feat(ton): TON localnet integration

[swift1337]

Description

This PR adds containerized TON localnet node with all wiring for local development and E2E testing.

Note that the build is x86 only.

• Dockerize TON localnet
• Add a sidecar with various features
  • Get faucet
  • Get lite client config
  • Get /status healthcheck
• Setup boilerplate for E2E TON testing suite with 1 hello world test for TON
• lite-client.json: swap localhost (encoded as int 2130706433) with ton's container IP 🪖
• Ability to wait for TON node bootstrapping
• CI: add TON tests as make start-ton-test triggered with the label TON_TESTS
• Move ton docker image to a separate repo

Utils

• Act on behalf of the faucet
• Deploy arbitrary wallets
• Deploy gateway
• Fund arbitrary wallets

Based on https://github.com/neodix42/MyLocalTon

Closes: #2720

Summary by CodeRabbit

• New Features

  • Introduced support for TON blockchain with a dedicated testing framework.
  • Added a new service for TON in the local network setup.
  • Enhanced configuration options for managing TON accounts and RPC interactions.
  • Implemented end-to-end tests for TON deposits.

• Bug Fixes

  • Improved error handling and logging for TON-related operations.

• Documentation

  • Updated changelog to reflect new features and testing capabilities for TON.

• Tests

  • Added new test cases for TON functionality and wallet management.

[coderabbitai]

Important

Review skipped

Auto incremental reviews are disabled on this repository.

Please check the settings in the CodeRabbit UI or the .coderabbit.yaml file in this repository. To trigger a single review, invoke the @coderabbitai review command.

You can disable this status message by setting the reviews.review_status to false in the CodeRabbit configuration file.

Walkthrough

Walkthrough

The changes introduced in this pull request primarily focus on integrating support for the TON blockchain into the existing codebase. This includes modifications to the e2e testing framework, configuration files, and the addition of new functionalities for managing TON accounts and transactions. The updates also enhance the CI workflow to accommodate testing for the TON environment, ensuring that the system can effectively interact with the TON blockchain.

Changes

Files	Change Summary
.github/workflows/e2e.yml	Added support for TON_TESTS, including conditional outputs and a new job step for executing TON tests.
Makefile	Introduced a new target start-ton-test for initializing the TON test environment.
changelog.md	Updated to document the addition of the e2e testing framework for the TON blockchain.
cmd/zetae2e/config/clients.go	Modified to initialize a new TON client based on configuration.
cmd/zetae2e/config/local.yml	Updated account details, added multiple accounts, and modified RPC configurations for TON support.
cmd/zetae2e/config/localnet.yml	Added ton_sidecar_url for TON service communication.
cmd/zetae2e/init.go	Introduced a command-line flag for specifying the TON sidecar URL.
cmd/zetae2e/local/local.go	Added flag for running TON tests and updated testing logic.
cmd/zetae2e/local/ton.go	Implemented tonTestRoutine for executing TON e2e tests.
contrib/localnet/docker-compose.yml	Added a new service for the TON node in Docker configuration.
contrib/localnet/orchestrator/Dockerfile.fastbuild	Included a script for waiting on the TON node in the Docker build process.
contrib/localnet/orchestrator/start-zetae2e.sh	Enhanced script to wait for the TON node to bootstrap before proceeding.
contrib/localnet/scripts/wait-for-ton.sh	New script to monitor the TON node's status until it is operational.
e2e/config/config.go	Added TONSidecarURL to the RPCs struct for configuration.
e2e/e2etests/e2etests.go	Introduced a new test case for depositing TON into ZEVM.
e2e/e2etests/test_ton_deposit.go	Created a test function for validating TON deposits.
e2e/runner/clients.go	Added a new client for interacting with the TON blockchain.
e2e/runner/logger.go	Modified logging method for improved functionality.
e2e/runner/runner.go	Expanded the E2ERunner struct to support TON operations.
e2e/runner/setup_ton.go	Implemented setup logic for TON deployer and Gateway contract.
e2e/runner/ton/accounts.go	Introduced account management functionalities for TON.
e2e/runner/ton/accounts_test.go	Added tests for TON account management functionalities.
e2e/runner/ton/clients.go	Implemented a client for interacting with TON nodes and sidecar services.
e2e/runner/ton/coin.go	Provided utility functions for handling TON coin conversions.
e2e/runner/ton/deployer.go	Implemented functionalities for managing TON accounts and transactions.
e2e/runner/ton/gateway.compiled.json	Added a JSON file for gateway deployment payloads.
go.mod	Updated dependencies to include libraries for TON integration.
zetaclient/chains/ton/config.go	Introduced functionality for downloading and parsing TON configuration files.
zetaclient/chains/ton/observer/observer_test.go	Added a test function for the observer component, currently marked to skip.

Assessment against linked issues

Objective	Addressed	Explanation
localnet: docker image (2720)	✅
localnet: scripts for funding & deploying arbitrary accounts (2720)	❌	No scripts for funding or deploying accounts were added.
github actions: wire e2e test suite with TON (2720)	✅

---

Thank you for using CodeRabbit. We offer it for free to the OSS community and would appreciate your support in helping us grow. If you find it useful, would you consider giving us a shout-out on your favorite social media?

