

193-193: Strategy expectations consistently updated across tests.

Multiple tests now expect CommitStrategy::Args instead of buffer-based strategies, reflecting the new commit path that uses instruction args for smaller data payloads.

Also applies to: 207-207, 221-221, 235-235, 244-245, 254-254, 269-270, 283-283, 298-299, 322-323, 346-346

test-integration/schedulecommit/test-scenarios/tests/01_commits.rs (1)

84-85: Consistent seed parameter usage.

The second test also correctly passes the seed parameter for deterministic context creation.
magicblock-committor-service/src/tasks/args_task.rs (2)
159-165: reset_commit_id must handle CommitDiff.

When a CommitDiff task is recycled, reset_commit_id silently returns without updating the commit_id, leaving stale data. Extend the pattern match:
-    let ArgsTaskType::Commit(commit_task) = &mut self.task_type else {
-        return;
-    };
-
-    commit_task.commit_id = commit_id;
+    match &mut self.task_type {
+        ArgsTaskType::Commit(task) => {
+            task.commit_id = commit_id;
+        }
+        _ => {}
+    }
91-102: Critical: force_commit_state defeats CommitDiff optimization.

Forcing every CommitDiff task back to CommitState before converting to BufferTask completely nullifies the diff optimization. Since the strategist always calls optimize(), CommitDiff instructions never reach execution.

The TODO acknowledges this is temporary, but it means the entire CommitDiff feature is non-functional in this PR. Consider:

Return Err(self) for CommitDiff (like other non-optimizable tasks) to preserve the diff path, OR

Clearly document in the PR description that CommitDiff is merged but disabled until BufferTask support is added

Your test shows diff len = 286 vs data len = 10240, which is excellent—but this code path ensures production never uses it.
test-integration/programs/schedulecommit/src/utils/mod.rs (1)

71-71: Consider checked conversion for the cast.

The unchecked as usize cast could theoretically truncate on 32-bit platforms if size exceeds usize::MAX. While Solana programs run in 64-bit environments, a checked conversion (e.g., size.try_into()?) would be more defensive.
test-integration/schedulecommit/client/src/verify.rs (1)
16-23: Eliminate duplication by making the function generic.

This function duplicates fetch_and_verify_commit_result_from_logs with only the type parameter differing. Consider making the original function generic:
-pub fn fetch_and_verify_commit_result_from_logs(
+pub fn fetch_and_verify_commit_result_from_logs<T>(
     ctx: &ScheduleCommitTestContext,
     sig: Signature,
-) -> ScheduledCommitResult<MainAccount> {
+) -> ScheduledCommitResult<T>
+where
+    T: borsh::BorshDeserialize,
+{
     let res = ctx.fetch_schedule_commit_result(sig).unwrap();
     res.confirm_commit_transactions_on_chain(ctx).unwrap();
     res
 }
-
-pub fn fetch_and_verify_order_book_commit_result_from_logs(
-    ctx: &ScheduleCommitTestContext,
-    sig: Signature,
-) -> ScheduledCommitResult<OrderBookOwned> {
-    let res = ctx.fetch_schedule_commit_result(sig).unwrap();
-    res.confirm_commit_transactions_on_chain(ctx).unwrap();
-    res
-}
Call sites would use turbofish: fetch_and_verify_commit_result_from_logs::<OrderBookOwned>(&ctx, sig).
test-integration/schedulecommit/test-scenarios/tests/utils/mod.rs (1)
41-47: Remove unused trait bounds.

The trait bounds borsh::BorshDeserialize + PartialEq + Eq + std::fmt::Debug are not used by this function—the body only inspects the ScheduledCommitResult structure without deserializing or comparing values of type T.
 pub fn assert_one_committee_was_committed<T>(
     ctx: &ScheduleCommitTestContext,
     res: &ScheduledCommitResult<T>,
     is_single_stage: bool,
-) 
-where
-    T: std::fmt::Debug + borsh::BorshDeserialize + PartialEq + Eq,
-{
+) {
test-integration/programs/schedulecommit/src/lib.rs (1)
332-348: Guard new_size against overflow before reallocating.

order_book.data_len() + additional_space as usize can wrap on BPF. A large additional_space will shrink the buffer and truncate the order book while the instruction still succeeds.

