Skip to content

New Worker Design #44

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Draft
nvdtf wants to merge 34 commits into
base: main
Choose a base branch
from
Draft

New Worker Design #44

nvdtf wants to merge 34 commits into from

Conversation

@nvdtf
Copy link
Member

@nvdtf nvdtf commented Jan 30, 2026
edited
Loading

Remaining:

  • Transactions & Scripts updates
  • Update docs & context files
  • TODO in code
  • Test for worker

@onflow onflow deleted a comment from claude bot Feb 2, 2026
@onflow onflow deleted a comment from claude bot Feb 2, 2026
@onflow onflow deleted a comment from claude bot Feb 4, 2026
nvdtf and others added 2 commits February 4, 2026 15:42
@nvdtf
fix tests
539863a
@liobrasil @claude
ci: fix Claude review not posting comments
66b0fc0 
Claude was using `gh api` instead of `gh pr comment` to post reviews,
but `gh api` is not in the allowed tools list, causing the comment
to fail silently.

Changes:
- Add explicit warning to use `gh pr comment` and not `gh api`
- Clarify the command format with a proper code block

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
@liobrasil liobrasil mentioned this pull request Feb 5, 2026
Merged
3 tasks
liobrasil and others added 13 commits February 4, 2026 20:11
@liobrasil
Merge pull request #47 from onflow/fix/claude-review-use-gh-pr-comment
c03cc23
@liobrasil @claude
ci: fix Claude review not posting comments
3cd7708 
Claude was using `gh api` instead of `gh pr comment` to post reviews,
but `gh api` is not in the allowed tools list, causing the comment
to fail silently.

Changes:
- Add explicit warning to use `gh pr comment` and not `gh api`
- Clarify the command format with a proper code block

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
@liobrasil
Merge branch 'main' into navid/new-worker-arch
964f943
@nvdtf
update submodule
b9405b7
@liobrasil
Allow cat for Claude review comment
19f184d
@nvdtf
refactor preprocess
cafc7fd
@nvdtf
test ci fix
2fcb76d
@nvdtf
ci wip
996b04c
@nvdtf
ci wip
5574f7b
@liobrasil
Use sticky Claude review comment
be9d9dd
@nvdtf
ci wip
0e12b1e
@nvdtf
ci wip
1b904e5
@nvdtf
revert ci changes
7097164
@liobrasil liobrasil mentioned this pull request Feb 9, 2026
Merged
@claude
Copy link

claude bot commented Feb 9, 2026
edited
Loading

Code Review: New Worker Design (PR #44)

Summary

This PR introduces a significant architectural change to the FlowYieldVaultsEVM bridge by implementing a new worker design with automated scheduling. The key change is replacing the manual FlowYieldVaultsTransactionHandler with a more sophisticated FlowYieldVaultsEVMWorkerOps contract that provides automated request processing via the FlowTransactionScheduler.

Overall Assessment: This is a well-designed architectural improvement that enhances automation and reliability. The code quality is high with comprehensive documentation and good separation of concerns. However, there are several areas that need attention before merging.

🔴 Critical Issues

1. Panic in processRequest() Can Brick the System (FlowYieldVaultsEVM.cdc:641)

Issue: The code panics if completeProcessing() fails after a successful Cadence-side operation. This could lead to stuck requests and potentially lost user funds if the EVM contract becomes temporarily unavailable.

Recommendation: Implement a dead letter queue pattern where failed completion attempts are logged for manual intervention instead of panicking.

2. Race Condition in Request Status Validation (FlowYieldVaultsEVM.cdc:587)

Issue: The processRequest() function validates request status based on data fetched earlier, which could be stale.

Recommendation: Add version checking or timestamp validation to detect stale request data.

3. Missing Validation for Initial Configuration Values

Issue: schedulerWakeupInterval and maxProcessingRequests are hardcoded in init() without validation.

Recommendation: Apply the same validation logic from setter functions in init().

🟡 High Priority Issues

4. Timestamp vs Block Height Confusion (FlowYieldVaultsEVMWorkerOps.cdc:454)

Issue: Comment says "Check block height" but code checks timestamp.

Recommendation: Update comment to say "Check timestamp" for clarity.

5. Unbounded Loop in Crash Recovery (FlowYieldVaultsEVMWorkerOps.cdc:450-485)

Issue: _checkForFailedWorkerRequests() iterates over ALL scheduled requests without pagination, risking gas limit issues.

Recommendation: Add pagination or limit checks per execution (e.g., max 10 checks per run).

6. Integer Overflow Risk in Delay Calculation (FlowYieldVaultsEVMWorkerOps.cdc:527)

Issue: Delay calculation could theoretically overflow UFix64 with many user requests.

Recommendation: Add bounds checking before incrementing delay.

7. Potential Gas Limit Issues in startProcessingBatch()

Issue: Single EVM call with potentially unbounded array sizes could exceed 15M gas limit.

Recommendation: Add array size limits and batch splitting logic.

🟢 Medium Priority Issues

8. Inconsistent Error Handling

Issue: WorkerHandler panics on failure while SchedulerHandler uses defensive programming.

Recommendation: Standardize error handling patterns.

9. No Circuit Breaker for Repeated Failures

Recommendation: Implement exponential backoff when EVM contract is unavailable.

10. Hardcoded Gas Limits

Recommendation: Make gas limits configurable via Admin functions.

11. Missing Input Validation in Constructor (FlowYieldVaultsRequests.sol:490-493)

Recommendation: Validate coaAddress and wflowAddress are non-zero.

✅ Positive Observations

  1. Excellent documentation in CLAUDE.md and design docs
  2. Clean separation between SchedulerHandler and WorkerHandler
  3. Comprehensive event emission for observability
  4. Good defensive programming throughout
  5. Strong test coverage with new worker tests
  6. Smart O(1) lookup patterns for ownership
  7. All TODOs resolved

Security Considerations

✅ Access control properly implemented
✅ Reentrancy protection via OpenZeppelin
⚠️ Fund safety concerns with panic on completion failure
⚠️ UFix64 overflow in delay calculation

Summary of Recommendations

Must Fix Before Merge:

  1. Address panic-on-completion-failure (issue [DO NOT MERGE] Review current contracts #1)
  2. Add bounds checking to crash recovery loop (feat(cadence): add EVM admin functions to Worker resource #5)
  3. Add input validation to Solidity constructor (Improve algorithm to improve Spot price and the NAV price #11)

Should Fix Before Merge:
4. Fix timestamp comment confusion (#4)
5. Standardize error handling (#8)
6. Add overflow protection to delay calc (#6)

Consider for Follow-up:
7. Circuit breaker pattern (#9)
8. Configurable gas limits (#10)

Reviewer: Claude Code (Sonnet 4.5)
Review Date: 2026-02-10

@liobrasil
fix: use Claude app auth for sticky comment support in code review wo…
ed3c0aa 
…rkflow

ci: restore Claude PR commenting and enforce sticky output

test: trigger claude review on navid branch
@liobrasil liobrasil force-pushed the navid/new-worker-arch branch from 5f6fdbe to ed3c0aa Compare February 9, 2026 20:57
@onflow onflow deleted a comment from claude bot Feb 10, 2026
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@nvdtf @liobrasil