Share

• X
• Mastodon
• Reddit
• LinkedIn

Tips

Chat

There are 3 ways to chat with CodeRabbit:

• Review comments: Directly reply to a review comment made by CodeRabbit. Example:
  -- I pushed a fix in commit <commit_id>, please review it.
  -- Generate unit testing code for this file.
  • Open a follow-up GitHub issue for this discussion.
• Files and specific lines of code (under the "Files changed" tab): Tag @coderabbitai in a new review comment at the desired location with your query. Examples:
  -- @coderabbitai generate unit testing code for this file.
  -- @coderabbitai modularize this function.
• PR comments: Tag @coderabbitai in a new PR comment to ask questions about the PR branch. For the best results, please provide a very specific query, as very limited context is provided in this mode. Examples:
  -- @coderabbitai generate interesting stats about this repository and render them as a table.
  -- @coderabbitai read src/utils.ts and generate unit testing code.
  -- @coderabbitai read the files in the src/scheduler package and generate a class diagram using mermaid and a README in the markdown format.
  -- @coderabbitai help me debug CodeRabbit configuration file.

Note: Be mindful of the bot's finite context window. It's strongly recommended to break down tasks such as reading entire modules into smaller chunks. For a focused discussion, use review comments to chat about specific files and their changes, instead of using the PR comments.

CodeRabbit Commands (Invoked using PR comments)

• @coderabbitai pause to pause the reviews on a PR.
• @coderabbitai resume to resume the paused reviews.
• @coderabbitai review to trigger an incremental review. This is useful when automatic reviews are disabled for the repository.
• @coderabbitai full review to do a full review from scratch and review all the files again.
• @coderabbitai summary to regenerate the summary of the PR.
• @coderabbitai resolve resolve all the CodeRabbit review comments.
• @coderabbitai configuration to show the current CodeRabbit configuration for the repository.
• @coderabbitai help to get help.

Other keywords and placeholders

• Add @coderabbitai ignore anywhere in the PR description to prevent this PR from being reviewed.
• Add @coderabbitai summary to generate the high-level summary at a specific location in the PR description.
• Add @coderabbitai anywhere in the PR title to generate the title automatically.

Documentation and Community

• Visit our Documentation for detailed information on how to use CodeRabbit.
• Join our Discord Community to get help, request features, and share feedback.
• Follow us on X/Twitter for updates and announcements.

[codecov]

Codecov Report

Attention: Patch coverage is 15.75342% with 123 lines in your changes missing coverage. Please review.

Project coverage is 66.84%. Comparing base (19c929c) to head (ff7a62e).
Report is 5 commits behind head on develop.

Files with missing lines	Patch %	Lines
zetaclient/chains/bitcoin/observer/rpc_status.go	0.00%	18 Missing ⚠️
zetaclient/chains/solana/observer/rpc_status.go	0.00%	18 Missing ⚠️
zetaclient/chains/evm/observer/rpc_status.go	0.00%	17 Missing ⚠️
zetaclient/chains/bitcoin/rpc/rpc.go	0.00%	16 Missing ⚠️
zetaclient/chains/ton/config.go	0.00%	14 Missing ⚠️
zetaclient/chains/evm/rpc/rpc.go	0.00%	12 Missing ⚠️
zetaclient/chains/solana/rpc/rpc.go	0.00%	12 Missing ⚠️
zetaclient/config/config_chain.go	0.00%	10 Missing ⚠️
zetaclient/chains/evm/observer/observer.go	25.00%	2 Missing and 1 partial ⚠️
zetaclient/chains/bitcoin/observer/observer.go	50.00%	1 Missing ⚠️
... and 2 more

Additional details and impacted files

@@             Coverage Diff             @@
##           develop    #2833      +/-   ##
===========================================
- Coverage    66.94%   66.84%   -0.11%     
===========================================
  Files          373      378       +5     
  Lines        21032    21098      +66     
===========================================
+ Hits         14080    14103      +23     
- Misses        6288     6330      +42     
- Partials       664      665       +1     

Files with missing lines	Coverage Δ
zetaclient/chains/base/observer.go	86.93% <100.00%> (+0.83%)	⬆️
zetaclient/config/types.go	11.62% <ø> (ø)
zetaclient/orchestrator/bootstrap.go	58.95% <100.00%> (+0.54%)	⬆️
zetaclient/chains/bitcoin/observer/observer.go	38.31% <50.00%> (+5.42%)	⬆️
zetaclient/chains/solana/observer/observer.go	40.62% <50.00%> (+0.30%)	⬆️
zetaclient/common/env.go	83.33% <83.33%> (ø)
zetaclient/chains/evm/observer/observer.go	73.54% <25.00%> (+11.46%)	⬆️
zetaclient/config/config_chain.go	12.00% <0.00%> (-0.77%)	⬇️
zetaclient/chains/evm/rpc/rpc.go	0.00% <0.00%> (ø)
zetaclient/chains/solana/rpc/rpc.go	0.00% <0.00%> (ø)
... and 5 more

[lumtis]

Small comments look good to me

[github-actions]

!!!WARNING!!!
nosec detected in the following files: e2e/runner/ton/coin.go, e2e/runner/ton/deployer.go, e2e/runner/logger.go

Be very careful about using #nosec in code. It can be a quick way to suppress security warnings and move forward with development, it should be employed with caution. Suppressing warnings with #nosec can hide potentially serious vulnerabilities. Only use #nosec when you're absolutely certain that the security issue is either a false positive or has been mitigated in another way.

