Add vaultless field to OrderIOCfg with validation (Phase 1)

[findolor]

Dependent PRs

• Update version to 5 rain.strategies#75

Motivation

See issues:

• Vaultless Phase 1: Settings & Validation #2403
• Vaultless Orders (Direct Trading) - V6 Feature Implementation #2402

This PR implements Phase 1 of vaultless order support, adding the settings and validation layer. Vaultless orders allow users to place orders directly from their wallet without using the orderbook's vault system (vault_id = 0).

Solution

Core Changes

• Add vaultless: Option<bool> field to OrderIOCfg struct
• Add optional_bool helper function for YAML parsing (case-insensitive, accepts true/false/1/0)
• Implement validation rules:
  • vaultless: true → Uses vault_id = 0 (wallet)
  • vaultless: true + vault-id → Error: "Using vault-id is not allowed in vaultless mode"
  • vault-id: 0 → Error: "Invalid vault-id value. For vaultless mode use vaultless: true"
• Ensure random vault ID generation never produces zero

Refactoring

• Simplified get_sentry() to use optional_bool
• Use optional_bool for show-custom-field in GUI
• Removed unused sentry.rs module

Breaking Change

• Bumped spec version from 4 to 5

Checks

By submitting this for review, I'm confirming I've done the following:

• made this PR as small as possible
• unit-tested any new functionality
• linked any relevant issues or PRs
• included screenshots (if this involves a front-end change)

fix #2403

Summary by CodeRabbit

• New Features

  • Added vaultless mode for orders allowing inputs/outputs without vault IDs.

• Chores

  • Bumped configuration spec version 4 → 5.
  • Updated remote registry/settings URLs.
  • Removed deprecated Sentry integration from settings.

• Behavior / Validation

  • Stricter vault-id rules with vaultless-aware error messages and guaranteed non-zero generated vault IDs.
  • GUI settings parsing now recognizes boolean values for relevant fields.

• Tests

  • Updated and added tests/fixtures for vaultless scenarios, spec bump, and serialized state changes.

_{✏️ Tip: You can customize this high-level summary in your review settings.}

[coderabbitai]

Important

Review skipped

Auto reviews are disabled on base/target branches other than the default branch.

Please check the settings in the CodeRabbit UI or the .coderabbit.yaml file in this repository. To trigger a single review, invoke the @coderabbitai review command.

You can disable this status message by setting the reviews.review_status to false in the CodeRabbit configuration file.

Walkthrough

Adds vaultless support to order settings and parsing, enforces vault-id validation (disallow explicit zero and disallow vault-id when vaultless=true), updates AddOrderArgs to generate non-zero random vault IDs and treat vaultless as B256::ZERO, removes Sentry parsing, bumps spec version 4→5, and updates tests and remote URLs.

Changes

Cohort / File(s)	Summary
Vaultless settings & parsing crates/settings/src/order.rs, crates/settings/src/yaml/context.rs, crates/settings/src/yaml/dotrain.rs, crates/settings/src/yaml/mod.rs, crates/settings/src/yaml/orderbook.rs	Add pub vaultless: Option<bool> to OrderIOCfg; add optional_bool() helper; parse/propagate vaultless; validate that vault-id: 0 is invalid and that vault-id is forbidden when vaultless: true; add parse errors and tests.
Order construction & vault-id generation crates/common/src/add_order.rs	Replace random B256 generation with looped non-zero generation; enforce vaultless rules in AddOrderArgs::new_from_deployment; add error variants for zero/forbidden vault-ids; use computed vault_id for IOv2 mapping.
Spec version bump & test fixtures crates/settings/src/spec_version.rs, crates/common/src/fuzz/impls.rs, crates/common/src/test_helpers.rs, crates/js_api/src/..., packages/orderbook/test/..., packages/orderbook/README.md, packages/webapp/..., tauri-app/src/lib/services/loadRemoteSettings.ts, tauri-app/src-tauri/src/commands/order.rs	Bump CURRENT_SPEC_VERSION 4→5; update embedded YAML version strings, serialized test blobs, mocks, and related test expectations across crates/packages.
Sentry removal crates/settings/src/lib.rs, crates/settings/src/sentry.rs, crates/settings/src/yaml/orderbook.rs	Remove pub mod sentry export and delete Sentry YAML parsing implementation; remove related imports/usages.
GUI parsing tweak crates/settings/src/gui.rs	Parse show_custom_field via optional_bool() instead of optional_string().
Test harness & minor test edits crates/common/src/fuzz/impls.rs, crates/js_api/src/gui/state_management.rs, crates/js_api/src/registry.rs, packages/webapp/src/routes/deploy/.../fullDeployment.test.ts, various packages/orderbook/test/*	Update expected spec/version strings and serialized blobs; initialize vaultless in test inputs; adjust some test input event dispatching (use fireEvent.input).
Constants update packages/webapp/src/lib/constants.ts, tauri-app/src/lib/services/loadRemoteSettings.ts	Update REGISTRY_URL and REMOTE_SETTINGS_URL to point at a different rain.strategies commit (new raw GitHub URLs).

