internal/infrastructure/db/watermill/event_repo.go (2)

189-240: Optional: Consider reducing repetition in event deserialization.

The switch statement has significant code duplication across all event type cases. While the current explicit approach is type-safe and clear, you could reduce repetition using a map-based approach.

Here's an example refactor using a registry pattern:

var eventTypeRegistry = map[domain.EventType]func() domain.Event{
	domain.EventTypeRoundStarted:              func() domain.Event { return &domain.RoundStarted{} },
	domain.EventTypeRoundFinalizationStarted:  func() domain.Event { return &domain.RoundFinalizationStarted{} },
	domain.EventTypeRoundFinalized:            func() domain.Event { return &domain.RoundFinalized{} },
	domain.EventTypeRoundFailed:               func() domain.Event { return &domain.RoundFailed{} },
	domain.EventTypeBatchSwept:                func() domain.Event { return &domain.BatchSwept{} },
	domain.EventTypeIntentsRegistered:         func() domain.Event { return &domain.IntentsRegistered{} },
	domain.EventTypeOffchainTxRequested:       func() domain.Event { return &domain.OffchainTxRequested{} },
	domain.EventTypeOffchainTxAccepted:        func() domain.Event { return &domain.OffchainTxAccepted{} },
	domain.EventTypeOffchainTxFinalized:       func() domain.Event { return &domain.OffchainTxFinalized{} },
	domain.EventTypeOffchainTxFailed:          func() domain.Event { return &domain.OffchainTxFailed{} },
}

func deserializeEvent(buf []byte) (domain.Event, error) {
	var eventType struct {
		Type domain.EventType
	}

	if err := json.Unmarshal(buf, &eventType); err != nil {
		return nil, fmt.Errorf("failed to extract event type: %w", err)
	}

	factory, ok := eventTypeRegistry[eventType.Type]
	if !ok {
		return nil, fmt.Errorf("unknown event type: %s", eventType.Type)
	}

	event := factory()
	if err := json.Unmarshal(buf, event); err != nil {
		return nil, fmt.Errorf("failed to unmarshal %s: %w", eventType.Type, err)
	}

	return event, nil
}

This reduces code duplication and makes it easier to add new event types, though it does introduce a bit of indirection.

---

116-119: SQL injection risk in dynamic table name is LOW in current codebase.

Verification confirms that the topic parameter is never user-controlled. All production calls to Save() use hardcoded domain constants (RoundTopic="round", OffchainTxTopic="offchain_tx"). The call chain is: Save(topic) → dispatch(topic) → getAllEvents(topic), with topic originating exclusively from internal constants.

However, the string interpolation pattern (line 117) does violate secure coding practices. While currently safe, consider applying defensive validation to prevent future vulnerabilities if this code path is ever modified to accept external input:

// Add this validation helper
func isValidTopicName(topic string) bool {
	matched, _ := regexp.MatchString(`^[a-zA-Z0-9_]+$`, topic)
	return matched
}

// Add this check in getAllEvents
if !isValidTopicName(topic) {
	return nil, fmt.Errorf("invalid topic name: %s", topic)
}

Configuration used: CodeRabbit UI

Review profile: CHILL

Plan: Pro

Learnt from: louisinger
Repo: arkade-os/arkd PR: 693
File: internal/core/application/service.go:2379-2388
Timestamp: 2025-08-20T06:26:18.377Z
Learning: In the arkd codebase, transaction events should never be dropped when propagating to channels. The interface layer is designed to read events immediately, so buffering channels is preferred over non-blocking sends with drop semantics to maintain delivery guarantees.

internal/test/e2e/e2e_test.go (2)

1627-1629: Consider replacing fixed delays with polling for server state.

The addition of fixed 5-second delays (and similar delays throughout the file) to wait for server-side processing introduces timing dependencies that could make tests flaky in slower environments or under load.

Consider implementing a polling mechanism that checks for the expected server state with a timeout:

// Example helper function to add to the test file
func waitForCondition(t *testing.T, timeout time.Duration, condition func() bool, description string) {
    deadline := time.Now().Add(timeout)
    for time.Now().Before(deadline) {
        if condition() {
            return
        }
        time.Sleep(100 * time.Millisecond)
    }
    require.Fail(t, fmt.Sprintf("timeout waiting for: %s", description))
}

Then replace fixed sleeps with:

// Give time for the server to detect and process the fraud
waitForCondition(t, 10*time.Second, func() bool {
    spentStatus, err := expl.GetTxOutspends(vtxo.Txid)
    if err != nil || len(spentStatus) <= int(vtxo.VOut) {
        return false
    }
    return spentStatus[vtxo.VOut].Spent
}, "vtxo to be spent by forfeit tx")

---

1458-1467: The error capture pattern is correct but could benefit from documentation.

Throughout the file, incomingErr (and similar variables) are written in goroutines and read in the main test thread after wg.Wait(). While this is safe due to the happens-before relationship established by WaitGroup, the pattern relies on understanding these semantics.

