M1 acceptance: code cleanup + product designs + upstream sync#1
Open
jhfnetboy wants to merge 9 commits into
Open
M1 acceptance: code cleanup + product designs + upstream sync#1jhfnetboy wants to merge 9 commits into
jhfnetboy wants to merge 9 commits into
Conversation
… + Upstream PR queue Three milestone designs + one product planning + two operational docs: - M1_DESIGN.md (29K) — protocol core acceptance, ZeroDev fork rationale, AAStar PR zerodevapp#12-zerodevapp#15 verification, M1-new features (rate limit, upstream sync), known limitations (JSON logging fallback, implicit boost, etc.) - M2_DESIGN.md (54K) — green lane / trusted-paymasters / paymasterProfiles plugin (≤5 hooks), fast-lane in mempool/executor, EIP-7702 implementation, safety three-layer model - M3_DESIGN.md (63K) — X402 charging, xPNTs prepaid receivables, monitoring, upstream sync automation, RPC cost governance, operator attestation, postOp gas profiling, multi-chain rollout - SUBSCRIPTION_DESIGN.md (79K) — long-term product planning for external-user subscription model: API key + on-chain SubscriptionManager + aPNTs auto-deduct via AirAccount session key (length-based dispatch: 105B ECDSA / 148B P256) - RUNBOOK.md — production deployment must-haves: --chain-type op-stack, IP allowlist, BETTER_STACK_TOKEN, monthly upstream sync, troubleshooting - UPSTREAM_PR_QUEUE.md — tracks PRs to be sent to zerodevapp/ultra-relay: cleanup commit (in flight), drop-log structuring, --allow-implicit-boost flag, JSON logging fallback fix
Two minor cleanups suitable for upstreaming to zerodevapp/ultra-relay:
1. Remove leftover debug console.log("=== eth_sendUserOperation called ===")
in eth_sendUserOperation handler (introduced in commit 702f9af alto merge).
2. Fix --max-bundle-count CLI description: the flag actually caps the number
of BUNDLES produced per getBundles() iteration (see mempool.ts:725-773),
not the number of UserOperations within a single bundle. The previous
wording misled operators configuring the flag.
No behavior change.
Adds an e2e test for the AAStar /wallets HTTP endpoint introduced in PR zerodevapp#15. Covers: happy path, address-set match against configured executor keys, EIP-55 checksum format. The endpoint had no test coverage before (M1 §3.4 acceptance gap). Endpoint contract: GET /wallets -> { wallets: Address[], chainId: number } Note: utility wallet is NOT included in the response (per current impl, src/rpc/server.ts:179-196).
…erodevapp#27 status) Post upstream/main merge (commits a526e11..4a0372a), reflect new state: - test/e2e/tests/wallets.test.ts: assert utilityWalletAddress + refillingWallets fields per upstream PR zerodevapp#17 (3f3bc2c) — handler now returns { wallets, chainId, utilityWalletAddress, refillingWallets } - docs/M1_DESIGN.md §3.4: remove "utility not included" caveat; document the new shape; reference upstream 3f3bc2c - docs/M1_DESIGN.md §5.5 Limitation 1: note upstream PRs zerodevapp#18/zerodevapp#19 added logtail transport error handling + dead-transport noop, but the fallback logic (no token → pino-pretty) is unchanged, so this limitation still applies - docs/UPSTREAM_PR_QUEUE.md: PR #1 status moved to "待 review" (zerodevapp#27)
Line numbers drift as code evolves; reference the function name instead.
…etBundles refillingWallets is a boolean config flag (not Address[]) per upstream PR zerodevapp#17 source (bundler.ts:96 z.boolean()); update test type and assertions. Pass this.config.maxBundleCount to getBundles() so --max-bundle-count CLI option actually takes effect (was silently ignored).
The cap is applied independently per entrypoint in getBundles(); with N entrypoints and maxBundleCount=M, up to N*M bundles may be returned. Update options.ts description and M1_DESIGN.md §2.4 + §5.5 to reflect actual semantics instead of claiming a global total-bundle limit.
…allets, validate max-bundle-count >= 1 - debug_bundler_sendBundleNow: submit all bundles from all entrypoints (getBundles(1) returns 1 bundle per entrypoint; previous code only submitted bundles[0], silently dropping ops from other entrypoints) - /wallets endpoint: use getAvailableWallets() to respect --max-executors cap instead of returning the full executorPrivateKeys list - max-bundle-count schema: add .min(1) so negative values are rejected at startup (negative truthy values would have disabled bundling silently)
…tial failure A single entrypoint's executor error no longer aborts the entire loop; remaining entrypoint bundles are still attempted.
fanhousanbu
approved these changes
May 6, 2026
fanhousanbu
left a comment
fanhousanbu
left a comment
There was a problem hiding this comment.