Sequence Diagram(s)

sequenceDiagram
  participant YAML as YAML parser (settings)
  participant Validator as Order config validator
  participant AddOrder as AddOrderArgs constructor
  participant RNG as RNG (vault id generator)

  YAML->>Validator: parse OrderIOCfg (vault_id?, vaultless?)
  Validator->>Validator: enforce rules:
  Note right of Validator: - if vaultless==true && vault_id provided => error\n- if vault_id == 0 => error
  Validator-->>YAML: parsed & validated OrderIOCfg

  AddOrder->>Validator: receive validated IO configs
  AddOrder->>AddOrder: for each IO entry:
  alt vaultless == true
    AddOrder->>AddOrder: set vault_id = B256::ZERO
  else vault_id provided and != 0
    AddOrder->>AddOrder: use provided vault_id
  else
    AddOrder->>RNG: generate_nonzero_random_vault_id()
    RNG-->>AddOrder: non-zero B256
    AddOrder->>AddOrder: use generated vault_id
  end
  AddOrder-->>...: produce AddOrderArgs with validated vault ids

Loading

Estimated code review effort

🎯 4 (Complex) | ⏱️ ~45 minutes

Possibly related issues

• rainlanguage/rain.orderbook#2402 — overlapping objectives implementing vaultless support and vault-id validations at settings/AddOrder level.

Possibly related PRs

• rainlanguage/rain.orderbook#1911 — modifies crates/common/src/add_order.rs and vault-id handling, closely related at code level.
• rainlanguage/rain.orderbook#1947 — touches crates/common/src/add_order.rs (tests/cfg) and may overlap test changes.
• rainlanguage/rain.orderbook#2201 — updates REGISTRY_URL/REMOTE_SETTINGS_URL constants, related to constants changes here.

Suggested labels

rust, enhancement, test

Suggested reviewers

• hardyjosh
• 0xgleb

🚥 Pre-merge checks | ✅ 4 | ❌ 1

❌ Failed checks (1 warning)

Check name	Status	Explanation	Resolution
Docstring Coverage	⚠️ Warning	Docstring coverage is 57.89% which is insufficient. The required threshold is 80.00%.	Write docstrings for the functions missing them to satisfy the coverage threshold.

✅ Passed checks (4 passed)

Check name	Status	Explanation
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.
Title check	✅ Passed	The title clearly describes the main change: adding vaultless field to OrderIOCfg with validation as Phase 1 of implementation.
Linked Issues check	✅ Passed	All coding requirements from issue #2403 are met: vaultless field added to OrderIOCfg, validation rules implemented for vaultless/vault-id conflicts and zero values, random vault ID generation fixed to ensure non-zero values, and spec version bumped to 5.
Out of Scope Changes check	✅ Passed	All changes align with PR objectives: vaultless implementation in settings/common layers, optional_bool helper addition, GUI show-custom-field refactoring, sentry module removal, and version bumps are all supporting refactors for the vaultless feature.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[coderabbitai]