Only suppress a single rule (or a specific set of rules) within a section of code, while continuing to scan for other problems. To do this, you can list the rule(s) to be suppressed within the #nosec annotation, e.g: /* #nosec G401 */ or //#nosec G201 G202 G203
Broad #nosec annotations should be avoided, as they can hide other vulnerabilities. The CI will block you from merging this PR until you remove #nosec annotations that do not target specific rules.

Pay extra attention to the way #nosec is being used in the files listed above.

[coderabbitai]

Actionable comments posted: 12

Outside diff range and nitpick comments (13)

contrib/localnet/orchestrator/Dockerfile.fastbuild (1)

17-17: Consider marking the wait-for-ton.sh script as executable.

The addition of the wait-for-ton.sh script to the orchestrator's Docker image is a positive change that enhances the orchestration capabilities during the local network setup. However, to ensure that the script can be executed within the container, it is recommended to mark it as executable using the chmod command.

Apply this change to mark the script as executable:

COPY contrib/localnet/scripts/wait-for-ton.sh /work/
+RUN chmod +x /work/wait-for-ton.sh

e2e/e2etests/test_ton_deposit.go (1)

13-42: Rename the function and add a TODO comment for the actual deposit test.

The function name TestTONDeposit is misleading as the actual deposit test is not implemented. Consider renaming the function to better reflect its purpose, such as TestTONE2EBoilerplate or TestTONE2ESetup.

Also, add a TODO comment to implement the actual deposit test in the future.

Apply this diff to rename the function and add a TODO comment:

-func TestTONDeposit(r *runner.E2ERunner, _ []string) {
+func TestTONE2EBoilerplate(r *runner.E2ERunner, _ []string) {
+	// TODO: Implement the actual deposit test

cmd/zetae2e/local/ton.go (3)

21-31: Simplify error handling by directly returning the error.

Instead of assigning the error to a variable and returning it later, you can directly return the error to make the code more concise.

-		if err != nil {
-			return errors.Wrap(err, "unable to init ton test runner")
-		}
+		if err != nil {
+			return errors.Wrap(err, "unable to init ton test runner")
+		}

---

33-34: Enhance logging by using structured logging with fields.

Consider using a structured logging library like zap or logrus to log with fields. This makes the logs more searchable and easier to parse.

-		tonRunner.Logger.Print("🏃 starting TON tests")
+		tonRunner.Logger.Info("starting TON tests", zap.String("status", "started"))
		startTime := time.Now()
...
-		tonRunner.Logger.Print("🍾 ton tests completed in %s", time.Since(startTime).String())
+		tonRunner.Logger.Info("ton tests completed", zap.String("status", "completed"), zap.Duration("duration", time.Since(startTime)))

Also applies to: 49-49

---

15-20: Remove unused parameter verbose from the function signature.

The verbose parameter is not used within the function body and can be removed to simplify the function signature.

-func tonTestRoutine(
-	conf config.Config,
-	deployerRunner *runner.E2ERunner,
-	verbose bool,
-	testNames ...string,
-) func() error {
+func tonTestRoutine(
+	conf config.Config,
+	deployerRunner *runner.E2ERunner,
+	testNames ...string,
+) func() error {

cmd/zetae2e/init.go (1)

31-32: Consider using a more generic default value for --tonSidecarURL.

The addition of the --tonSidecarURL flag enhances the flexibility of the command by allowing users to specify the URL for the TON sidecar service. The flag follows the naming convention and usage pattern consistent with other existing flags.

However, the default value "http://ton:8111" assumes a specific URL for the TON sidecar service, which may not be applicable in all environments. Consider using a more generic default value or an empty string to avoid making assumptions about the TON sidecar service URL.

-StringVar(&initConf.RPCs.TONSidecarURL, "tonSidecarURL", "http://ton:8111", "--tonSidecarURL http://ton:8111")
+StringVar(&initConf.RPCs.TONSidecarURL, "tonSidecarURL", "", "--tonSidecarURL <url>")

e2e/runner/ton/accounts_test.go (2)

13-53: LGTM with minor suggestions!

The test is well-structured and follows the Arrange-Act-Assert pattern. It effectively tests the building of a gateway deployment payload by comparing the generated state string with an expected value.

Consider the following suggestions to improve readability:

1. Use more descriptive variable names, such as gatewayCodeCell and gatewayStateCell, instead of codeCell and stateCell.
2. Add comments to explain the purpose of each section of the test (Arrange, Act, Assert) and the significance of the expected state value.

Tools

Gitleaks

16-16: Detected a Generic API Key, potentially exposing access to various services and sensitive operations.

(generic-api-key)

---

55-66: LGTM with a suggestion to add more assertions!

The test is correctly structured and follows the Arrange-Act-Assert pattern. It effectively tests the construction of a wallet from a random seed by asserting that the returned values are not nil and that there are no errors.

Consider adding more assertions to verify the correctness of the constructed wallet, such as:

1. Checking the wallet address against an expected format or prefix.
2. Checking the initial balance of the wallet (should be zero).
3. Checking the public key of the wallet against the derived public key from the seed.

These additional assertions will provide more confidence in the correctness of the wallet construction process.

e2e/runner/ton/clients.go (2)

80-98: Consider extracting error handling logic.