Use checked arithmetic (and bail on overflow) before calling realloc:
-    let new_size = order_book.data_len() + additional_space as usize;
+    let additional = usize::try_from(additional_space)
+        .map_err(|_| ProgramError::InvalidArgument)?;
+    let new_size = order_book
+        .data_len()
+        .checked_add(additional)
+        .ok_or(ProgramError::InvalidArgument)?;
This keeps the account safe even when callers request huge growth.
test-integration/programs/schedulecommit/src/order_book.rs (1)
127-130: Fail fast if the book cannot absorb an update.

add_bids/add_asks return Option precisely to signal capacity exhaustion, but the current code ignores it. When the book is full the instruction still returns Ok(()), leaving the caller with stale state and no warning.

Propagate the failure (or at least panic) so capacity issues surface immediately:
-        self.add_bids(&updates.bids);
-        self.add_asks(&updates.asks);
+        self.add_bids(&updates.bids)
+            .expect("order book capacity exhausted while applying bids");
+        self.add_asks(&updates.asks)
+            .expect("order book capacity exhausted while applying asks");
That way the transaction aborts instead of silently dropping updates.
magicblock-committor-service/src/tasks/mod.rs (1)
121-158: Remove the hard-coded localhost RPC — CommitDiff never fires outside tests.

Every construction of CommitTask spins up a fresh RpcClient pointed at ChainConfig::local("http://localhost:7799"). In any non-local deployment that endpoint is unavailable, so get_account fails, base_account stays None, and create_commit_ix always falls back to commit_state. The CommitDiff path is therefore dead in production, defeating the feature this PR introduces. It also recreates a blocking client per constructor call, widening the TOCTOU window.

Please inject the real, configured RPC (or a pre-fetched base account) from the caller instead of hard-coding localhost here—e.g. extend the constructor to accept an &RpcClient or a trait-backed fetcher and reuse it:
-    pub fn new(
-        commit_id: u64,
-        allow_undelegation: bool,
-        committed_account: CommittedAccount,
-    ) -> Self {
+    pub fn new(
+        commit_id: u64,
+        allow_undelegation: bool,
+        committed_account: CommittedAccount,
+        rpc_client: &RpcClient,
+    ) -> Self {
         let fetched_account = if committed_account.account.data.len()
             > CommitTask::COMMIT_STATE_SIZE_THRESHOLD
         {
-            // TODO (snawaz) …
-            rpc_client.get_account(&committed_account.pubkey).ok()
+            rpc_client.get_account(&committed_account.pubkey).ok()
         } else {
             None
         };
Thread the configured client (or the fetched Account) through the task builder so CommitDiff can execute against the real endpoint.

📜 Review details

Configuration used: CodeRabbit UI

Review profile: ASSERTIVE

Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between fb096a7 and 36d77aa.

⛔ Files ignored due to path filters (3)

Cargo.lock is excluded by !**/*.lock
test-integration/Cargo.lock is excluded by !**/*.lock
test-integration/schedulecommit/elfs/dlp.so is excluded by !**/*.so

📒 Files selected for processing (27)