✅ Approved
代码改动均为正向修复,无 CRITICAL/HIGH,docs 内容准确。
关键 Bug Fix 确认
executorManager.ts:getBundles()之前未传maxBundleCount,--max-bundle-countCLI flag 实际无效。本 PR 补上,配合bundler.ts的.min(1)校验,行为与文档一致。debug_bundler_sendBundleNow.ts:旧代码只提交bundles[0],多 entrypoint 场景其余 bundle 被丢弃。新代码遍历全部 bundle,partial failure 继续提交剩余,符合 debug handler 语义。/wallets:改用getAvailableWallets()正确返回 utility + refilling 地址,配合 upstream PR zerodevapp#17 字段对齐。
MEDIUM(非阻断)— debug handler 的 silent catch
} catch {
// continue submitting remaining entrypoint bundles
}发生 submission error 时完全静默。虽然是 debug endpoint(生产关闭),但调试时一旦某个 entrypoint bundle 提交失败,submitted = true 仍可能因另一个成功而返回 txHash,掩盖了部分失败。建议加一行:
} catch (err) {
logger.warn({ err }, "debug_bundler_sendBundleNow: bundle submission failed, continuing")
}LOW — max-bundle-count 无上限
.min(1) 防止了 0,但没有 .max(N) 上限。极端值(如 999999)行为退化为无限制,和不设 flag 等价。可考虑加 .max(100) 或在 options 里文档化"不设则无限"。不阻断。
Docs 质量高,M1–M3 边界清晰,--chain-type op-stack 漏配风险在 RUNBOOK 里已标注。
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
背景 / Background
仓库:
AAStarCommunity/UltraRelay-AAStar— AAStar 对 ZeroDev/ultra-relay(本身是 Pimlico Alto 的 fork)的私有 fork,作为 AAStar ERC-4337 生产 bundler 使用,支持 xPNTs 代币免 Gas、SuperPaymaster 生态集成。分支说明:
aastar-dev— AAStar 的主开发分支(相当于 main),所有功能分支都 merge 到这里m1/acceptance-and-planning→aastar-dev:本 PR里程碑:M1 —— 把这个 bundler 交付为可生产部署的标准 ERC-4337 bundler(OP-Sepolia + OP-Mainnet),在进入 M2(绿色通道/trusted-paymasters)和 M3(X402 收费)之前完成基础设施验收。
本 PR 包含什么 / What's in this PR
1. 上游同步
从
zerodevapp/ultra-relay:main合并 6 个新 commit(无冲突),包含:3f3bc2cPR feat: expose utilityWalletAddress and refillingWallets in /wallets response zerodevapp/ultra-relay#17:/wallets响应新增utilityWalletAddress+refillingWallets0993646+520f27aPR fix: add error handler on logtail pino transport zerodevapp/ultra-relay#18/fix: noop dead logtail transport to prevent request timeouts zerodevapp/ultra-relay#19:logtail transport 异常处理加固a526e11:v0.6 boost gas 估算除零修复2. 代码清理(同步提交上游 PR zerodevapp#27)
eth_sendUserOperation.ts中的 debugconsole.log(每笔 UO 都打印)--max-bundle-countCLI 描述(原描述说"单 bundle 内 op 数",实际是"每 entrypoint 每次 getBundles 的 bundle 数")3. Bug 修复(Codex review 发现,共 10 个修复)
src/executor/executorManager.tsautoScalingBundling()未将maxBundleCount传给getBundles(),CLI 参数静默失效this.config.maxBundleCountsrc/rpc/methods/debug_bundler_sendBundleNow.tsbundles[0],其余 entrypoint 的 ops 被 dequeue 但丢弃src/rpc/server.ts(/wallets)config.executorPrivateKeys全量,未尊重--max-executors截断getAvailableWallets(config)src/cli/config/bundler.tsmax-bundle-count接受负整数,负值 truthy 会使 bundling 静默停止.min(1)校验src/cli/config/options.ts--max-bundle-count描述仍含"per bundle op count"误导 + 硬编码行号test/e2e/tests/wallets.test.tsrefillingWallets类型写成Address[](实际是 boolean),断言逻辑全错boolean,更新所有断言test/e2e/tests/wallets.test.tschainId具体值断言,foundry.id未验expect(body.chainId).toBe(foundry.id)test/e2e/tests/wallets.test.tstoHaveLength断言docs/M1_DESIGN.md4. 产品设计文档(6 个,3800+ 行)
docs/M1_DESIGN.md— 协议核心验收矩阵 + 5 个 Known Limitationsdocs/M2_DESIGN.md— 绿色通道 / trusted-paymasters + EIP-7702docs/M3_DESIGN.md— X402 收费 + 监控 + 多链docs/SUBSCRIPTION_DESIGN.md— 长期订阅计费方案(AirAccount session key + aPNTs 自动抵扣)docs/RUNBOOK.md— 生产部署必配项docs/UPSTREAM_PR_QUEUE.md— 上游 PR 队列需要 reviewer 重点检查 / Review focus
debug_bundler_sendBundleNow.ts— loop + try/catch 逻辑是否正确(debug 端点,仅开发模式启用)server.tsgetWallets —getAvailableWallets(config)替换是否正确(与 senderManager 行为对齐)executorManager.ts—getBundles(this.config.maxBundleCount)是否有副作用(maxBundleCount为 undefined 时行为不变)wallets.test.ts—refillingWallets: boolean断言是否与端点实际返回值一致测试计划 / Test plan
pnpm install && pnpm run build通过cd test/e2e && pnpm test(wallets.test.ts + 其他 e2e)pnpm run test:spec(需要 Geth + 手动启动 bundler)关联 / Related
docs/M1_DESIGN.md