The GetFaucet function is correctly implemented, retrieving the faucet information from the TON sidecar service. However, the error handling logic could be extracted into a separate function to improve readability and reusability.

Here's an example of how the error handling logic can be extracted:

func (c *SidecarClient) GetFaucet(ctx context.Context) (Faucet, error) {
    resp, err := c.get(ctx, "faucet.json")
    if err != nil {
        return Faucet{}, err
    }
    defer resp.Body.Close()

    if err := checkResponseStatus(resp); err != nil {
        return Faucet{}, err
    }

    var faucet Faucet
    if err := json.NewDecoder(resp.Body).Decode(&faucet); err != nil {
        return Faucet{}, err
    }

    return faucet, nil
}

func checkResponseStatus(resp *http.Response) error {
    if resp.StatusCode != http.StatusOK {
        return fmt.Errorf("unexpected response status: %d", resp.StatusCode)
    }
    return nil
}

---

101-121: Consider extracting response body reading logic.

The Status function is correctly implemented, checking the health status of the TON node by making an HTTP GET request to the /status endpoint. However, the response body reading logic could be extracted into a separate function to improve readability and reusability.

Here's an example of how the response body reading logic can be extracted:

func (c *SidecarClient) Status(ctx context.Context) error {
    resp, err := c.get(ctx, "status")
    if err != nil {
        return err
    }
    defer resp.Body.Close()

    body, err := readResponseBody(resp)
    if err != nil {
        return err
    }

    if resp.StatusCode != http.StatusOK {
        return errors.Wrapf(ErrNotHealthy, "status %d. %s", resp.StatusCode, string(body))
    }

    return nil
}

func readResponseBody(resp *http.Response) ([]byte, error) {
    body, err := io.ReadAll(resp.Body)
    if err != nil {
        return nil, fmt.Errorf("failed to read response body: %w", err)
    }
    return body, nil
}

cmd/zetae2e/config/clients.go (1)

127-140: Approve with a minor suggestion.

The getTONClient function is well-implemented. It correctly retrieves the TON configuration from the specified URL using the tonconfig.ConfigFromURL function and creates a new TON client using the retrieved configuration. The use of a retry mechanism ensures robustness in handling potential delays in the sidecar bootstrapping process.

One minor suggestion:

Consider updating the error message to provide more context about the failure:

-return nil, fmt.Errorf("failed to get ton config: %w", err)
+return nil, fmt.Errorf("failed to retrieve TON configuration from %s: %w", configURL, err)

This will help in identifying the specific URL that caused the failure when debugging.

e2e/runner/ton/deployer.go (1)

170-187: LGTM, but consider making the function more flexible.

The waitForAccountActivation function is correctly implemented and there are no issues. However, the function uses a fixed number of attempts and interval, which may not be sufficient in some cases.

Consider using configuration values for the number of attempts and interval to make the function more flexible. For example:

func (d *Deployer) waitForAccountActivation(ctx context.Context, account ton.AccountID, maxAttempts int, interval time.Duration) error {
	for i := 0; i < maxAttempts; i++ {
		state, err := d.blockchain.GetAccountState(ctx, account)
		if err != nil {
			return err
		}

		if state.Account.Status() == tlb.AccountActive {
			return nil
		}

		time.Sleep(interval)
	}

	return fmt.Errorf("account %s is not active", account.ToRaw())
}

e2e/runner/runner.go (1)

21-21: Carefully evaluate the security and reliability of the external package.

The import statement for the github.com/tonkeeper/tongo/ton package is correctly formatted and follows Go's import conventions. However, since this package is imported from an external repository, it's crucial to carefully evaluate its security and reliability before integrating it into the codebase.

Review details

Configuration used: .coderabbit.yaml
Review profile: CHILL

Commits

Files that changed from the base of the PR and between 1929ff6 and bfc40da.

Files ignored due to path filters (1)

• go.sum is excluded by !**/*.sum

Files selected for processing (29)

• .github/workflows/e2e.yml (5 hunks)
• Makefile (1 hunks)
• changelog.md (1 hunks)
• cmd/zetae2e/config/clients.go (3 hunks)
• cmd/zetae2e/config/local.yml (2 hunks)
• cmd/zetae2e/config/localnet.yml (1 hunks)
• cmd/zetae2e/init.go (1 hunks)
• cmd/zetae2e/local/local.go (4 hunks)
• cmd/zetae2e/local/ton.go (1 hunks)
• contrib/localnet/docker-compose.yml (9 hunks)
• contrib/localnet/orchestrator/Dockerfile.fastbuild (1 hunks)
• contrib/localnet/orchestrator/start-zetae2e.sh (1 hunks)
• contrib/localnet/scripts/wait-for-ton.sh (1 hunks)
• e2e/config/config.go (1 hunks)
• e2e/e2etests/e2etests.go (2 hunks)
• e2e/e2etests/test_ton_deposit.go (1 hunks)
• e2e/runner/clients.go (2 hunks)
• e2e/runner/logger.go (1 hunks)
• e2e/runner/runner.go (3 hunks)
• e2e/runner/setup_ton.go (1 hunks)
• e2e/runner/ton/accounts.go (1 hunks)
• e2e/runner/ton/accounts_test.go (1 hunks)
• e2e/runner/ton/clients.go (1 hunks)
• e2e/runner/ton/coin.go (1 hunks)
• e2e/runner/ton/deployer.go (1 hunks)
• e2e/runner/ton/gateway.compiled.json (1 hunks)
• go.mod (1 hunks)
• zetaclient/chains/ton/config.go (1 hunks)
• zetaclient/chains/ton/observer/observer_test.go (1 hunks)

