Custom account in deploying L1-L2 messaging contract

[nagxsan]

Attempts to fix #727

Usage related changes

Allows users to add a custom funded account private key as the signer instead of relying on the default one.

Development related changes

Added an integration test deploy_l1_messaging_contract_with_funded_account_private_key in tests/integration/test_messaging.rs to replicate flow.

Checklist:

• Checked out the contribution guidelines
• Applied formatting - ./scripts/format.sh
• No linter errors - ./scripts/clippy_check.sh
• No unused dependencies - ./scripts/check_unused_deps.sh
• No spelling errors - ./scripts/check_spelling.sh
• Performed code self-review
• Rebased to the latest commit of the target branch (or merged it into my branch)
  • Once you make the PR reviewable, please avoid force-pushing
• Updated the docs if needed - ./website/README.md
• Linked the issues resolvable by this PR - linking info
• Updated the tests if needed; all passing - execution info

Summary by CodeRabbit

• New Features
  • Enabled an optional configuration to specify a private key for a pre-funded account during messaging setup, providing enhanced control over transaction signing.
• Documentation
  • Updated API documentation to include details on the new configuration parameter and its usage requirements.
• Tests
  • Added tests to validate messaging contract deployment behavior with valid and invalid account keys, ensuring robust error handling.
• Chores
  • Introduced new constants for default Ethereum account address and private key to facilitate testing.

[coderabbitai]

Walkthrough

The changes introduce an optional parameter, funded_account_private_key, into key methods for configuring messaging. Both the EthereumMessaging::new and Starknet::configure_messaging functions now accept this parameter to enable custom signing on L1. The API endpoint, related documentation, and associated tests have been updated to support the new functionality, including logic to fall back to a default key when none is provided. Additional constants and integration tests were added to verify behavior when a custom or incorrect private key is used.

Changes

File(s)	Change Summary
crates/starknet-devnet-core/src/messaging/ethereum.rs crates/starknet-devnet-core/src/messaging/mod.rs	Updated method signatures to include the new optional parameter funded_account_private_key and modified control flow using a conditional match to select between a provided key and the default key.
crates/starknet-devnet-server/src/api/http/endpoints/postman.rs crates/starknet-devnet-server/src/api/http/models.rs	Modified API endpoint invocation to pass the new parameter and added a new optional field funded_account_private_key to the data model.
website/docs/postman.md	Updated the JSON structure documentation for the POST /postman/load_l1_messaging_contract endpoint to include the funded_account_private_key, with clarifying notes on its implications.
tests/integration/test_messaging.rs tests/integration/common/constants.rs	Added new test functions and constant definitions to verify correct behavior with custom and incorrect Ethereum private keys, including scenarios for deploying the L1 messaging contract.

Sequence Diagram(s)

sequenceDiagram
    participant Client
    participant API
    participant Starknet
    participant EthereumMessaging

    Client->>API: POST /postman/load_l1_messaging_contract\n(with funded_account_private_key)
    API->>Starknet: configure_messaging(rpc_url, contract_address, funded_account_private_key)
    Starknet->>EthereumMessaging: new(rpc_url, contract_address, funded_account_private_key)
    alt funded_account_private_key provided
      EthereumMessaging-->>Starknet: Use provided private key for signing
    else
      EthereumMessaging-->>Starknet: Use default key (ETH_ACCOUNT_DEFAULT)
    end
    Starknet-->>API: Return contract deployment info

Loading

Assessment against linked issues

Objective	Addressed	Explanation
Deploying a messaging L1-L2 contract with a custom account [#727]	✅

Possibly related PRs

• Improve predeclaration/predeployment startup log #734: The changes in the main PR, which involve adding a funded_account_private_key parameter to the new method of the EthereumMessaging struct, are related to the modifications in the retrieved PR that also involve changes to method signatures and parameters, specifically in the context of account management and messaging configuration. Both PRs focus on enhancing the handling of account keys within the messaging framework.

Suggested reviewers

• marioiordanov

Poem

I'm a rabbit leaping through the code,
Hopping on keys down every road,
With a custom key tucked neat and sly,
I deploy L1 contracts that touch the sky.
Bugs run away as tests sing in tune,
🐰 CodeRabbit's magic makes our devday bloom!

---

📜 Recent review details

Configuration used: CodeRabbit UI
Review profile: CHILL
Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between 3d89728 and 61bb269.