Cargo.toml (1 hunks)
magicblock-committor-service/src/tasks/args_task.rs (3 hunks)
magicblock-committor-service/src/tasks/mod.rs (10 hunks)
magicblock-committor-service/src/tasks/task_builder.rs (1 hunks)
magicblock-committor-service/src/tasks/task_strategist.rs (3 hunks)
programs/magicblock/src/magic_scheduled_base_intent.rs (1 hunks)
test-integration/Cargo.toml (4 hunks)
test-integration/programs/schedulecommit/Cargo.toml (1 hunks)
test-integration/programs/schedulecommit/src/api.rs (5 hunks)
test-integration/programs/schedulecommit/src/lib.rs (8 hunks)
test-integration/programs/schedulecommit/src/order_book.rs (1 hunks)
test-integration/programs/schedulecommit/src/utils/mod.rs (3 hunks)
test-integration/schedulecommit/client/src/schedule_commit_context.rs (6 hunks)
test-integration/schedulecommit/client/src/verify.rs (2 hunks)
test-integration/schedulecommit/test-scenarios/Cargo.toml (1 hunks)
test-integration/schedulecommit/test-scenarios/tests/01_commits.rs (2 hunks)
test-integration/schedulecommit/test-scenarios/tests/02_commit_and_undelegate.rs (4 hunks)
test-integration/schedulecommit/test-scenarios/tests/utils/mod.rs (1 hunks)
test-integration/schedulecommit/test-security/tests/01_invocations.rs (1 hunks)
test-integration/test-committor-service/tests/common.rs (2 hunks)
test-integration/test-committor-service/tests/test_delivery_preparator.rs (4 hunks)
test-integration/test-committor-service/tests/test_ix_commit_local.rs (10 hunks)
test-integration/test-committor-service/tests/test_transaction_preparator.rs (3 hunks)
test-integration/test-committor-service/tests/utils/transactions.rs (1 hunks)
test-integration/test-ledger-restore/tests/08_commit_update.rs (2 hunks)
test-integration/test-tools/src/integration_test_context.rs (2 hunks)
test-integration/test-tools/src/scheduled_commits.rs (3 hunks)

🧰 Additional context used

🧠 Learnings (3)

📚 Learning: 2025-10-14T09:56:14.047Z

Learnt from: taco-paco
Repo: magicblock-labs/magicblock-validator PR: 564
File: test-integration/programs/flexi-counter/src/processor/call_handler.rs:122-125
Timestamp: 2025-10-14T09:56:14.047Z
Learning: The file test-integration/programs/flexi-counter/src/processor/call_handler.rs contains a test smart contract used for integration testing, not production code.

Applied to files:

test-integration/test-committor-service/tests/test_ix_commit_local.rs
test-integration/programs/schedulecommit/src/utils/mod.rs
test-integration/test-ledger-restore/tests/08_commit_update.rs
test-integration/test-tools/src/scheduled_commits.rs
test-integration/schedulecommit/test-scenarios/tests/02_commit_and_undelegate.rs
magicblock-committor-service/src/tasks/args_task.rs
test-integration/test-tools/src/integration_test_context.rs

📚 Learning: 2025-10-21T14:00:54.642Z

Learnt from: bmuddha
Repo: magicblock-labs/magicblock-validator PR: 578
File: magicblock-aperture/src/requests/websocket/account_subscribe.rs:18-27
Timestamp: 2025-10-21T14:00:54.642Z
Learning: In magicblock-aperture account_subscribe handler (src/requests/websocket/account_subscribe.rs), the RpcAccountInfoConfig fields data_slice, commitment, and min_context_slot are currently ignored—only encoding is applied. This is tracked as technical debt in issue #579: https://github.com/magicblock-labs/magicblock-validator/issues/579

Applied to files:

test-integration/test-committor-service/tests/test_ix_commit_local.rs
test-integration/programs/schedulecommit/src/utils/mod.rs
test-integration/programs/schedulecommit/src/api.rs
magicblock-committor-service/src/tasks/args_task.rs
programs/magicblock/src/magic_scheduled_base_intent.rs
test-integration/programs/schedulecommit/src/order_book.rs
test-integration/programs/schedulecommit/src/lib.rs
test-integration/schedulecommit/client/src/schedule_commit_context.rs
magicblock-committor-service/src/tasks/mod.rs

📚 Learning: 2025-10-26T16:54:39.084Z

Learnt from: thlorenz
Repo: magicblock-labs/magicblock-validator PR: 587
File: test-manual/Cargo.toml:0-0
Timestamp: 2025-10-26T16:54:39.084Z
Learning: In the magicblock-validator repository, use git branch references (not commit hashes or tags) for the helius-laserstream dependency to allow automatic updates when the branch is pushed to.