Files skipped from review due to trivial changes (1)

• zetaclient/chains/ton/observer/observer_test.go

Additional context used

Path-based instructions (19)

e2e/runner/clients.go (1)

Pattern **/*.go: Review the Go code, point out issues relative to principles of clean code, expressiveness, and performance.

e2e/runner/ton/coin.go (1)

Pattern **/*.go: Review the Go code, point out issues relative to principles of clean code, expressiveness, and performance.

zetaclient/chains/ton/config.go (1)

Pattern **/*.go: Review the Go code, point out issues relative to principles of clean code, expressiveness, and performance.

contrib/localnet/scripts/wait-for-ton.sh (1)

Pattern **/*.sh: Review the shell scripts, point out issues relative to security, performance, and maintainability.

e2e/e2etests/test_ton_deposit.go (1)

Pattern **/*.go: Review the Go code, point out issues relative to principles of clean code, expressiveness, and performance.

cmd/zetae2e/local/ton.go (1)

Pattern **/*.go: Review the Go code, point out issues relative to principles of clean code, expressiveness, and performance.

cmd/zetae2e/init.go (1)

Pattern **/*.go: Review the Go code, point out issues relative to principles of clean code, expressiveness, and performance.

e2e/runner/setup_ton.go (1)

Pattern **/*.go: Review the Go code, point out issues relative to principles of clean code, expressiveness, and performance.

e2e/runner/ton/accounts_test.go (1)

Pattern **/*.go: Review the Go code, point out issues relative to principles of clean code, expressiveness, and performance.

e2e/runner/ton/clients.go (1)

Pattern **/*.go: Review the Go code, point out issues relative to principles of clean code, expressiveness, and performance.

cmd/zetae2e/config/clients.go (1)

Pattern **/*.go: Review the Go code, point out issues relative to principles of clean code, expressiveness, and performance.

e2e/runner/ton/deployer.go (1)

Pattern **/*.go: Review the Go code, point out issues relative to principles of clean code, expressiveness, and performance.

e2e/runner/ton/accounts.go (1)

Pattern **/*.go: Review the Go code, point out issues relative to principles of clean code, expressiveness, and performance.

e2e/runner/logger.go (1)

Pattern **/*.go: Review the Go code, point out issues relative to principles of clean code, expressiveness, and performance.

contrib/localnet/orchestrator/start-zetae2e.sh (1)

Pattern **/*.sh: Review the shell scripts, point out issues relative to security, performance, and maintainability.

e2e/config/config.go (1)

Pattern **/*.go: Review the Go code, point out issues relative to principles of clean code, expressiveness, and performance.

e2e/runner/runner.go (1)

Pattern **/*.go: Review the Go code, point out issues relative to principles of clean code, expressiveness, and performance.

cmd/zetae2e/local/local.go (1)

Pattern **/*.go: Review the Go code, point out issues relative to principles of clean code, expressiveness, and performance.

e2e/e2etests/e2etests.go (1)

Pattern **/*.go: Review the Go code, point out issues relative to principles of clean code, expressiveness, and performance.

GitHub Check: codecov/patch

zetaclient/chains/ton/config.go

[warning] 17-18: zetaclient/chains/ton/config.go#L17-L18
Added lines #L17 - L18 were not covered by tests

---

[warning] 20-21: zetaclient/chains/ton/config.go#L20-L21
Added lines #L20 - L21 were not covered by tests

---

[warning] 23-25: zetaclient/chains/ton/config.go#L23-L25
Added lines #L23 - L25 were not covered by tests

---

[warning] 28-30: zetaclient/chains/ton/config.go#L28-L30
Added lines #L28 - L30 were not covered by tests

---

[warning] 33-33: zetaclient/chains/ton/config.go#L33
Added line #L33 was not covered by tests

---

[warning] 35-36: zetaclient/chains/ton/config.go#L35-L36
Added lines #L35 - L36 were not covered by tests

---

[warning] 39-39: zetaclient/chains/ton/config.go#L39
Added line #L39 was not covered by tests

Gitleaks

e2e/runner/ton/accounts_test.go

16-16: Detected a Generic API Key, potentially exposing access to various services and sensitive operations.

(generic-api-key)

cmd/zetae2e/config/local.yml

5-5: Detected a Generic API Key, potentially exposing access to various services and sensitive operations.

(generic-api-key)

---

10-10: Detected a Generic API Key, potentially exposing access to various services and sensitive operations.

(generic-api-key)

---

14-14: Detected a Generic API Key, potentially exposing access to various services and sensitive operations.

(generic-api-key)

---

18-18: Detected a Generic API Key, potentially exposing access to various services and sensitive operations.

(generic-api-key)

---

22-22: Detected a Generic API Key, potentially exposing access to various services and sensitive operations.

(generic-api-key)

---

26-26: Detected a Generic API Key, potentially exposing access to various services and sensitive operations.

(generic-api-key)

---

27-27: Detected a Generic API Key, potentially exposing access to various services and sensitive operations.

(generic-api-key)

---

31-31: Detected a Generic API Key, potentially exposing access to various services and sensitive operations.