📒 Files selected for processing (1)

• tests/integration/test_messaging.rs (2 hunks)

🧰 Additional context used

🧬 Code Definitions (1)

tests/integration/test_messaging.rs (3)

tests/integration/common/background_anvil.rs (3)

• DEFAULT_ETH_ACCOUNT_PRIVATE_KEY (178-179)
• spawn_with_additional_args (38-70)
• spawn (33-35)

tests/integration/common/background_devnet.rs (2)

• spawn_with_additional_args (132-165)
• spawn (91-93)

crates/starknet-devnet-server/src/test_utils.rs (1)

• assert_contains (12-21)

🔇 Additional comments (3)

tests/integration/test_messaging.rs (3)

33-34: Appropriate import of required constants.

Adding these constants is necessary for the new tests to properly verify the funded account private key functionality.

---

350-365: Test correctly verifies error handling with insufficient gas.

This test is well-structured for validating the error case when using a funded account with zero balance. The use of unwrap_err() and explicit error message validation through assert_contains() is appropriate.

However, as noted in previous reviews, this test should be merged with deploy_l1_messaging_contract_with_funded_account_private_key() since they're testing two aspects of the same functionality.

-#[tokio::test]
-async fn setup_anvil_incorrect_eth_private_key() {
-    let anvil = BackgroundAnvil::spawn_with_additional_args(&["--balance", "0"]).await.unwrap();
-
-    let (devnet, _, _) = setup_devnet(&["--account-class", "cairo1"]).await;
-
-    let body = devnet
-        .send_custom_rpc(
-            "devnet_postmanLoad",
-            json!({ "network_url": anvil.url,
-            "funded_account_private_key": DEFAULT_ETH_ACCOUNT_PRIVATE_KEY }),
-        )
-        .await
-        .unwrap_err();
-    assert_contains(&body.message, "Out of gas: gas required exceeds allowance: 0");
-}
-
-#[tokio::test]
-async fn deploy_l1_messaging_contract_with_funded_account_private_key() {
-    let anvil = BackgroundAnvil::spawn().await.unwrap();
-    assert_eq!(
-        anvil.provider_signer.address(),
-        DEFAULT_ETH_ACCOUNT_ADDRESS.parse::<Address>().unwrap()
-    );
-
-    let (devnet, _, _) = setup_devnet(&["--account-class", "cairo1"]).await;
-
-    let body = devnet
-        .send_custom_rpc("devnet_postmanLoad", json!({ "network_url": anvil.url, "funded_account_private_key": DEFAULT_ETH_ACCOUNT_PRIVATE_KEY }))
-        .await
-        .expect("deploy l1 messaging contract failed");
-
-    assert_eq!(
-        body.get("messaging_contract_address").unwrap().as_str().unwrap(),
-        MESSAGING_L1_ADDRESS
-    );
+#[tokio::test]
+async fn test_deploy_l1_messaging_contract_with_funded_account_private_key() {
+    // Test with insufficient funds (should fail)
+    {
+        let anvil = BackgroundAnvil::spawn_with_additional_args(&["--balance", "0"]).await.unwrap();
+        let (devnet, _, _) = setup_devnet(&["--account-class", "cairo1"]).await;
+
+        let body = devnet
+            .send_custom_rpc(
+                "devnet_postmanLoad",
+                json!({ "network_url": anvil.url,
+                "funded_account_private_key": DEFAULT_ETH_ACCOUNT_PRIVATE_KEY }),
+            )
+            .await
+            .unwrap_err();
+        assert_contains(&body.message, "Out of gas: gas required exceeds allowance: 0");
+    }
+
+    // Test with sufficient funds (should succeed)
+    {
+        let anvil = BackgroundAnvil::spawn().await.unwrap();
+        assert_eq!(
+            anvil.provider_signer.address(),
+            DEFAULT_ETH_ACCOUNT_ADDRESS.parse::<Address>().unwrap()
+        );
+
+        let (devnet, _, _) = setup_devnet(&["--account-class", "cairo1"]).await;
+
+        let body = devnet
+            .send_custom_rpc("devnet_postmanLoad", json!({ "network_url": anvil.url, "funded_account_private_key": DEFAULT_ETH_ACCOUNT_PRIVATE_KEY }))
+            .await
+            .expect("deploy l1 messaging contract failed");
+
+        assert_eq!(
+            body.get("messaging_contract_address").unwrap().as_str().unwrap(),
+            MESSAGING_L1_ADDRESS
+        );
+    }
}

---

367-386: Test correctly verifies successful deployment using the custom private key.

