Enforce production raw attribute schema

[punk6529]

Closes #122.
Refs #51.

Summary

• Harden StreamMetadataRenderer.isSafeRawAttributes so production token attributes are either empty or comma-separated objects with exactly trait_type and value JSON string fields.
• Add focused metadata tests for valid reversed-order/escaped attributes and invalid missing, extra, duplicate, non-string, malformed separator, control, unterminated, and invalid escape cases.
• Update metadata docs, ADR 0006, roadmap/status/test traceability, changelog, autonomous run state, and regenerated release/deployment artifacts for the renderer bytecode/docs delta.

Notes

• Production invalid UTF-8 policy and full browser execution sandbox automation remain follow-up P1-META-006 work under [P1-META-006] Add metadata escaping, size limits, and render-sandbox tests #51.
• StreamCore remains 24,135 runtime bytes with 441 bytes of EIP-170 headroom; linked StreamMetadataRenderer is 8,591 runtime bytes.

Validation

• powershell -NoProfile -ExecutionPolicy Bypass -File scripts\bootstrap-windows.ps1
• forge fmt smart-contracts\StreamMetadataRenderer.sol test\StreamMetadataEscaping.t.sol
• forge fmt --check smart-contracts\StreamMetadataRenderer.sol test\StreamMetadataEscaping.t.sol
• forge test --match-path test\StreamMetadataEscaping.t.sol -vvv
• make release-checksums
• make check
• powershell -NoProfile -ExecutionPolicy Bypass -File scripts\check.ps1
• bash -n scripts/check.sh
• git diff --check
• make release-manifest-check
• make release-checksums-check

Summary by CodeRabbit

• New Features

  • Enforced production rule: raw token attributes must be empty or comma-separated objects with trait_type and value string fields; on-chain guard added.

• Documentation

  • Updated metadata spec, ADR, roadmap, status, known-blockers, and ops docs to reflect attribute schema, escaping, and remaining work.

• Tests

  • Added tests for valid semantic pairs, malformed attribute shapes, non-string values, and invalid string escapes.

• Chores

  • Regenerated release and deployment artifact checksums and manifests.

[claude]

Claude Code Review

This repository is configured for manual code reviews. Comment @claude review to trigger a review and subscribe this PR to future pushes, or @claude review once for a one-time review.

_{Tip: disable this comment in your organization's Code Review settings.}

[coderabbitai]

No actionable comments were generated in the recent review. 🎉

ℹ️ Recent review info

⚙️ Run configuration

Configuration used: defaults

Review profile: CHILL

Plan: Pro

Run ID: ca623567-9500-4674-a569-92066c86e4a9

📥 Commits

Reviewing files that changed from the base of the PR and between 7b4b545 and 89bf0fb.

📒 Files selected for processing (13)

• deployments/address-books/anvil-6529stream-v0.1.0-001-broadcast.json
• deployments/address-books/anvil-6529stream-v0.1.0-001.json
• deployments/examples/anvil-6529stream-v0.1.0-001-broadcast.json
• deployments/examples/anvil-6529stream-v0.1.0-001.json
• ops/AUTONOMOUS_RUN.md
• release-artifacts/latest/SHA256SUMS
• release-artifacts/latest/abi-checksums.json
• release-artifacts/latest/release-artifact-manifest.json
• release-artifacts/latest/release-checksums.json
• release-artifacts/latest/release-manifest.json
• release-artifacts/latest/source-verification-inputs.json
• smart-contracts/StreamMetadataRenderer.sol
• test/StreamMetadataEscaping.t.sol

✅ Files skipped from review due to trivial changes (8)

• deployments/examples/anvil-6529stream-v0.1.0-001.json
• deployments/address-books/anvil-6529stream-v0.1.0-001.json
• release-artifacts/latest/abi-checksums.json
• deployments/examples/anvil-6529stream-v0.1.0-001-broadcast.json
• release-artifacts/latest/release-checksums.json
• release-artifacts/latest/release-manifest.json
• release-artifacts/latest/SHA256SUMS
• ops/AUTONOMOUS_RUN.md

🚧 Files skipped from review as they are similar to previous changes (4)

• deployments/address-books/anvil-6529stream-v0.1.0-001-broadcast.json
• release-artifacts/latest/source-verification-inputs.json
• test/StreamMetadataEscaping.t.sol
• smart-contracts/StreamMetadataRenderer.sol

---

📝 Walkthrough

Walkthrough

This PR enforces production raw-attribute schema: nonempty fragments must be comma-separated JSON objects each with exactly "trait_type" and "value" JSON string fields; StreamMetadataRenderer.isSafeRawAttributes was rewritten, tests added, docs/ops updated, and release/deployment checksums regenerated to reflect the bytecode change.