(generic-api-key)

---

35-35: Detected a Generic API Key, potentially exposing access to various services and sensitive operations.

(generic-api-key)

---

39-39: Detected a Generic API Key, potentially exposing access to various services and sensitive operations.

(generic-api-key)

---

43-43: Detected a Generic API Key, potentially exposing access to various services and sensitive operations.

(generic-api-key)

---

47-47: Detected a Generic API Key, potentially exposing access to various services and sensitive operations.

(generic-api-key)

---

51-51: Detected a Generic API Key, potentially exposing access to various services and sensitive operations.

(generic-api-key)

---

55-55: Detected a Generic API Key, potentially exposing access to various services and sensitive operations.

(generic-api-key)

---

59-59: Detected a Generic API Key, potentially exposing access to various services and sensitive operations.

(generic-api-key)

---

63-63: Detected a Generic API Key, potentially exposing access to various services and sensitive operations.

(generic-api-key)

---

68-68: Detected a Generic API Key, potentially exposing access to various services and sensitive operations.

(generic-api-key)

---

72-72: Detected a Generic API Key, potentially exposing access to various services and sensitive operations.

(generic-api-key)

---

76-76: Detected a Generic API Key, potentially exposing access to various services and sensitive operations.

(generic-api-key)

---

80-80: Detected a Generic API Key, potentially exposing access to various services and sensitive operations.

(generic-api-key)

---

82-82: Detected a Generic API Key, potentially exposing access to various services and sensitive operations.

(generic-api-key)

Additional comments not posted (56)

e2e/runner/clients.go (2)

9-9: LGTM!

The import statement follows the standard Go convention and the alias is clear and concise.

---

22-22: Excellent addition!

The new TON field in the Clients struct follows the existing naming convention and type pattern. This change effectively expands the multi-chain capabilities of the codebase, aligning with the PR objectives. Well done!

e2e/runner/ton/coin.go (3)

13-18: LGTM!

The TONCoins function is well-implemented, following best practices such as:

• Using a constant for the conversion factor, improving readability and maintainability.
• Providing clear documentation explaining the conversion and the use of the TON abbreviation.
• Adhering to the single responsibility principle by focusing on a specific task.
• Following the Go naming convention for the function name.

The implementation is correct and the function is expressive and clean.

---

20-22: LGTM!

The UintToCoins function is a simple and clean type conversion from math.Uint to tlb.Coins. The implementation is correct and the function name is expressive, following the Go naming convention. The function adheres to the single responsibility principle, making it focused and maintainable.

---

24-27: LGTM!

The FormatCoins function is a clean and straightforward implementation for formatting a math.Uint value into a human-friendly string representation of coins. The use of the utils.HumanFriendlyCoinsRepr function is appropriate for the formatting task. The function name is expressive and follows the Go naming convention. The function is small and focused on a single responsibility, adhering to the principles of clean code.

The comment about the type conversion being safe is helpful for code reviewers and maintainers, providing assurance about the correctness of the operation.

contrib/localnet/scripts/wait-for-ton.sh (2)

3-4: LGTM!

The variable names are descriptive and the values are reasonable. Defining the variables as constants is a good practice.

---

35-36: LGTM!

The error message is clear and informative. Exiting with a failure status is a good practice for indicating that the script failed.

e2e/runner/setup_ton.go (1)

12-61: LGTM!

The SetupTON function is well-structured, follows a clear sequence of steps, and has consistent error handling. The function uses the ton package to interact with the TON blockchain and uses the ctx variable to pass the context to the TON client functions. The function also logs important information using the r.Logger.

e2e/runner/ton/accounts_test.go (1)

16-16: False positive: The sample TSS private key is not a generic API key.

The static analysis tool flagged the sample TSS private key as a potential generic API key. However, this is a false positive because:

1. The key is used for testing purposes only and not for accessing any external services.
2. The key is hard-coded in the test and not stored in a configuration file or environment variable.
3. The test is located in a dedicated testing package, indicating that it's not part of the production code.

Therefore, it's safe to ignore this warning.

Tools

Gitleaks

16-16: Detected a Generic API Key, potentially exposing access to various services and sensitive operations.

(generic-api-key)

e2e/runner/ton/gateway.compiled.json (1)

1-5: Skipping review of the compiled JSON file.

This file appears to be a compiled JSON configuration for a TON gateway, containing a hash and a hex string representing compiled smart contract code or a cryptographic signature.

Compiled files are typically not reviewed as they are generated artifacts. Without more context about the TON architecture and the specific purpose of this file, it is difficult to provide meaningful review comments.

If this file was included in the PR by mistake, consider removing it from the changeset. If it is required, ensure that the source files used to generate this compiled JSON are also included in the PR for review.

e2e/runner/ton/clients.go (5)

15-18: LGTM!

The Client struct is correctly defined, embedding the necessary clients for interacting with the TON blockchain.

---

47-50: LGTM!

The SidecarClient struct is correctly defined, encapsulating the necessary fields for interacting with the TON sidecar service.

---

54-57: LGTM!

The NewSidecarClient function is correctly implemented, creating a new instance of SidecarClient with the provided base URL and a configured HTTP client.

---

75-77: LGTM!

The LiteServerURL function is correctly implemented, returning the URL to the lite server configuration by appending the path to the base URL.

---

123-132: LGTM!