Actionable comments posted: 1

🤖 Fix all issues with AI agents

In `@crates/settings/src/order.rs`:
- Around line 698-731: The parsing change forbids providing a vault-id when
vaultless is true, so update the mutation helpers (populate_vault_ids and
update_vault_id) to respect that invariant: when processing an entry whose
vaultless flag is Some(true) skip inserting/overwriting vault-id (or return
YamlError::ParseOrderConfigSourceError(ParseOrderConfigSourceError::VaultIdNotAllowedInVaultlessMode)
if you prefer surfacing the error) instead of unconditionally setting a vault
id; locate logic that writes into OrderIOCfg.vault_id or manipulates the YAML
for vault-id and add a guard checking OrderIOCfg.vaultless (or the parsed
"vaultless" YAML field) before mutating, mirroring the validation in
OrderCfg::validate_vault_id.

[coderabbitai]

Actionable comments posted: 1

🤖 Fix all issues with AI agents

In `@crates/common/src/add_order.rs`:
- Around line 124-131: The code currently treats vaultless == true as silently
overriding any provided vault_id; instead, add a guard in the vault_id
computation in add_order.rs to reject the combination: if input.vaultless ==
Some(true) and input.vault_id.is_some() (and not equal to U256::ZERO) return a
new/appropriate error (e.g.,
AddOrderArgsError::ConflictingVaultlessAndVaultId(i)) rather than proceeding;
apply the same guard to the similar block around lines 145–151 to ensure both
places validate this conflicting configuration before computing vault_id.

[coderabbitai]

Actionable comments posted: 0

Caution

Some comments are outside the diff and can’t be posted inline due to platform limitations.

⚠️ Outside diff range comments (1)

crates/settings/src/order.rs (1)

90-115: Reject vault-id: 0 in update_vault_id to match new validation.

Line 94 currently accepts 0 and writes an invalid config, bypassing the new “Invalid vault-id value” rule enforced in parsing. Add a zero check here to keep mutation helpers consistent with validation.

🛠️ Proposed fix

-                match OrderCfg::validate_vault_id(v) {
-                    Ok(id) => Some(id),
+                match OrderCfg::validate_vault_id(v) {
+                    Ok(id) => {
+                        if id == U256::ZERO {
+                            return Err(YamlError::ParseOrderConfigSourceError(
+                                ParseOrderConfigSourceError::InvalidVaultIdZero,
+                            ));
+                        }
+                        Some(id)
+                    }
                     Err(e) => {
                         return Err(YamlError::Field {
                             kind: FieldErrorKind::InvalidValue {
                                 field: "vault-id".to_string(),
                                 reason: e.to_string(),
                             },
                             location: format!(

[findolor]

Code review

No issues found. Checked for bugs and CLAUDE.md compliance.

🤖 Generated with Claude Code

[coderabbitai]

Actionable comments posted: 0

Caution

Some comments are outside the diff and can’t be posted inline due to platform limitations.

⚠️ Outside diff range comments (1)

crates/common/src/add_order.rs (1)

6-8: Conditional import of U256 conflicts with unconditional usage in public method.

U256 is imported only under #[cfg(not(target_family = "wasm"))] (line 8), but this public async method uses U256::ZERO on lines 133 and 157 without cfg guards. Since new_from_deployment is public and callable from WASM contexts (js_api calls it without cfg), this creates a mismatch. Import U256 unconditionally to resolve the inconsistency and prevent potential WASM build issues.

Suggested fix

-use alloy::primitives::{hex::FromHexError, Address, B256};
-#[cfg(not(target_family = "wasm"))]
-use alloy::primitives::{FixedBytes, U256};
+use alloy::primitives::{hex::FromHexError, Address, B256, U256};
+#[cfg(not(target_family = "wasm"))]
+use alloy::primitives::FixedBytes;

[findolor]

After rainlanguage/rainix#101 is merged, run nix flake update rainix to fix wasm tests.

Issue: nixpkgs updated wasm-bindgen-cli to 0.2.108, but rain.wasm requires 0.2.100. The rainix PR pins it back to 0.2.100.