This test appropriately validates the happy path of using a custom funded account private key for deploying the L1 messaging contract. The verification that the contract is deployed at the expected address is a good assertion.

As noted in my previous comment, consider merging this with the error test case to create a more comprehensive test function.

✨ Finishing Touches

• 📝 Generate Docstrings

---

🪧 Tips

Chat

There are 3 ways to chat with CodeRabbit:

• Review comments: Directly reply to a review comment made by CodeRabbit. Example:
  • I pushed a fix in commit <commit_id>, please review it.
  • Generate unit testing code for this file.
  • Open a follow-up GitHub issue for this discussion.
• Files and specific lines of code (under the "Files changed" tab): Tag @coderabbitai in a new review comment at the desired location with your query. Examples:
  • @coderabbitai generate unit testing code for this file.
  • @coderabbitai modularize this function.
• PR comments: Tag @coderabbitai in a new PR comment to ask questions about the PR branch. For the best results, please provide a very specific query, as very limited context is provided in this mode. Examples:
  • @coderabbitai gather interesting stats about this repository and render them as a table. Additionally, render a pie chart showing the language distribution in the codebase.
  • @coderabbitai read src/utils.ts and generate unit testing code.
  • @coderabbitai read the files in the src/scheduler package and generate a class diagram using mermaid and a README in the markdown format.
  • @coderabbitai help me debug CodeRabbit configuration file.

Note: Be mindful of the bot's finite context window. It's strongly recommended to break down tasks such as reading entire modules into smaller chunks. For a focused discussion, use review comments to chat about specific files and their changes, instead of using the PR comments.

CodeRabbit Commands (Invoked using PR comments)

• @coderabbitai pause to pause the reviews on a PR.
• @coderabbitai resume to resume the paused reviews.
• @coderabbitai review to trigger an incremental review. This is useful when automatic reviews are disabled for the repository.
• @coderabbitai full review to do a full review from scratch and review all the files again.
• @coderabbitai summary to regenerate the summary of the PR.
• @coderabbitai generate docstrings to generate docstrings for this PR.
• @coderabbitai resolve resolve all the CodeRabbit review comments.
• @coderabbitai plan to trigger planning for file edits and PR creation.
• @coderabbitai configuration to show the current CodeRabbit configuration for the repository.
• @coderabbitai help to get help.

Other keywords and placeholders

• Add @coderabbitai ignore anywhere in the PR description to prevent this PR from being reviewed.
• Add @coderabbitai summary to generate the high-level summary at a specific location in the PR description.
• Add @coderabbitai anywhere in the PR title to generate the title automatically.

CodeRabbit Configuration File (.coderabbit.yaml)

• You can programmatically configure CodeRabbit by adding a .coderabbit.yaml file to the root of your repository.
• Please see the configuration documentation for more information.
• If your editor has YAML language server enabled, you can add the path at the top of this file to enable auto-completion and validation: # yaml-language-server: $schema=https://coderabbit.ai/integrations/schema.v2.json

Documentation and Community

• Visit our Documentation for detailed information on how to use CodeRabbit.
• Join our Discord Community to get help, request features, and share feedback.
• Follow us on X/Twitter for updates and announcements.

[FabijanC]

The documentation ought to be updated in website/docs/postman.md

[coderabbitai]

Actionable comments posted: 0

🧹 Nitpick comments (2)

website/docs/postman.md (2)

26-27: Clarify the New Parameter in the JSON Example:
The JSON snippet now includes the funded_account_private_key as an optional field. It would be beneficial to explicitly note that this field is provided solely for the customization of the signing account and that its usage requires careful security handling (e.g., ensuring that production private keys are never exposed). Also, since inline comments (using //) are non-standard in JSON, consider adding a note in the surrounding text clarifying that the comments are for illustrative purposes only.

---

44-44: Enhanced Explanation for the Custom Signer Account:
The updated descriptive text clearly explains that when the funded_account_private_key is provided, the associated account is used as the signer and must be pre-funded. For further clarity, you might consider including an example or a direct reference to where additional security or usage guidelines can be found. This could help users understand the implications of using a custom funded account key in various environments.

📜 Review details

Configuration used: CodeRabbit UI
Review profile: CHILL
Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between 5411e4a and e9b665a.

📒 Files selected for processing (1)

• website/docs/postman.md (2 hunks)

[coderabbitai]

Actionable comments posted: 0

🧹 Nitpick comments (1)

tests/integration/test_messaging.rs (1)

356-370: Consider simplifying the should_panic test.