The get function is correctly implemented, creating a new HTTP GET request with the provided context and sending it using the HTTP client.

cmd/zetae2e/config/clients.go (1)

Line range hint 24-74: LGTM!

The changes to the getClientsFromConfig function look good. The function correctly initializes the TON client using the getTONClient function if the TONSidecarURL is provided in the configuration. It also follows a consistent error handling pattern and includes the TON client in the returned runner.Clients structure.

cmd/zetae2e/config/localnet.yml (1)

94-94: LGTM!

The addition of the ton_sidecar_url configuration is a positive change that enables integration with the TON sidecar service. The URL http://ton:8000 correctly points to the sidecar service running in the ton container on port 8000.

This configuration will allow the system to communicate with the TON blockchain or utilize TON-related services provided by the sidecar. It enhances the functionality and expands the capabilities of the application to support interactions with the TON network.

e2e/runner/ton/deployer.go (8)

29-52: LGTM!

The NewDeployer constructor function is well-implemented with appropriate validation checks and error handling. The use of errors.Wrap to provide additional context to the errors is a good practice.

---

54-56: LGTM!

The Seqno function is correctly implemented and there are no issues.

---

59-72: LGTM!

The GetBalanceOf function is well-implemented with appropriate error handling and the use of errors.Wrap to provide additional context to the errors. Waiting for the account to be activated before retrieving the balance is a good practice.

---

75-82: LGTM!

The Fund function is correctly implemented and there are no issues. Using the send method to send the transaction is a good practice as it handles waiting for confirmation and other necessary steps.

---

85-99: LGTM!

The Deploy function is well-implemented with no issues. Using the send method to send the transaction and waiting for the account to be activated after deploying it are good practices.

---

101-124: LGTM!

The CreateWallet function is well-implemented with appropriate error handling and the use of errors.Wrap to provide additional context to the errors. Double-checking the balance of the created wallet to ensure that it is not zero is a good practice.

---

126-151: LGTM!

The send function is well-implemented with appropriate error handling and the use of errors.Wrap to provide additional context to the errors. Waiting for the next sequence number to ensure that the message is confirmed and waiting for blocks if the waitForBlocks flag is set are good practices.

---

1-28: LGTM!

The type definitions and interface declarations in the file are well-organized and follow Go best practices. The code is correctly implemented and there are no issues.

cmd/zetae2e/config/local.yml (3)

1-5: LGTM!

The changes to the zeta_chain_id and default_account section look good. Enclosing the bech32_address in quotes is a minor change for consistency and does not affect the functionality.

Tools

Gitleaks

5-5: Detected a Generic API Key, potentially exposing access to various services and sensitive operations.

(generic-api-key)

---

95-96: LGTM!

The changes to the RPC configurations look good:

1. Modifying the Solana RPC endpoint to point to "http://localhost:8899" suggests a change to use a local instance instead of a named service, which is suitable for local development and testing.
2. Adding the ton_sidecar_url entry pointing to "http://localhost:8111" indicates the integration of a TON sidecar service running on a local instance, which aligns with the project's requirements.

These changes improve the local development and testing environment and do not raise any concerns.

---

Line range hint 97-120: Skipped review.

The contracts section remains unchanged, so no review comments are necessary.

e2e/runner/ton/accounts.go (9)

34-41: LGTM!

The function is well-structured and follows the principle of separation of concerns by delegating the wallet construction to ConstructWalletFromPrivateKey. The error handling is also appropriate.

---

99-113: LGTM!

The function is well-structured and follows the principle of separation of concerns by delegating the state init generation and address generation to separate functions. The error handling is also appropriate.

---

115-127: LGTM!

The function is well-structured and follows the principle of separation of concerns by delegating the retrieval of gateway code and building of gateway data to separate functions. The error handling is also appropriate.

---

129-148: LGTM!

The function is well-structured and handles the retrieval of the gateway code from the embedded JSON correctly. The error handling is also appropriate.

---

151-178: LGTM!

The function is well-structured and handles the building of the gateway data cell correctly. The error handling is also appropriate.

---

180-188: LGTM!

The errCollect function is a useful utility for handling multiple errors. It provides a clean way to collect and return the first encountered error, along with the index at which it occurred.

---

191-202: LGTM!

The generateStateInit function correctly generates a tlb.StateInit struct using the provided code and data cells. The usage of tlb.Maybe and tlb.Ref types is appropriate.

---

205-220: LGTM!

The generateAddress function correctly generates a ton.AccountID struct using the provided workchain ID and the hash of the marshaled state init. The error handling is also appropriate.

---

1-220: Overall, the file is well-structured and follows clean code principles.

The functions in this file are correctly implemented and handle the construction and generation of TON accounts and wallets effectively. The code is modular, readable, and maintains appropriate error handling.

Great job on the implementation!

e2e/runner/logger.go (1)

74-88: Excellent improvements to the Info method!

The changes made to the Info method enhance its clarity, performance, and alignment with modern Go practices:

1. Updating the variadic parameter type from ...interface{} to ...any improves readability and leverages the any alias introduced in Go 1.18.
2. The early return when verbose is false optimizes performance by avoiding unnecessary locking and message formatting.
3. Streamlining the message formatting logic by unconditionally constructing the formatted log line and performing the logging operation directly simplifies the code and improves readability.