Applied to files:

test-integration/Cargo.toml
Cargo.toml

🧬 Code graph analysis (16)

test-integration/schedulecommit/test-security/tests/01_invocations.rs (1)

test-integration/schedulecommit/client/src/schedule_commit_context.rs (2)

try_new (72-74)

try_new_random_keys (66-71)

magicblock-committor-service/src/tasks/task_builder.rs (2)

magicblock-committor-service/src/tasks/args_task.rs (1)

new (36-41)

magicblock-committor-service/src/tasks/mod.rs (1)

new (121-159)

test-integration/test-committor-service/tests/test_ix_commit_local.rs (1)

magicblock-validator/src/main.rs (1)

init_logger (13-50)

test-integration/schedulecommit/test-scenarios/tests/utils/mod.rs (3)

test-integration/schedulecommit/test-security/tests/01_invocations.rs (1)

ctx (148-149)

test-integration/test-ledger-restore/tests/08_commit_update.rs (1)

ctx (90-91)

test-integration/schedulecommit/client/src/schedule_commit_context.rs (3)

try_new (72-74)

ncommittees (102-121)

try_new_random_keys (66-71)

test-integration/schedulecommit/client/src/verify.rs (2)

test-integration/schedulecommit/test-security/tests/01_invocations.rs (1)

ctx (148-149)

test-integration/test-ledger-restore/tests/08_commit_update.rs (1)

ctx (90-91)

test-integration/test-ledger-restore/tests/08_commit_update.rs (1)

test-integration/test-ledger-restore/src/lib.rs (1)

setup_validator_with_local_remote (97-119)

magicblock-committor-service/src/tasks/task_strategist.rs (2)

magicblock-committor-service/src/tasks/args_task.rs (1)

new (36-41)

magicblock-committor-service/src/tasks/mod.rs (1)

new (121-159)

test-integration/programs/schedulecommit/src/api.rs (1)

test-integration/programs/schedulecommit/src/order_book.rs (1)

new (105-125)

test-integration/schedulecommit/test-scenarios/tests/01_commits.rs (1)

test-integration/schedulecommit/test-scenarios/tests/utils/mod.rs (1)

get_context_with_delegated_committees (16-35)

test-integration/test-committor-service/tests/common.rs (1)

magicblock-committor-service/src/tasks/mod.rs (1)

new (121-159)

test-integration/schedulecommit/test-scenarios/tests/02_commit_and_undelegate.rs (4)

test-integration/programs/schedulecommit/src/api.rs (3)

schedule_commit_and_undelegate_cpi_with_mod_after_instruction (287-311)

schedule_commit_diff_instruction_for_order_book (193-212)

update_order_book_instruction (175-191)

test-integration/schedulecommit/test-scenarios/tests/utils/mod.rs (1)

get_context_with_delegated_committees (16-35)

test-integration/programs/schedulecommit/src/order_book.rs (1)

bids (171-173)

test-integration/schedulecommit/client/src/verify.rs (1)

fetch_and_verify_order_book_commit_result_from_logs (16-23)

magicblock-committor-service/src/tasks/args_task.rs (2)

magicblock-committor-service/src/tasks/mod.rs (1)

new (121-159)

magicblock-committor-service/src/tasks/buffer_task.rs (2)

new (37-45)

new_preparation_required (30-35)

test-integration/test-committor-service/tests/test_transaction_preparator.rs (2)

magicblock-committor-service/src/tasks/mod.rs (1)

new (121-159)

magicblock-committor-service/src/tasks/buffer_task.rs (2)

new (37-45)

new_preparation_required (30-35)

test-integration/programs/schedulecommit/src/lib.rs (2)

test-integration/programs/schedulecommit/src/utils/mod.rs (3)

assert_is_signer (30-44)

assert_keys_equal (16-28)

allocate_account_and_assign_owner (58-106)

test-integration/programs/schedulecommit/src/order_book.rs (1)

new (105-125)

test-integration/schedulecommit/client/src/schedule_commit_context.rs (1)

test-integration/programs/schedulecommit/src/api.rs (3)

init_order_book_instruction (36-54)

init_payer_escrow (77-98)

init_account_instruction (16-34)

magicblock-committor-service/src/tasks/mod.rs (1)

magicblock-committor-service/src/config.rs (1)

local (29-35)

⏰ Context from checks skipped due to timeout of 90000ms. You can increase the timeout in your CodeRabbit configuration to a maximum of 15 minutes (900000ms). (1)

GitHub Check: Build Project

🔇 Additional comments (30)

test-integration/schedulecommit/test-security/tests/01_invocations.rs (1)

28-42: LGTM! Seed parameter correctly threaded through test context initialization.

