Skip to content

Add Full Horizon (V2) TAP Receipt Verifier Support #825

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Draft
wants to merge 30 commits into
base: main
Choose a base branch
from
Draft

Add Full Horizon (V2) TAP Receipt Verifier Support #825

wants to merge 30 commits into from

Conversation

neithanmo
Copy link
Collaborator

Summary

This PR implements comprehensive support for Horizon (V2) TAP receipts by adding dual domain separator configuration and proper V2 verifier address handling across all services. This completes the foundation for full Horizon migration support in the indexer-rs ecosystem.

Changes Made

Configuration Updates

  • Added receipts_verifier_address_v2 field to BlockchainConfig for separate V2 contract addresses
  • Updated configuration examples (minimal and maximal) with documentation for the new V2 verifier field
  • Enhanced contrib scripts to extract and use both V1 (TAPVerifier) and V2 (GraphTallyCollector) addresses from horizon.json

Service Updates

  • Updated indexer-service to use correct V2 verifier address for domain separator creation
  • Updated tap-agent to use correct V2 verifier address for global domain separators
  • Added invariant validation: When horizon.enabled = true, receipts_verifier_address_v2 must be explicitly configured (fails fast with clear error)
  • Graceful fallback: When horizon.enabled = false, V2 operations fall back to V1 verifier address if V2 isn't specified

Infrastructure Updates

  • Updated integration test setup to support direct RAV testing workflows

Key Behavioral Changes

Horizon Configuration Invariants

  1. When horizon.enabled = true: Both services require explicit V2 verifier configuration and will fail fast with:

    receipts_verifier_address_v2 is required when Horizon is enabled

  2. When horizon.enabled = false: Both services gracefully fall back to V1 addresses for V2 domains

Domain Separator Logic

  • V1 domains: Always use receipts_verifier_address
  • V2 domains:
    • If Horizon enabled: Use receipts_verifier_address_v2 (required)
    • If Horizon disabled: Use receipts_verifier_address_v2 or fallback to receipts_verifier_address

Configuration Example

[blockchain]
chain_id = 1337
# V1 TAP verifier contract address
receipts_verifier_address = "0x1111111111111111111111111111111111111111"
# V2 (Horizon) verifier contract address - required when horizon.enabled = true
receipts_verifier_address_v2 = "0x2222222222222222222222222222222222222222"

[horizon]
# Enable Horizon migration support
enabled = true

Impact

This change resolves the "No sender found for signer" errors that occurred when V2 receipts were validated against incorrect verifier contracts. The dual domain approach ensures:

  • Correct cryptographic validation for both V1 and V2 receipt formats
  • Smooth migration path from legacy V1 to Horizon V2
  • Clear error reporting when configuration is incomplete
  • Backward compatibility for existing V1-only deployments

Testing

  • Configuration validation works correctly
  • Services fail fast when Horizon is enabled without V2 verifier
  • Services fall back gracefully when Horizon is disabled
  • Integration tests pass with dual domain support

@neithanmo
test: add database checker to inspect receipts, values and ravs for V…
fff42bc 
…1 and V2
@neithanmo
feat(monitor): add escrow accounts utility methods
eaa69fc
@neithanmo
fix(tap-agent): fix allocation type mapping based on horizon detection
fc43d5c 
Fix the TODO comment about mapping allocation types - now properly
detects Horizon contracts and maps allocations accordingly instead
of always using Legacy type
@neithanmo
fix(tap-agent): fix signer address encoding for receipt queries
c6e315c
@neithanmo
chore(tap-agent): impprove RAV request error messages with database-t…
d6b43a6 
…able context

Enhance RAV request error messages to indicate which receipt table
(V1/Legacy vs V2/Horizon) was queried, helping with Horizon migration debugging
@neithanmo
test(tracker): improve logging for testing and debugging
b8fd349
@neithanmo
feat: add comprehensive logging for escrow accounts and allocation tr…
64cbc12 
…acking