Overall, these updates demonstrate a strong understanding of Go best practices and a focus on writing clean, efficient, and maintainable code.

contrib/localnet/docker-compose.yml (1)

244-258: LGTM! The ton service has been properly configured.

The addition of the ton service to the Docker Compose configuration is a crucial step in integrating the TON blockchain into the localnet environment. The service configuration includes all the necessary components, such as the image, container name, hostname, ports, environment variables, and network settings.

By assigning a specific IPv4 address within the mynetwork, the ton service can effectively communicate with other services while maintaining proper isolation. This setup ensures a clean and organized localnet environment for testing and development purposes.

Overall, the configuration of the ton service aligns with the best practices and follows a consistent structure with the other services in the file.

.github/workflows/e2e.yml (5)

40-40: LGTM!

The addition of the TON_TESTS output variable is consistent with the other output variables and is necessary to conditionally run the TON tests.

---

66-66: LGTM!

Setting the TON_TESTS output variable based on the presence of the TON_TESTS label is consistent with the conditional logic for other test categories.

---

94-94: LGTM!

Setting the TON_TESTS output variable to true for scheduled runs ensures that the TON tests are executed as part of the regular testing schedule.

---

108-108: LGTM!

Setting the TON_TESTS output variable based on the presence of the ton-test target in the make-targets input allows for manually triggering the TON tests.

---

149-151: LGTM!

The addition of the job step for running the start-ton-test target is consistent with the other test categories and ensures that the TON tests are executed when the necessary conditions are met.

e2e/config/config.go (1)

94-100: LGTM!

The addition of the TONSidecarURL field to the RPCs struct is well-implemented and consistent with the existing code. The field name, type, and YAML tag are appropriate and follow the established conventions.

e2e/runner/runner.go (1)

75-76: LGTM!

The addition of the TONDeployer and TONGateway fields to the E2ERunner struct is a clear indication of the integration of TON blockchain functionality into the runner. The field names are descriptive and follow Go's naming conventions, making their purpose evident. The types chosen for these fields (*tonrunner.Deployer and ton.AccountID) seem appropriate based on their names and the context of interacting with the TON blockchain. The fields are also correctly aligned with the existing struct fields, maintaining a consistent style. Overall, these changes look good and are approved.

Makefile (1)

283-286: LGTM!

The new start-ton-test target in the Makefile is implemented correctly and aligns with the PR objectives. It enhances the functionality by allowing users to initiate a TON test environment alongside the existing test functionality.

cmd/zetae2e/local/local.go (3)

37-37: LGTM!

The addition of the flagTestTON constant follows the naming convention and is consistent with other test flags.

---

73-73: LGTM!

The flagTestTON flag is correctly integrated into the NewLocalCmd function using cmd.Flags().Bool(), and the flag description is clear and consistent with other test flags.

---

103-103: LGTM!

The handling of the testTON flag in the localE2ETest function is correct:

• The flag value is correctly retrieved using must(cmd.Flags().GetBool(flagTestTON)).
• The if testTON { ... } block is correctly placed among other test flags.
• The block correctly checks if the TON client is initialized and logs an error message if not.
• The tonTests slice is defined with the appropriate test names.
• The tonTestRoutine is correctly started using eg.Go().

Also applies to: 385-396

go.mod (3)

339-339: Verify the necessity and security of adding the github.com/oasisprotocol/curve25519-voi dependency.

Please ensure that:

1. This dependency is absolutely necessary for the project's requirements and there are no existing libraries in the project that can fulfill the same purpose.
2. The library is actively maintained, has a good track record, and has undergone security audits to ensure its robustness.

Adding new cryptographic dependencies increases the attack surface and complexity of the project, so it's crucial to carefully evaluate the impact before proceeding.

---

340-340: Justify the necessity of adding the github.com/snksoft/crc dependency.

The Go standard library already provides a hash/crc32 package for CRC-32 calculations. Please verify if there are specific requirements that justify the addition of this external CRC package, such as:

1. Support for other CRC variants besides CRC-32.
2. Specific performance requirements that the standard library package does not meet.

If the existing standard library package suffices, consider removing this external dependency to keep the project lean and maintainable.

---

341-341: Verify the suitability and maturity of the github.com/tonkeeper/tongo dependency.

Given that this dependency is crucial for integrating TON blockchain capabilities into the project, please ensure the following:

1. The library provides all the necessary functionalities and APIs required for the project's TON integration requirements.
2. The chosen version (v1.9.3) is stable, mature, and compatible with the project's Go version and other dependencies.
3. The library has good documentation, usage examples, and an active community for support and maintenance.

Careful evaluation of the library's maturity and compatibility is essential to ensure a smooth integration and maintainable codebase.

e2e/e2etests/e2etests.go (2)

56-67: LGTM!

The addition of the comment block for the Solana test section improves code organization and readability by clearly delineating the Solana-related tests. The comment style is consistent with the existing codebase.

---

432-442: LGTM!

The addition of the TestTONDepositName test case for TON deposits is well-structured and follows the established patterns in the codebase. The test case definition includes a clear description, appropriate argument definition, and is associated with the TestTONDeposit function. The code organization is maintained by placing the test case under the "TON tests" comment block.

changelog.md (1)

39-39: LGTM!

The changelog entry concisely captures the addition of the e2e framework for the TON blockchain. This is a valuable enhancement to the project's testing infrastructure.

[lumtis]

Test passing locally

[gartnera]

CI stamp