The addition of the user_seed parameter (b"magic_schedule_commit") to both try_new() and try_new_random_keys() calls is consistent and aligns with the deterministic seed mechanism introduced across the test harness. The static seed is appropriate for test code and ensures reproducibility.

test-integration/test-tools/src/integration_test_context.rs (2)

157-159: LGTM! Panic message fix is correct.

The format placeholder issue has been properly resolved. The panic message now correctly interpolates the label variable, so errors will clearly indicate which RPC client ("chain" or "ephemeral") is missing.

168-174: LGTM! Conditional logic is now documented.

The comment clearly explains why different clusters use different transaction version settings. The implementation is appropriate for test infrastructure where the chain cluster needs explicit v0 transaction support.

test-integration/test-ledger-restore/tests/08_commit_update.rs (1)

55-61: LGTM! Correct handling of the temporary directory.

Both call sites properly capture the TempDir returned by setup_validator_with_local_remote. Binding it to _tmpdir ensures the temporary directory stays alive for the correct scope (entire function duration), preventing premature cleanup that could affect validator operation.

Also applies to: 170-176

test-integration/test-tools/src/scheduled_commits.rs (3)

182-196: LGTM! Clear naming for two-stage log handling.

The variable rename to ephem_logs_l1 clearly distinguishes the first ephemeral log fetch from the subsequent second fetch, improving code readability for the new two-stage flow.

201-209: LGTM! Second-stage log fetch properly implemented.

The second ephemeral log fetch using scheduled_commmit_sent_sig is correctly implemented with appropriate error context referencing the first-stage logs. This two-stage pattern aligns with the new CommitDiff flow described in the PR objectives.

212-214: LGTM! Correctly uses second-stage logs for extraction.

The extraction now properly consumes ephem_logs_l2 to get the commit information, which is the expected behavior in the two-stage log handling flow.

test-integration/schedulecommit/client/src/schedule_commit_context.rs (6)

8-8: LGTM: Imports aligned with new functionality.

The new imports support the order book initialization path and compute budget configuration.

Also applies to: 16-16

34-34: LGTM: user_seed properly encapsulated.

The private field and .to_vec() storage are appropriate.

Also applies to: 158-158

66-80: LGTM: Constructor API updated consistently.

All constructors now require user_seed, maintaining a consistent API surface.

170-192: LGTM: Seed-based initialization branching is clean.

The match on user_seed correctly dispatches to init_account_instruction or init_order_book_instruction.

271-276: LGTM: user_seed correctly propagated to delegation call.

Passing &self.user_seed to delegate_account_cpi_instruction aligns with the updated API.

115-118: PDA derivation is correct for both cases; no changes needed.

The client derives PDAs at lines 115-118 using [user_seed, payer_ephem.pubkey()]. Verification confirms:

For b"order_book": Client passes payer_ephem as book_manager and the derived PDA. On-chain process_init_order_book derives [b"order_book", book_manager.key] (line 287) and validates it matches the passed account (line 291). ✓

For b"magic_schedule_commit": Client passes payer_ephem as player and the derived PDA. On-chain process_init derives [b"magic_schedule_commit", player_info.key] (line 221), which matches. ✓

Both derivations are consistent with the on-chain handlers.

test-integration/schedulecommit/test-scenarios/Cargo.toml (1)

19-20: LGTM!

Adding rand and borsh as dev-dependencies is appropriate for enhanced test data generation and serialization support in the schedule commit test scenarios.

test-integration/test-committor-service/tests/test_delivery_preparator.rs (1)

18-20: Consistent workaround for blocking RpcClient calls.

The multi-threaded test configuration with explicit TODO comment clearly documents why this change is needed—CommitTask::new() uses blocking RpcClient calls that require a multi-threaded runtime.

programs/magicblock/src/magic_scheduled_base_intent.rs (1)

288-301: LGTM! Clean struct and conversion implementation.

The CommittedAccount struct and its From<CommittedAccountRef> implementation are well-structured and provide a clean conversion from the reference-wrapped internal representation to the owned public API type.

test-integration/test-committor-service/tests/test_ix_commit_local.rs (2)

65-67: Multi-threaded runtime configuration applied consistently.