Consider adding a comment where the pattern is first introduced to document the synchronization approach:

// incomingErr is safely shared between goroutines due to WaitGroup synchronization.
// The goroutine writes the error, wg.Done() creates a happens-before relationship,
// and the main thread reads after wg.Wait(), ensuring no data race.
var incomingErr error

This helps future maintainers understand the synchronization guarantees.

Also applies to: 1555-1565, 1679-1688

Configuration used: CodeRabbit UI

Review profile: CHILL

Plan: Pro

Learnt from: louisinger
Repo: arkade-os/arkd PR: 686
File: internal/core/application/fraud.go:47-61
Timestamp: 2025-08-28T08:21:01.170Z
Learning: In reactToFraud function in internal/core/application/fraud.go, the goroutine that waits for confirmation and schedules checkpoint sweep should use context.Background() instead of the request context, as this is intentional design to decouple the checkpoint sweep scheduling from the request lifetime.

Learnt from: louisinger
Repo: arkade-os/arkd PR: 691
File: internal/core/application/service.go:557-562
Timestamp: 2025-08-19T10:58:41.042Z
Learning: In the arkd SubmitOffchainTx method, using the checkpoint PSBT input's tapscript (forfeit path) for the VtxoInput.Tapscript field is the correct behavior, not a bug as initially thought. The system correctly handles the relationship between checkpoint inputs and Ark transaction inputs.

internal/infrastructure/db/watermill/event_repo.go (3)

88-93: Critical: Context propagation ignored in dispatch.

The dispatch method uses context.Background() (line 90) instead of accepting and propagating the caller's context. This prevents timeout/cancellation propagation and was previously flagged in review comments.

Update the signature to accept context:

-func (e *eventRepository) dispatch(topic string, id string) error {
+func (e *eventRepository) dispatch(ctx context.Context, topic string, id string) error {
 	// get all events for the topic from the database
-	events, err := e.getAllEvents(context.Background(), topic, id)
+	events, err := e.getAllEvents(ctx, topic, id)
 	if err != nil {
 		return err
 	}

And update the call site in Save:

-	if err := e.dispatch(topic, id); err != nil {
+	if err := e.dispatch(ctx, topic, id); err != nil {
 		log.WithError(err).Error("failed to dispatch saved events")
 	}

---

148-156: Major: Deserialization failures silently drop events.

When deserializeEvent fails (lines 150-154), the error is logged but the event is silently dropped from the result set. This violates event delivery guarantees and was previously flagged in review comments.

Consider failing fast to preserve data integrity:

 	events := make([]domain.Event, 0, len(records))
 	for _, record := range records {
 		event, err := deserializeEvent(record)
 		if err != nil {
-			log.WithError(err).Warnf("failed to deserialize event: %s", string(record))
-			continue
+			return nil, fmt.Errorf("failed to deserialize event: %w", err)
 		}
 		events = append(events, event)
 	}

---

183-246: Major: Weak error handling masks unmarshal failures.

The deserializeEvent function silently ignores JSON unmarshal errors. The pattern if err := json.Unmarshal(buf, &event); err == nil { return event, nil } means if unmarshal fails, execution continues to check other event types, eventually returning a generic "unknown event" error that doesn't distinguish between unrecognized types and deserialization failures. This was previously flagged in review comments.

Make errors explicit:

 	switch eventType.Type {
 	case domain.EventTypeRoundStarted:
 		var event = domain.RoundStarted{}
-		if err := json.Unmarshal(buf, &event); err == nil {
-			return event, nil
+		if err := json.Unmarshal(buf, &event); err != nil {
+			return nil, fmt.Errorf("failed to unmarshal RoundStarted: %w", err)
 		}
+		return event, nil
 	case domain.EventTypeRoundFinalizationStarted:
 		var event = domain.RoundFinalizationStarted{}
-		if err := json.Unmarshal(buf, &event); err == nil {
-			return event, nil
+		if err := json.Unmarshal(buf, &event); err != nil {
+			return nil, fmt.Errorf("failed to unmarshal RoundFinalizationStarted: %w", err)
 		}
+		return event, nil
 	// ... apply same pattern to all other cases ...
+	default:
+		return nil, fmt.Errorf("unknown event type: %s", eventType.Type)
 	}
-
-	return nil, fmt.Errorf("unknown event")

Configuration used: CodeRabbit UI

Review profile: CHILL

Plan: Pro

Learnt from: louisinger
Repo: arkade-os/arkd PR: 686
File: internal/core/application/fraud.go:47-61
Timestamp: 2025-08-28T08:21:01.170Z
Learning: In reactToFraud function in internal/core/application/fraud.go, the goroutine that waits for confirmation and schedules checkpoint sweep should use context.Background() instead of the request context, as this is intentional design to decouple the checkpoint sweep scheduling from the request lifetime.