While the test correctly verifies that using an incorrect private key fails, it contains multiple operations after the likely panic point. For clearer failure diagnosis, consider focusing the test only on the operation expected to panic.

#[tokio::test]
#[should_panic]
async fn setup_anvil_incorrect_eth_private_key() {
    // This operation alone should cause the panic
    let _anvil =
        BackgroundAnvil::spawn_with_additional_args(&[], Some(INCORRECT_ETH_ACCOUNT_PRIVATE_KEY))
            .await
            .unwrap();
-    
-        let (devnet, _, _) = setup_devnet(&["--account-class", "cairo1"]).await;
-
-        let _body = devnet
-            .send_custom_rpc("devnet_postmanLoad", json!({ "network_url": anvil.url, "funded_account_private_key": INCORRECT_ETH_ACCOUNT_PRIVATE_KEY }))
-            .await
-            .expect("deploy l1 messaging contract failed");
}

📜 Review details

Configuration used: CodeRabbit UI
Review profile: CHILL
Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between e9b665a and d4aa7f3.

📒 Files selected for processing (3)

• tests/integration/common/background_anvil.rs (4 hunks)
• tests/integration/common/constants.rs (1 hunks)
• tests/integration/test_messaging.rs (3 hunks)

🧰 Additional context used

🧬 Code Definitions (2)

tests/integration/common/background_anvil.rs (2)

tests/integration/common/background_devnet.rs (1)

• spawn_with_additional_args (132-165)

crates/starknet-devnet-core/src/messaging/ethereum.rs (1)

• private_key (107-107)

tests/integration/test_messaging.rs (2)

tests/integration/common/background_anvil.rs (2)

• spawn (33-35)
• spawn_with_additional_args (38-73)

tests/integration/common/background_devnet.rs (2)

• spawn (91-93)
• spawn_with_additional_args (132-165)

🔇 Additional comments (9)

tests/integration/common/constants.rs (1)

104-108: LGTM: Added necessary constants for testing account functionality.

The new constants DEFAULT_ETH_ACCOUNT_ADDRESS and INCORRECT_ETH_ACCOUNT_PRIVATE_KEY are well-defined for testing the custom account functionality in the messaging contract deployment.

tests/integration/common/background_anvil.rs (4)

34-35: LGTM: Updated spawn method to use the new parameter structure.

The modification correctly updates the spawn method to call spawn_with_additional_args with None as the funded account private key parameter, maintaining backward compatibility.

---

38-38: LGTM: Enhanced method signature with optional funded account parameter.

The updated signature for spawn_with_additional_args properly accepts an optional funded account private key, aligning with the PR objective of allowing custom account specification.

---

61-64: LGTM: Implemented conditional key selection logic.

The implementation correctly chooses between the provided custom key or falls back to the default key, enabling flexible account management during Ethereum provider setup.

---

170-170: LGTM: Updated provider setup function signature.

The function signature for setup_ethereum_provider has been appropriately updated to accept the funded account private key parameter.

tests/integration/test_messaging.rs (4)

350-354: LGTM: Test for default Ethereum private key setup.

This test correctly verifies that spawning Anvil with the default setup uses the expected Ethereum account address.

---

372-391: LGTM: Test for correct Ethereum private key setup.

This test effectively verifies that using a correct custom private key allows for successful spawning and contract deployment.

---

393-408: LGTM: Integration test for deployment with custom account.

This test properly validates the end-to-end flow of deploying the L1 messaging contract using a custom funded account private key, addressing the core functionality of PR #727.

---

617-617: LGTM: Updated test to use new method signature.

The existing test has been properly updated to use the new spawn_with_additional_args signature with None for the private key parameter.

[nagxsan]

I have added some more tests, please let me know if this is what is expected. I understand that the parameters for the RPC call should go from anvil env, but I am not able to obtain the secret key added during spawn.

[coderabbitai]

Actionable comments posted: 0

🧹 Nitpick comments (1)

tests/integration/test_messaging.rs (1)

359-373: Consider adding more specific assertions to this test

While the #[should_panic] attribute correctly indicates that this test should fail, it would be more informative to add specific assertions about the expected failure mode. This would clarify what exactly is being tested and why it should fail.

Additionally, based on the previous review comments, consider testing with a non-default set of prefunded accounts to more comprehensively test the failure case.