Add comprehensive debug and info logging throughout the allocation and escrow
account systems to improve troubleshooting of receipt processing, RAV generation, and
Horizon migration issues.
@neithanmo
test: optimize TAP configuration for development testing
8fe114b 
  - Reduce timestamp buffer from 1000s to 30s for faster RAV generation
  - Add trigger_value_divisor configuration for fine-tuned receipt batching
  - Set max_receipt_value_grt to 0.001 for controlled testing
  - Update tap-aggregator endpoint port configuration
@neithanmo neithanmo marked this pull request as draft August 22, 2025 14:40
neithanmo added 20 commits August 22, 2025 09:46
@neithanmo
build: update tap_core and tap_aggregator deps
1e129b8
@neithanmo
feat(tap): add V2 domain separator support across core components
57408a4 
  Add dual domain separator support for V1 (TAP) and V2 (GraphTally)
  protocols. This enables simultaneous processing of both legacy and
  Horizon receipt types with version-appropriate EIP712 domains
@neithanmo
feat(service): implement dual domain separator architecture
a6ca08e 
  Update service components to support both V1 and V2 domain separators
  simultaneously. Includes IndexerTapContext, ServiceRouter, and
  middleware updates for version-aware receipt processing.
@neithanmo
fix(tap): use correct domain separator for V2 receipt storage
3dd2ffe 
  Critical fix for V2 receipt processing failures. Store receipts using
  version-appropriate domain separators to ensure correct signer recovery
  and escrow account lookup. Resolves "signer not found in V2 escrow accounts" errors.
@neithanmo
feat(auth): add dual TAP receipt authorization middleware
1698952 
  Implement version-aware receipt authorization that routes V1 and V2
  receipts to appropriate TAP managers. Includes new dual_tap_receipt_authorize
  function for simultaneous protocol support.
@neithanmo
feat(middleware): add V2 domain separator to sender middleware
0dc1bdf 
  Update sender middleware to use version-appropriate domain separators
  for signer recovery. V1 receipts use legacy domain, V2 receipts use
  Horizon domain for correct escrow account lookups.
@neithanmo
feat(tap-agent): integrate V2 domain separator throughout agent
ff20784 
  Add V2 domain separator support to sender account management, allocation
  handling, and receipt processing. Maintains single allocation type invariant
  while enabling version-appropriate domain usage.
@neithanmo
test: update TAP validation checks for dual domain support
859072f 
  Update receipt validation checks and test infrastructure to support
  dual domain separators. Ensures proper EIP712 domain usage for
  both V1 and V2 receipt types in testing scenarios.
@neithanmo
test: add dual domain support to integration and service tests
1f4146c 
  Update integration tests, TAP agent tests, and service router tests
  to support V1/V2 dual domain architecture. Ensures comprehensive
  testing coverage for both protocol versions.
@neithanmo
test: fix struct name in escrow regex
a882819
@neithanmo
test: add database handler to check for new receipts, RAV
a48574d
@neithanmo
test: add a new horizon tests
3d777f5
@neithanmo
feat(config): add receipts_verifier_address_v2 configuration field
c9430e4 
  - Add optional receipts_verifier_address_v2 to BlockchainConfig
  - Update configuration examples with V2 verifier documentation
  - Prepare infrastructure for dual domain separator support
@neithanmo
feat(config): implement fail-safe dual domain separators for V2 receipts
be865d6 
  - Update indexer-service and tap-agent to use correct V2 verifier addresses
  - Add strict validation: V2 address required when horizon.enabled=true
  - Implement graceful fallback when Horizon is disabled
@neithanmo
refactor(config): remove no-longer used configuration files
5e7e0c1
@neithanmo
refactor(docker): remove static config files and use dynamic generation
1d27b05 
  - Remove static config.toml files from indexer-service and tap-agent
  - Update Dockerfiles to rely on start.sh for dynamic config generation
  - Clean up docker-compose.dev.yml by removing commented static config mounts
  - Ensure consistent contract file mounting across all Docker configurations
@neithanmo
fix: cargo fmt
01622a4
@neithanmo
fix(clippy): fix unused function and other clippy warnings
e6aeb9a
@neithanmo
ci: add missing license
ff0b52e
@neithanmo
test: update error snapshot
f3b0f7d
@github-actions GitHub Actions
Copy link
Contributor

github-actions bot commented Aug 22, 2025
edited
Loading

Pull Request Test Coverage Report for Build 17218027720

Warning: This coverage report may be inaccurate.

This pull request's base commit is no longer the HEAD commit of its target branch. This means it includes changes from outside the original pull request, including, potentially, unrelated coverage changes.

Details

  • 420 of 2143 (19.6%) changed or added relevant lines in 28 files are covered.
  • 13 unchanged lines in 7 files lost coverage.
  • Overall coverage decreased (-6.5%) to 69.418%
Changes Missing Coverage Covered Lines Changed/Added Lines %
crates/service/src/middleware/sender.rs 2 3 66.67%
crates/tap-agent/src/agent/sender_account.rs 100 102 98.04%
crates/tap-agent/src/agent/sender_allocation.rs 10 12 83.33%
crates/tap-agent/src/tracker/sender_fee_stats.rs 13 15 86.67%
crates/tap-agent/src/tracker/generic_tracker.rs 31 34 91.18%
integration-tests/src/signature_test.rs 0 4 0.0%
crates/monitor/src/allocations.rs 0 7 0.0%
integration-tests/src/main.rs 0 7 0.0%
crates/service/src/middleware/auth/tap.rs 51 60 85.0%
crates/tap-agent/src/agent.rs 0 13 0.0%
Files with Coverage Reduction New Missed Lines %
crates/monitor/src/allocations.rs 1 0.0%
crates/tap-agent/src/agent/sender_allocation.rs 1 81.68%
integration-tests/src/signature_test.rs 1 0.0%
crates/tap-agent/src/agent.rs 2 0.0%
crates/tap-agent/src/agent/sender_account.rs 2 91.96%
integration-tests/src/utils.rs 2 0.0%
crates/tap-agent/src/agent/sender_accounts_manager.rs 4 87.32%
Totals Coverage Status
Change from base Build 17041594178: -6.5%
Covered Lines: 12832
Relevant Lines: 18485
💛 - Coveralls

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
1 participant
@neithanmo