Changes

Production raw attribute schema enforcement

Layer / File(s)	Summary
Validation logic refactor and helpers smart-contracts/StreamMetadataRenderer.sol	Replaced prior structural validator with an index-based parser and private helpers enforcing empty fragments or comma-separated objects containing exactly trait_type and value JSON string pairs, including JSON string escape and \uXXXX validation.
Test coverage for validation behavior test/StreamMetadataEscaping.t.sol, test/README.md	Added a positive test preserving semantic pairs (either key order and escapes) and three negative tests asserting UnsafeRawAttributes reverts for missing/duplicate/unexpected keys, non-string values, and invalid JSON string escapes; introduced test helper for revert assertions.
Specification and documentation updates CHANGELOG.md, docs/adr/0006-metadata-freeze.md, docs/metadata.md, docs/status.md, docs/known-blockers.md	Updated changelog, ADR, metadata spec, status, and known-blockers to document production enforcement and to tighten wording to require empty or comma-separated { trait_type, value } string objects; expanded test requirements.
Operations and roadmap updates ops/AUTONOMOUS_RUN.md, ops/ROADMAP.md	Recorded PR #123/Queue Item 64, updated autonomous run state and decision log, and revised roadmap/test-matrix entries to reflect canonical trait_type/value enforcement and remaining items.
Release manifests and checksum propagation release-artifacts/latest/*, deployments/*, release-manifest.json, release-checksums.json, source-verification-inputs.json	Regenerated SHA256 sums and updated manifest/checksum entries for deployments, address books, ABI checksums, and source verification inputs to propagate StreamMetadataRenderer/StreamCore bytecode and artifact checksum changes.

Estimated code review effort

🎯 4 (Complex) | ⏱️ ~45 minutes

Possibly related PRs

• 6529-Collections/6529Stream#90: Further refines StreamMetadataRenderer raw-attributes parsing and strict { "trait_type", "value" } validation.
• 6529-Collections/6529Stream#3: Updates ops/ROADMAP and AUTONOMOUS_RUN tracking related to metadata enforcement work.
• 6529-Collections/6529Stream#113: Related metadata validation work adding URI safety checks and UnsafeMetadataURI handling.

Poem

🐰 I nibble through JSON leaves so neat,
trait_type and value make my treat,
commas mark the hopping trail,
escapes and strings must never fail,
parser hops — metadata's complete!

🚥 Pre-merge checks | ✅ 5

✅ Passed checks (5 passed)

Check name	Status	Explanation
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.
Title check	✅ Passed	The title 'Enforce production raw attribute schema' is clear, concise, and directly describes the main change of hardening raw attribute validation in production code.
Linked Issues check	✅ Passed	The PR fully implements all coding objectives from issue #122: hardened isSafeRawAttributes validator, comprehensive test cases for valid/invalid attributes, and verification of size constraints and artifact regeneration.
Out of Scope Changes check	✅ Passed	All changes are directly aligned with the scope of #122: schema enforcement code, related tests, documentation updates, artifact regeneration, and roadmap/status updates for completed work.
Docstring Coverage	✅ Passed	No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing Touches

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Commit unit tests in branch codex/metadata-attribute-schema

---

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[punk6529]

@coderabbitai review

[coderabbitai]

✅ Action performed

Review finished.

Note: CodeRabbit is an incremental review system and does not re-review already reviewed commits. This command is applicable only when automatic reviews are paused.

[coderabbitai]

Actionable comments posted: 1

🤖 Prompt for all review comments with AI agents

Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

Inline comments:
In `@smart-contracts/StreamMetadataRenderer.sol`:
- Around line 306-309: The code currently treats whitespace-only fragments as
valid by skipping leading spaces then returning true when index == input.length;
change this so that in production schema mode a fragment that is only spaces is
rejected: after calling _skipRawAttributeSpaces(input, 0) and computing index,
if index == input.length then, when in production schema mode, return false
(reject) instead of true; keep the existing behavior outside production mode.
Update the branch that returns true to consult the production/schema-mode flag
and flip the result when appropriate so the "nonempty must be object sequence"
rule cannot be bypassed by whitespace-only input.

🪄 Autofix (Beta)

Fix all unresolved CodeRabbit comments on this PR:

• Push a commit to this branch (recommended)
• Create a new PR with the fixes

---

ℹ️ Review info

⚙️ Run configuration

Configuration used: defaults

Review profile: CHILL

Plan: Pro

Run ID: 1c77452d-1b9d-44af-b02a-b693573b2020

📥 Commits

Reviewing files that changed from the base of the PR and between 0b5a63d and 57cd13b.

📒 Files selected for processing (20)

• CHANGELOG.md
• deployments/address-books/anvil-6529stream-v0.1.0-001-broadcast.json
• deployments/address-books/anvil-6529stream-v0.1.0-001.json
• deployments/examples/anvil-6529stream-v0.1.0-001-broadcast.json
• deployments/examples/anvil-6529stream-v0.1.0-001.json
• docs/adr/0006-metadata-freeze.md
• docs/known-blockers.md
• docs/metadata.md
• docs/status.md
• ops/AUTONOMOUS_RUN.md
• ops/ROADMAP.md
• release-artifacts/latest/SHA256SUMS
• release-artifacts/latest/abi-checksums.json
• release-artifacts/latest/release-artifact-manifest.json
• release-artifacts/latest/release-checksums.json
• release-artifacts/latest/release-manifest.json
• release-artifacts/latest/source-verification-inputs.json
• smart-contracts/StreamMetadataRenderer.sol
• test/README.md
• test/StreamMetadataEscaping.t.sol