fix: validate boundary constraints and wire orphaned orch_status command

hyperpolymath · claude · hyperpolymath · commit dfe4e239a404 · 2026-02-28T13:29:58.000Z
validate_inference now rejects malformed boundary constraints (invalid
identifiers, non-numeric RHS) instead of silently accepting them.
Wire verisimdb_orch_status into the frontend message/model/update loop
so it is no longer dead code.

Co-Authored-By: Claude Opus 4.6 &lt;noreply@anthropic.com&gt;
diff --git a/src-tauri/src/main.rs b/src-tauri/src/main.rs
@@ -582,11 +582,43 @@ fn validate_inference(token: &str, constraints: Vec<String>) -> Result<bool, Str
         }
 
         // Handle boundary checks: length > 0, count < 100, etc.
+        // Validates constraint syntax: LHS must be a valid identifier, operator
+        // must be a comparison, RHS must be a valid number. Runtime value checking
+        // happens in the ReScript AntiCrash module which has access to model state.
         if constraint.contains(" > ") || constraint.contains(" < ") ||
            constraint.contains(" >= ") || constraint.contains(" <= ") {
-            // For now, we don't have the actual values to check against
-            // This would require integrating with the model state
-            // Accept boundary constraints as valid declarations
+            // Split on the operator to validate both sides
+            let operators = [" >= ", " <= ", " > ", " < "];
+            let mut validated = false;
+            for op in &operators {
+                if let Some(pos) = constraint.find(op) {
+                    let lhs = constraint[..pos].trim();
+                    let rhs = constraint[pos + op.len()..].trim();
+
+                    // LHS must be a valid identifier (alphanumeric + underscores, not starting with digit)
+                    if lhs.is_empty() || lhs.starts_with(|c: char| c.is_ascii_digit()) ||
+                       !lhs.chars().all(|c| c.is_alphanumeric() || c == '_') {
+                        return Err(format!(
+                            "Invalid boundary constraint: '{}' is not a valid identifier in '{}'",
+                            lhs, constraint
+                        ));
+                    }
+
+                    // RHS must be a valid number (integer or float, optionally negative)
+                    if rhs.parse::<f64>().is_err() {
+                        return Err(format!(
+                            "Invalid boundary constraint: '{}' is not a valid number in '{}'",
+                            rhs, constraint
+                        ));
+                    }
+
+                    validated = true;
+                    break;
+                }
+            }
+            if !validated {
+                return Err(format!("Malformed boundary constraint: {}", constraint));
+            }
             continue;
         }
 
@@ -928,6 +960,46 @@ Commands:
         assert_eq!(result.unwrap(), true);
     }
 
+    #[test]
+    fn test_validate_inference_valid_boundary_passes() {
+        let token = "const x = 42;";
+        let constraints = vec![
+            "length > 0".to_string(),
+            "count < 100".to_string(),
+            "score >= -1.5".to_string(),
+            "max_depth <= 999".to_string(),
+        ];
+        let result = validate_inference(token, constraints);
+        assert!(result.is_ok());
+    }
+
+    #[test]
+    fn test_validate_inference_invalid_boundary_rhs_rejected() {
+        let token = "const x = 42;";
+        let constraints = vec!["length > \"invalid\"".to_string()];
+        let result = validate_inference(token, constraints);
+        assert!(result.is_err());
+        assert!(result.unwrap_err().contains("not a valid number"));
+    }
+
+    #[test]
+    fn test_validate_inference_invalid_boundary_lhs_rejected() {
+        let token = "const x = 42;";
+        let constraints = vec!["123bad > 5".to_string()];
+        let result = validate_inference(token, constraints);
+        assert!(result.is_err());
+        assert!(result.unwrap_err().contains("not a valid identifier"));
+    }
+
+    #[test]
+    fn test_validate_inference_boundary_special_chars_rejected() {
+        let token = "const x = 42;";
+        let constraints = vec!["foo-bar > 5".to_string()];
+        let result = validate_inference(token, constraints);
+        assert!(result.is_err());
+        assert!(result.unwrap_err().contains("not a valid identifier"));
+    }
+
     #[test]
     fn test_vexation_initial_index_is_zero() {
         // Reset tracker by creating a new one (in a real app we'd need better reset mechanisms)
diff --git a/src/Model.res b/src/Model.res
@@ -257,6 +257,7 @@ type verisimdbState = {
   entityDetail: option<string>,
   telemetry: option<telemetrySnapshot>,
   telemetryVisible: bool,
+  orchStatus: option<string>,
 }
 
