refactor(esplora): clear remaining panic paths

[reez]

Description

This PR clears remaining panic paths from bdk_esplora, replacing them with proper error handling.

Attempting to address bitcoindevkit/bdk_wallet#30 for Esplora

Notes to the reviewers

Open to any and all feedback on this.

Other PR's made along these lines:

• refactor(electrum): remove unwrap()s and expect()s #1981 (electrum)
• esplora: chain_update errors if no point of connection #1971 (esplora)

Changelog notice

• Clear remaining panic paths from bdk_esplora.rs.

Checklists

All Submissions:

• I followed the contribution guidelines

New Features:

• I've added tests for the new feature
• I've added docs for the new feature

Bugfixes:

• This pull request breaks the existing API
• I've added tests to reproduce the issue which are now passing
• I'm linking the issue being fixed by this PR

[evanlinjin]

Thanks for working on this!

Some great simplifications in logic. Some parts are over-engineered.

Note that panics and expects indicate that "we should never hit this - unless there is a bug!" and I think it's justified to have them (where reasonable).

[reez]

Updated PR due to great feedback from Evan, Mammal, Leonardo.

Noteworthy:

• Introduced a crate-wide Error enum (in lib.rs) with Client and Checkpoint variants. Both async and blocking extensions now return this so real Esplora failures bubble up via Client while checkpoint ordering issues surface as Checkpoint instead of panicking or masquerading as InvalidResponse
• Removed the custom ThreadPanic and reverted as suggested so we only guard against genuine remote errors
• Dropped the processed_any guard added previously
• Eliminated tests that provided no major value

[evanlinjin]

Avoid returning errors for internal logic bugs in BDK itself.

[evanlinjin]

We're missing doc-comments for the Error type and it's variants!

We should make it obvious to the reader when the Error::CheckPoint variant occurs.

Edit: I don't think the CheckPoint variant is needed, so this Error type is not needed either.

[reez]

sounds good, Error type removed

[evanlinjin]

I still think panic/expect here is more appropriate.

1. CheckPoint::extend only errors if a block is not higher than the previous.
2. The logic to populate conflicts uses heights from local_tip. local_tip is guaranteed to have ordered heights (since it is a CheckPoint type).

[reez]

makes sense, I reverted this so it uses expect again

[reez]

I believe all review comments are addressed now; to recap current state this PR adds logic around removing panic tied to remote input, while leaving panics where appropriate based on PR review feedback. Thanks again for taking time to review this as I iterated on it (happy to continue tweaking if needed)!

[ValuedMammal]

ACK d4244e3

Note: I think it would make sense to use gap_limit = stop_gap.max(parallel_requests). Related discussion #2053 (comment) and bitcoindevkit/bdk_wallet#63.

[reez]

ACK d4244e3

Note: I think it would make sense to use gap_limit = stop_gap.max(parallel_requests). Related discussion #2053 (comment) and bitcoindevkit/bdk_wallet#63.

@ValuedMammal I just updated PR to use gap_limit = stop_gap.max(parallel_requests) now 👍

[ValuedMammal]

Need to debug a CI fail. Maybe try rebasing this PR onto master.

Edit: As a workaround, pinning the rust toolchain to nightly-2025-11-26 seems to have fixed it https://github.com/ValuedMammal/bdk/actions/runs/19878874973/job/56972371610, although I haven't pinpointed the exact issue.

ACK 074aed1

[thunderbiscuit]

This is a bit of a blocker for the 2.3 release of bdk-ffi, I'd like to include it in there if possible. @reez do you mind trying the pin workaround proposed by @ValuedMammal?

[reez]

This is a bit of a blocker for the 2.3 release of bdk-ffi, I'd like to include it in there if possible. @reez do you mind trying the pin workaround proposed by @ValuedMammal?

@thunderbiscuit sure let me give my context

@ValuedMammal has ACK’d this PR a few times, so after his last comment #2053 (comment) and because I didn’t want him to have to keep review+ACK’ing if no change actually needed on this PR I pinged him to ask if he wanted me to try either/both of those in this PR or keep the PR as is. My understanding is keep the PR as is (and maybe there would be a new issue opened scoped to resolve the coverage job), so I explicitly did not do the pin workaround for those reasons.

Additionally @oleonardolima has reviewed this previously and also let me know he’d be giving this PR a final review too, I know he’s been traveling a bunch though so there’s no rush from me on that.

Then from the bdk-ffi side of things my view point is this would be nice-to-have but is not a blocker for 2.3 release.

[ValuedMammal]

and maybe there would be a new issue opened scoped to resolve the coverage job

The CI fix is now in a separate PR #2080.

[reez]

#2080

Thanks for the heads up!

I'll try to keep an eye on that PR so when it gets merged I can rebase this PR on it if needed for this PR to be merged.

[reez]

#2080

Thanks for the heads up!

I'll try to keep an eye on that PR so when it gets merged I can rebase this PR on it if needed for this PR to be merged.

Rebased PR on master now that #2080 was merged, CI passing ✅

[ValuedMammal]

ACK 92dc6dd