The TODO comments clearly document the temporary workaround for blocking RpcClient calls in CommitTask::new().

179-179: Strategy expectation updated to Args.

The test now expects CommitStrategy::Args instead of FromBuffer. This aligns with the new commit flow where smaller accounts can use args-based commits.

test-integration/schedulecommit/test-scenarios/tests/01_commits.rs (1)

30-31: API updated to include deterministic seed parameter.

The updated call to get_context_with_delegated_committees now includes a seed parameter (b"magic_schedule_commit"), enabling deterministic test inputs. This aligns with the updated function signature in the test utilities.

test-integration/test-committor-service/tests/utils/transactions.rs (1)

123-133: Pragmatic solution for dual commit paths.

The special-case handling for "CommitState" to also match "CommitDiff" is a reasonable trade-off to avoid widespread test changes. The inline comment clearly explains the rationale. This allows existing tests that search for "CommitState" to pass regardless of which commit instruction type is actually used.

test-integration/test-committor-service/tests/common.rs (1)

152-165: Constructor pattern improves API consistency.

Replacing the direct struct literal construction with CommitTask::new() provides a cleaner, more maintainable API. The constructor encapsulates the logic for deciding whether to fetch base account data, making the call site simpler.

magicblock-committor-service/src/tasks/task_strategist.rs (1)

267-280: Test updated to use constructor pattern.

The test correctly uses CommitTask::new() instead of struct literal construction, consistent with the new API pattern across the codebase.

test-integration/programs/schedulecommit/src/utils/mod.rs (2)

53-53: LGTM: Type change aligns with Solana's system instruction API.

Changing size from usize to u64 matches the signature of system_instruction::allocate (line 90), improving type consistency.

75-79: LGTM: Debug logging and correct allocate call.

The added logging helps diagnose lamport-related issues, and passing size directly to system_instruction::allocate is correct since it expects u64.

Also applies to: 90-90

test-integration/Cargo.toml (1)

40-40: LGTM: Dependency updates align with PR requirements.

The delegation-program rev bump (to e8d03936) and the addition of rkyv and static_assertions support the new CommitDiff flow and zero-copy serialization requirements mentioned in the PR.

Also applies to: 60-62, 74-74, 93-93

Cargo.toml (1)

111-114: LGTM: Workspace dependency updates are consistent.

The delegation-program rev bump matches the test-integration workspace, and the explicit magicblock-aperture path entry is standard for workspace members.

test-integration/programs/schedulecommit/Cargo.toml (1)

11-12: LGTM: New dependencies support zero-copy serialization.

Adding rkyv and static_assertions enables the zero-copy OrderBook implementation and compile-time size checks mentioned in the PR.

magicblock-committor-service/src/tasks/task_builder.rs (1)

92-96: LGTM: Constructor encapsulates initialization logic.

Using CommitTask::new() instead of struct literals is good practice. The constructor (defined in mod.rs) now handles the logic for fetching base accounts when size exceeds the threshold.

magicblock-committor-service/src/tasks/args_task.rs (1)

47-47: LGTM: Instruction generation delegated to CommitTask.

Calling value.create_commit_ix(validator) properly encapsulates the logic for choosing between CommitState and CommitDiff instruction generation within CommitTask.

test-integration/schedulecommit/test-scenarios/tests/utils/mod.rs (1)

16-35: LGTM: user_seed parameter enables per-context PDA derivation.

Threading user_seed through to the context constructors and consolidating initialization (lines 28-32) improves test setup consistency. The debug prints are helpful for test utilities.

