bittensor-core e2es#2850
Conversation
|
The latest updates on your projects. Learn more about Vercel for GitHub.
|
🛡️ AI Review — Skeptic (security review)VERDICT: SAFE VERY HIGH scrutiny: 10-day-old account with no public repos; repository write access mitigates risk, no Gittensor association was found, and one commit uses a second similarly named identity. Branch: bittensor-core-e2es → bittensor-core-exploration. Static analysis found no runtime changes, suspicious dependency additions, trusted AI-review instruction modifications, or evidence of malicious intent. The signing paths now fail closed and bind signatures to the runtime metadata digest through FindingsNo findings. Prior-comment reconciliation
ConclusionThe previously reported metadata-signing vulnerability is fixed, and no new security vulnerability or malicious behavior was found. 📜 Previous run (superseded)
🔍 AI Review — Auditor (domain review)VERDICT: 👍 UNKNOWN gittensor association; very new contributor with repository write access, so the large SDK and CI surface received heightened scrutiny. The latest update correctly enables RFC-0078 metadata-hash signing using the runtime’s baked FindingsNo findings. ConclusionNo actionable correctness or domain issues were found. The PR remains ready for merge. |
|
🔄 AI review updated — Skeptic: VULNERABLE |
|
🔄 AI review updated — Skeptic: SAFE Auditor: 👍 |
|
🔄 AI review updated — Skeptic: SAFE Auditor: 👎 |
|
🔄 AI review updated — Skeptic: VULNERABLE |
|
🔄 AI review updated — Skeptic: SAFE Auditor: 👍 |
|
🔄 AI review updated — Skeptic: SAFE Auditor: 👍 |
|
🔄 AI review updated — Skeptic: SAFE Auditor: 👍 |
|
🔄 AI review updated — Skeptic: SAFE Auditor: 👍 |
|
🔄 AI review updated — Skeptic: SAFE Auditor: 👍 |
|
🔄 AI review updated — Skeptic: SAFE Auditor: 👍 |
|
🔄 AI review updated — Skeptic: SAFE Auditor: 👍 |
The stake-sdk shard still invoked pytest against sdk/python/tests/e2e/, which this branch deletes, so the job failed with "file or directory not found". Chain-facing SDK e2e coverage now lives in the Rust suite run by check-bittensor-e2e-tests.yml; the shard keeps the metadata drift gate.
|
🔄 AI review updated — Skeptic: VULNERABLE |
|
🔄 AI review updated — Skeptic: VULNERABLE |
|
🔄 AI review updated — Skeptic: VULNERABLE |
|
🔄 AI review updated — Skeptic: SAFE Auditor: 👍 |
Motivation
Provide native Rust chain access and transaction coverage for
bittensor-core, and migrate the chain-facing SDK end-to-end suite from Python to a metadata-driven Rust harness. This validates reads, transaction construction, policy enforcement, submission outcomes, and higher-level SDK behavior against the repository's fast-runtime localnet image.What changed
sdk/bittensor-core/src/client.rs, including metadata refresh, pinned reads, runtime API calls, storage queries, fee estimation, signed submission, reorg-safe receipt decoding, snapshots, block streaming, and MEV-shielded submission.sdk/bittensor-core/src/transaction.rs.sdk/bittensor-core/tests/..github/workflows/check-bittensor-e2e-tests.ymlto verify manifest completeness, compile the Rust E2E binary once, build the localnet image once, and execute every manifest case independently with one retry.Behavioral impact
The Rust SDK gains native chain access and policy-aware transaction execution APIs. Chain-facing SDK coverage now runs through the Rust suite, while the Python test tree remains offline-only. Runtime and pallet behavior are unchanged.
Migration and spec version
No storage migration is required. This PR does not modify runtime or pallet behavior, and its
bittensor-core-explorationbase has no network spec-version check, so nospec_versionbump is required.Testing
CI checks the Python binding against the updated shared error surface, compiles the Rust E2E target, verifies that all 113 manifest entries exactly match the compiled tests, and runs each case against the fast-runtime localnet image. Existing SDK offline checks and runtime metadata-drift checks continue to run when their corresponding inputs change.