 #[tokio::test]
 #[should_panic]
 async fn setup_anvil_incorrect_eth_private_key() {
     let anvil =
         BackgroundAnvil::spawn_with_additional_args(&[], Some(INCORRECT_ETH_ACCOUNT_PRIVATE_KEY))
             .await
             .unwrap();
 
     let (devnet, _, _) = setup_devnet(&["--account-class", "cairo1"]).await;
 
-    let _body = devnet
+    // This should fail because the private key isn't associated with a funded account
+    let result = devnet
             .send_custom_rpc("devnet_postmanLoad", json!({ "network_url": anvil.url, "funded_account_private_key": INCORRECT_ETH_ACCOUNT_PRIVATE_KEY }))
-            .await
-            .expect("deploy l1 messaging contract failed");
+            .await;
+    
+    // If we reach this point, the call unexpectedly succeeded
+    panic!("Expected RPC call to fail, but it succeeded: {:?}", result);
 }

📜 Review details

Configuration used: CodeRabbit UI
Review profile: CHILL
Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between d4aa7f3 and cfa7f6a.

📒 Files selected for processing (6)

• crates/starknet-devnet-core/src/messaging/ethereum.rs (2 hunks)
• crates/starknet-devnet-core/src/messaging/mod.rs (1 hunks)
• crates/starknet-devnet-server/src/api/http/endpoints/postman.rs (1 hunks)
• tests/integration/common/background_anvil.rs (4 hunks)
• tests/integration/common/constants.rs (1 hunks)
• tests/integration/test_messaging.rs (3 hunks)

🚧 Files skipped from review as they are similar to previous changes (4)

• crates/starknet-devnet-core/src/messaging/mod.rs
• tests/integration/common/constants.rs
• crates/starknet-devnet-server/src/api/http/endpoints/postman.rs
• tests/integration/common/background_anvil.rs

🧰 Additional context used

🧬 Code Definitions (1)

tests/integration/test_messaging.rs (2)

tests/integration/common/background_anvil.rs (2)

• spawn (33-35)
• spawn_with_additional_args (38-80)

tests/integration/common/background_devnet.rs (2)

• spawn (91-93)
• spawn_with_additional_args (132-165)

🔇 Additional comments (8)

crates/starknet-devnet-core/src/messaging/ethereum.rs (3)

87-89: Documentation is appropriate for the new parameter

The docstring clearly describes the purpose of the funded_account_private_key parameter, explaining that it's the private key of a funded account on the L1 node that will be used as the signer.

---

91-93: Parameter addition is implemented correctly

The new parameter funded_account_private_key is properly added as an optional string reference, which aligns with Rust patterns for optional parameters and matches the PR objectives to allow custom account keys.

---

102-105: Good implementation of fallback logic

The implementation correctly handles the presence or absence of a custom private key, falling back to the default when needed. This satisfies the PR objective of enabling custom funded account private keys for signing while maintaining backward compatibility.

tests/integration/test_messaging.rs (5)

33-35: Import statement updated appropriately

The import statement has been updated to include the required constants for testing the new functionality.

---

350-357: Test validates baseline behavior

This test establishes a baseline by verifying that the default private key maps to the expected address, which provides good test coverage for the unchanged case.

---

375-397: Test validates explicit private key usage

This test correctly verifies that explicitly providing the default private key works as expected, ensuring that the system properly handles the new parameter.

---

399-414: Test directly addresses PR objective

This test fulfills the PR objective by specifically testing the deployment of a messaging contract using a custom funded account private key. It provides crucial coverage for the primary new functionality.

---

623-624: Updated to use new parameter API

The test has been correctly updated to use the new API by passing None for the funded_account_private_key parameter, indicating that it should use the default behavior.

[FabijanC]

I would expect this to be testable without changing the API of BackgroundAnvil. IMO we should be specifying a custom mnemonic or seed rather than relying on the default. Check out this documentation page. Look at how we use the --seed param with BackgroundDevnet in some of the integration tests.

[nagxsan]

Made the changes

[FabijanC]

Tests setup_anvil_incorrect_eth_private_key and setup_anvil_correct_eth_private_key should be a single test.

[FabijanC]

It is unfortunate that the address and the key seem to refer to the same account. It should be pointed out that they do not.

[nagxsan]

Done

[nagxsan]

Got it, updating with all the revisions

[nagxsan]

I used the --balance 0 field to setup the anvil accounts with a default of 0 balance instead of 10000 ETH. Using this I have implemented the test of invalid private key and asserting the error message.

[nagxsan]

Can you please tell me if there are any updates needed here from my side? Thanks!

[FabijanC]

@nagxsan Thanks for the work done so far! We will take it on from here to improve the testing and not to keep you waiting (sorry for the waiting).