Rust-core port follow-ups#77
Conversation
⚡ Performance Report
|
Bundle Size ReportChunks over 500 KB:
All files
Commit: 0d29ff7 |
…ermissions popover Map slot-exhaustion, rejected-transaction, and JSON-RPC registration failures to actionable copy with the raw reason as a detail line, and guard the async permissions popover against stale renders with an unavailable-state fallback.
Wrap each core provider so every inbound/outbound wire frame is decoded and emitted on the dotli debug bus when the panel is listening, restoring per-frame protocol traffic in the timeline.
AllowanceKeys slots are AES-GCM encrypted before hitting localStorage. Known issues to resolve before merge: derive a random per-write nonce (the current fixed nonce is obfuscation, not encryption) and accept the plain-hex format written before this change as a read fallback.
Prompt-driven host callbacks share a 20-per-10s sliding window so a hostile product cannot flood the host with modal prompts.
Align the docked panel with the 56px topbar iframe, close system flows by exact layer:event names so setup_ready no longer false-matches the ready suffix, and declare the @dotli/config dependency that chain-registry already imports.
Remove @polkadot-api/signer and @polkadot-labs/hdkd{,-helpers}, which
nothing in the resolver imports, and cover isChainSupported and the
pre-existing rpc-chain provider behavior with unit tests.
Failed sends flushed after chainConnect resolve to JSON-RPC error responses, matching the direct send path, so polkadot-api's client sees the failure instead of hanging.
Backend read failures no longer push a terminal error into the preimage lookup subscription, so the stream keeps polling and slow Bulletin/IPFS propagation surfaces as a late result instead of a permanent failure. Gateway mode logs that sandbox bitswap is unavailable rather than advertising the Bulletin chain.
Ref-count upstream tokens shared by local sessions and buffer subscription events that arrive before their token response. Broker transport hardening kept separate from the Rust host migration.
b808f13 to
7728508
Compare
|
❌ E2E Product suite failed on Failed tests:
Logs: https://github.com/paritytech/dotli-community/actions/runs/29426103952 |
| } | ||
|
|
||
| export function createPromptPermission(label: string): Permissions { | ||
| const limiter = createSubmitRateLimiter(); |
There was a problem hiding this comment.
Are the rate limiters suppose to be "shared"? rate-limit.ts comments "shared across host callbacks", but each factory calls createSubmitRateLimiter on its own so each one gets its own "budget".
We could do the following to make sure the resources are shared:
const promptLimiter = createSubmitRateLimiter();
return {
permissions: createPromptPermission(label, promptLimiter),
notifications: createNotificationAdapters(label, promptLimiter),
};
| const SUBMIT_WINDOW_MS = 10_000; | ||
| const SUBMIT_MAX_PER_WINDOW = 20; | ||
|
|
||
| export function createSubmitRateLimiter(): { allow: () => boolean } { |
There was a problem hiding this comment.
We should have tests for this.
| this.earlySubscriptions.set(upstreamToken, events); | ||
| } | ||
| if (events.length < MAX_EARLY_SUBSCRIPTION_EVENTS_PER_TOKEN) { | ||
| events.push(message); |
There was a problem hiding this comment.
Are we silently dropping messages here? I haven't verified this though
| if (!owned) { | ||
| const ownedLocals = this.upstreamToOwned.get(upstreamToken); | ||
| if (ownedLocals === undefined || ownedLocals.size === 0) { | ||
| if (this.hasPendingSubscriptionRequest()) { |
There was a problem hiding this comment.
Is this to broad of a check? looks like hasPendingSubscriptionRequest true for any subscription request as long as one is in flight across all tabs, for any token.
Summary
All follow-up work for the Rust-core port (#70), consolidated into a single stacked PR. Each commit is an independent unit with its context in the commit message:
feat(topbar)— friendly login-failure explanations (statement-store slot exhaustion, rejected registration transactions, JSON-RPC failures) with the raw reason as a detail line; permissions-popover stale-render guard and unavailable-state fallback.feat(debug)— per-frame TrUAPI wire tap feeding the debug panel timeline. Without this commit the panel's TrUAPI lane receives no events.feat(ui)— AllowanceKeys slots are AES-GCM encrypted at rest.feat(ui)— permission and notification prompts share a 20-per-10s sliding window so a hostile product cannot flood the host with modals.fix(debug)— dock offset matches the 56px topbar iframe, system flows close on exactlayer:eventnames (setup_readyno longer false-matches thereadysuffix),@dotli/configdeclared wherechain-registryimports it.chore(resolver)— drops unused@polkadot-api/signerand@polkadot-labs/hdkd{,-helpers}; adds unit coverage for pre-existing chain support checks.fix(protocol)—chainSendmessages flushed afterchainConnectsurface send failures as JSON-RPC error responses, matching the direct-send path.fix(ui)— preimage lookup subscriptions keep polling after backend read failures; gateway mode logs that sandbox bitswap is unavailable.fix(protocol)— broker ref-counts upstream tokens shared by local sessions and buffers subscription events that arrive before their token response.Base
Stacked on #70. Supersedes #73, #74, and #76.
Verification
bun install --frozen-lockfilebun run format:checkbunx --bun turbo run lint typecheck test build:prod --forcebun auditmake e2e-dotlifrom the parent truapi checkout runs against Swith to Rust core #70 directly; this branch layers cleanly on top.