test-integration/schedulecommit/client/src/schedule_commit_context.rs

taco-paco reviewed Oct 16, 2025

View reviewed changes

magicblock-committor-service/src/tasks/mod.rs Outdated Show resolved Hide resolved

snawaz force-pushed the snawaz/commit-diff branch 6 times, most recently from 249b1aa to 2f0555f Compare October 23, 2025 15:45

snawaz force-pushed the snawaz/commit-diff branch 2 times, most recently from 0151da0 to 5c25e73 Compare October 27, 2025 06:13

snawaz changed the title ~~Add ScheduleCommitDiffAndUndelegate~~ Add MagicBlockInstruction::ScheduleCommitDiffAndUndelegate to efficiently commit changes in delegated accounts Oct 27, 2025

snawaz changed the title ~~Add MagicBlockInstruction::ScheduleCommitDiffAndUndelegate to efficiently commit changes in delegated accounts~~ Add ScheduleCommitDiffAndUndelegate to efficiently commit changes in delegated accounts Oct 27, 2025

snawaz force-pushed the snawaz/commit-diff branch 2 times, most recently from 2ae750b to 725f72c Compare October 27, 2025 09:45

snawaz force-pushed the snawaz/commit-diff branch from 725f72c to e5c5e15 Compare October 27, 2025 16:55

snawaz changed the title ~~Add ScheduleCommitDiffAndUndelegate to efficiently commit changes in delegated accounts~~ featAdd ScheduleCommitDiffAndUndelegate to efficiently commit changes in delegated accounts Oct 27, 2025

snawaz changed the title ~~featAdd ScheduleCommitDiffAndUndelegate to efficiently commit changes in delegated accounts~~ feat: Add ScheduleCommitDiffAndUndelegate to efficiently commit changes in delegated accounts Oct 27, 2025

snawaz marked this pull request as ready for review October 28, 2025 14:52

coderabbitai bot reviewed Oct 28, 2025

View reviewed changes

snawaz mentioned this pull request Oct 31, 2025

feat: Add commit_diff_and_undelegate_accounts() magicblock-labs/ephemeral-rollups-sdk#71

Closed

snawaz force-pushed the snawaz/commit-diff branch 2 times, most recently from 9c44347 to 693af7f Compare October 31, 2025 05:57

coderabbitai bot reviewed Oct 31, 2025

View reviewed changes

snawaz force-pushed the snawaz/commit-diff branch from 693af7f to 99f2e8f Compare October 31, 2025 14:19

coderabbitai bot reviewed Oct 31, 2025

View reviewed changes

programs/magicblock/src/magic_scheduled_base_intent.rs Outdated Show resolved Hide resolved

snawaz force-pushed the snawaz/commit-diff branch from 99f2e8f to 7eaaa13 Compare October 31, 2025 14:50

coderabbitai bot reviewed Oct 31, 2025

View reviewed changes

magicblock-committor-service/src/tasks/args_task.rs Outdated Show resolved Hide resolved

snawaz marked this pull request as draft November 2, 2025 12:23

coderabbitai bot reviewed Nov 3, 2025

View reviewed changes

test-integration/schedulecommit/client/src/schedule_commit_context.rs Show resolved Hide resolved

test-integration/schedulecommit/client/src/schedule_commit_context.rs Show resolved Hide resolved

test-integration/test-tools/src/integration_test_context.rs Show resolved Hide resolved

coderabbitai bot reviewed Nov 4, 2025

View reviewed changes

magicblock-committor-service/src/tasks/mod.rs Outdated Show resolved Hide resolved

snawaz force-pushed the snawaz/commit-diff branch from 0ac18ab to a30f507 Compare November 4, 2025 07:42

coderabbitai bot reviewed Nov 4, 2025

View reviewed changes

snawaz force-pushed the snawaz/commit-diff branch from a30f507 to 33fe0bc Compare November 4, 2025 08:02

coderabbitai bot reviewed Nov 4, 2025

View reviewed changes

magicblock-committor-service/src/tasks/mod.rs Outdated Show resolved Hide resolved

snawaz requested a review from thlorenz November 4, 2025 08:22

snawaz force-pushed the snawaz/commit-diff branch 2 times, most recently from db80cab to dcaafd1 Compare November 4, 2025 09:02

coderabbitai bot reviewed Nov 4, 2025

View reviewed changes

magicblock-committor-service/src/tasks/mod.rs Show resolved Hide resolved

magicblock-committor-service/src/tasks/mod.rs Outdated Show resolved Hide resolved

snawaz force-pushed the snawaz/commit-diff branch from 6f44e7f to 10f1f92 Compare November 4, 2025 11:23