 /// The complete Model
@@ -411,6 +412,7 @@ let init = (): model => {
     entityDetail: None,
     telemetry: None,
     telemetryVisible: false,
+    orchStatus: None,
   },
   humidity: Medium,
   viewMode: DarkStart,
diff --git a/src/Msg.res b/src/Msg.res
@@ -123,6 +123,8 @@ type verisimdbMsg =
   | FetchTelemetry
   | TelemetryLoaded(result<string, string>)
   | ToggleTelemetryPanel
+  | FetchOrchStatus
+  | OrchStatusLoaded(result<string, string>)
 
 /// The unified message type
 type msg =
diff --git a/src/Update.res b/src/Update.res
@@ -701,6 +701,15 @@ let updateVeriSimDB = (model: model, msg: verisimdbMsg): (model, Tea_Cmd.t<msg>)
       {...model, verisimdb: {...db, telemetryVisible: !db.telemetryVisible}},
       Tea_Cmd.none,
     )
+  | FetchOrchStatus => (
+      model,
+      TauriCmd.getOrchStatus(result => VeriSimDB(OrchStatusLoaded(result))),
+    )
+  | OrchStatusLoaded(result) =>
+    switch result {
+    | Ok(json) => ({...model, verisimdb: {...db, orchStatus: Some(json), queryError: None}}, Tea_Cmd.none)
+    | Error(err) => ({...model, verisimdb: {...db, orchStatus: None, queryError: Some(err)}}, Tea_Cmd.none)
+    }
   }
 }
 
diff --git a/src/commands/TauriCmd.res b/src/commands/TauriCmd.res
@@ -460,6 +460,23 @@ let getTelemetry = (tagger: result<string, string> => 'msg): Tea_Cmd.t<'msg> =>
   })
 }
 
+/// Fetch orchestration status (consensus, federation, telemetry) from VeriSimDB.
+/// Invokes `verisimdb_orch_status` which hits GET /status on the Elixir layer.
+let getOrchStatus = (tagger: result<string, string> => 'msg): Tea_Cmd.t<'msg> => {
+  Tea_Cmd.call(callbacks => {
+    invoke("verisimdb_orch_status", ())
+    ->Promise.then(result => {
+      callbacks.enqueue(tagger(Ok(result)))
+      Promise.resolve()
+    })
+    ->Promise.catch(_err => {
+      callbacks.enqueue(tagger(Error("Orchestration status fetch failed")))
+      Promise.resolve()
+    })
+    ->ignore
+  })
+}
+
 /// Batch multiple Tauri commands together
 let batch = (commands: list<Tea_Cmd.t<'msg>>): Tea_Cmd.t<'msg> => {
   Tea_Cmd.batch(commands)

Original file line number	Diff line number	Diff line change
`@@ -701,6 +701,15 @@ let updateVeriSimDB = (model: model, msg: verisimdbMsg): (model, Tea_Cmd.t<msg>)`
`701`	`701`	`{...model, verisimdb: {...db, telemetryVisible: !db.telemetryVisible}},`
`702`	`702`	`Tea_Cmd.none,`
`703`	`703`	`)`
	`704`	`+ \| FetchOrchStatus => (`
	`705`	`+ model,`
	`706`	`+ TauriCmd.getOrchStatus(result => VeriSimDB(OrchStatusLoaded(result))),`
	`707`	`+ )`
	`708`	`+ \| OrchStatusLoaded(result) =>`
	`709`	`+ switch result {`
	`710`	`+ \| Ok(json) => ({...model, verisimdb: {...db, orchStatus: Some(json), queryError: None}}, Tea_Cmd.none)`
	`711`	`+ \| Error(err) => ({...model, verisimdb: {...db, orchStatus: None, queryError: Some(err)}}, Tea_Cmd.none)`
	`712`	`+ }`
`704`	`713`	`}`
`705`	`714`	`}`
`706`	`715`