coderabbitai bot reviewed Nov 4, 2025

View reviewed changes

test-integration/test-committor-service/tests/test_ix_commit_local.rs Show resolved Hide resolved

snawaz force-pushed the snawaz/commit-diff branch from 10f1f92 to 03efa01 Compare November 4, 2025 11:53

coderabbitai bot reviewed Nov 4, 2025

View reviewed changes

test-integration/test-committor-service/tests/utils/transactions.rs Show resolved Hide resolved

coderabbitai bot reviewed Nov 4, 2025

View reviewed changes

magicblock-committor-service/src/tasks/args_task.rs Show resolved Hide resolved

snawaz force-pushed the snawaz/commit-diff branch from 2ff5502 to fb096a7 Compare November 4, 2025 15:00

coderabbitai bot reviewed Nov 4, 2025

View reviewed changes

magicblock-committor-service/src/tasks/mod.rs Show resolved Hide resolved

snawaz force-pushed the snawaz/commit-diff branch from fb096a7 to 588ec52 Compare November 4, 2025 16:12

snawaz added 10 commits November 4, 2025 21:43

feat: Add MagicBlockInstruction::ScheduleCommitDiffAndUndelegate to e…

4a63b48

…fficiently commit changes in delegated accounts

Redesign the implementation of CommitDiff support

c85f7b8

Make it work again

0b9bb7d

Make unit-tests work again

620de56

fix ci lint etc

eae5e0d

Use #[tokio::test(flavor = "multi_thread", worker_threads = 2)]

f09d0c1

Update schedulecommit/elfs/dlp.so to use latest version of DLP

188fbfb

Use CommitStrategy::Args in place of CommitStrategy::FromBuffer for m…

32f9c08

…any tests

Add force_commit_state

6b8bfb9

CI is green, so let's Cleanup

36d77aa

snawaz force-pushed the snawaz/commit-diff branch from 588ec52 to 36d77aa Compare November 4, 2025 16:13

coderabbitai bot reviewed Nov 4, 2025

View reviewed changes

test-integration/schedulecommit/client/src/schedule_commit_context.rs Show resolved Hide resolved

test-integration/schedulecommit/client/src/schedule_commit_context.rs Show resolved Hide resolved

feat: Add support for CommitDiff to efficiently commit small changes in large delegated accounts #575

Are you sure you want to change the base?

feat: Add support for CommitDiff to efficiently commit small changes in large delegated accounts #575

Uh oh!

Conversation

snawaz commented Oct 15, 2025 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

Update dlp.so

Changes in the existing tests.

Screenshots

Summary by CodeRabbit

Uh oh!

snawaz commented Oct 15, 2025

Uh oh!

coderabbitai bot commented Oct 15, 2025 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

Walkthrough

Changes

Sequence Diagram(s)

Estimated code review effort

Possibly related PRs

Suggested reviewers

Pre-merge checks and finishing touches

Uh oh!

Uh oh!

github-actions bot commented Oct 27, 2025 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

Manual Deploy Available

Uh oh!

coderabbitai bot left a comment

Choose a reason for hiding this comment

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

coderabbitai bot left a comment

Choose a reason for hiding this comment

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

coderabbitai bot left a comment

Choose a reason for hiding this comment

Uh oh!

Uh oh!

coderabbitai bot left a comment

Choose a reason for hiding this comment

Uh oh!

Uh oh!

coderabbitai bot left a comment

Choose a reason for hiding this comment

Uh oh!

Uh oh!

Uh oh!

Uh oh!

coderabbitai bot left a comment

Choose a reason for hiding this comment

Uh oh!

Uh oh!

coderabbitai bot left a comment

Choose a reason for hiding this comment

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

coderabbitai bot left a comment

Choose a reason for hiding this comment

Uh oh!

feat: Add support for `CommitDiff` to efficiently commit small changes in large delegated accounts #575

feat: Add support for `CommitDiff` to efficiently commit small changes in large delegated accounts #575

snawaz commented Oct 15, 2025 •

edited

Loading

coderabbitai bot commented Oct 15, 2025 •

edited

Loading

github-actions bot commented Oct 27, 2025 •

edited

Loading