refactor(upgrade): split migration logic into multiple files

[zakir-code]

Summary by CodeRabbit

Release Notes for v8 Upgrade

• New Features

  • Enhanced migration support for multiple blockchain modules
  • Improved denomination and token management across different system components

• Improvements

  • Updated parameter configurations for various modules
  • Refined metadata handling for tokens
  • Enhanced logging and tracking for migration processes

• Migrations

  • Comprehensive migration support for:
    • Bank module
    • Cross-chain operations
    • ERC20 tokens
    • Governance parameters
    • IBC transfers
    • Staking module
    • And more

• Technical Updates

  • Streamlined upgrade logic
  • Improved denomination management
  • Enhanced contract deployment and management capabilities

[coderabbitai]

Walkthrough

This pull request introduces a comprehensive upgrade package (v8) for a blockchain system, focusing on migrating and updating various module parameters, denominations, and smart contract configurations. The changes span multiple modules including bank, crosschain, ERC20, EVM, governance, and metadata management. The upgrade process involves renaming denominations, updating parameters, migrating token balances, and adjusting logging mechanisms across different components of the blockchain application.

Changes

File	Change Summary
app/upgrades/store/store.go	Enhanced logging for store key deletion with additional module context
app/upgrades/v8/bank.go	Added migration function for bank module, handling denomination transfers
app/upgrades/v8/bridge.go	Implemented functions for ERC20 token migration and cross-chain balance management
app/upgrades/v8/constants.go	Updated denomination constants and added escrow denomination retrieval function
app/upgrades/v8/contract.go	Added functions for deploying and updating smart contracts
app/upgrades/v8/crisis.go	Introduced migration function for crisis module parameters
app/upgrades/v8/crosschain.go	Added migration functions for crosschain parameters and module accounts
app/upgrades/v8/erc20.go	Implemented ERC20 token migration function
app/upgrades/v8/evm.go	Added function to migrate EVM parameters
app/upgrades/v8/feematket.go	Introduced function to migrate fee market gas prices
app/upgrades/v8/gov.go	Added functions for migrating governance parameters
app/upgrades/v8/ibc.go	Implemented token escrow migration function
app/upgrades/v8/metadata.go	Added functions for updating and migrating denomination metadata
app/upgrades/v8/upgrade.go	Significant refactoring of upgrade logic and removal of multiple migration functions
app/upgrades/v8/wrap_token.go	Updated logging statements for token migration

Possibly related PRs

• refactor(ibc): refine the conversion logic between ibc coin and base coin during ibc transfer #723: Refines IBC coin conversion logic during transfers
• perf(crosschain): simplify code and module references #726: Simplifies crosschain module code and references
• refactor(gov): migrate gov module to v8 #735: Migrates governance module to version 8

Poem

🐰 Upgrade Rabbit's Ballad 🚀

Through modules we hop and we leap,
Migrating tokens from legacy's keep,
Denominations dance and sway,
Blockchain magic finds its way!

CodeRabbit's upgrade, oh so bright! 🌟

✨ Finishing Touches

• 📝 Generate Docstrings (Beta)

---

Thank you for using CodeRabbit. We offer it for free to the OSS community and would appreciate your support in helping us grow. If you find it useful, would you consider giving us a shout-out on your favorite social media?

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

🪧 Tips

Chat

There are 3 ways to chat with CodeRabbit:

• Review comments: Directly reply to a review comment made by CodeRabbit. Example:
  • I pushed a fix in commit <commit_id>, please review it.
  • Generate unit testing code for this file.
  • Open a follow-up GitHub issue for this discussion.
• Files and specific lines of code (under the "Files changed" tab): Tag @coderabbitai in a new review comment at the desired location with your query. Examples:
  • @coderabbitai generate unit testing code for this file.
  • @coderabbitai modularize this function.
• PR comments: Tag @coderabbitai in a new PR comment to ask questions about the PR branch. For the best results, please provide a very specific query, as very limited context is provided in this mode. Examples:
  • @coderabbitai gather interesting stats about this repository and render them as a table. Additionally, render a pie chart showing the language distribution in the codebase.
  • @coderabbitai read src/utils.ts and generate unit testing code.
  • @coderabbitai read the files in the src/scheduler package and generate a class diagram using mermaid and a README in the markdown format.
  • @coderabbitai help me debug CodeRabbit configuration file.

Note: Be mindful of the bot's finite context window. It's strongly recommended to break down tasks such as reading entire modules into smaller chunks. For a focused discussion, use review comments to chat about specific files and their changes, instead of using the PR comments.

CodeRabbit Commands (Invoked using PR comments)

• @coderabbitai pause to pause the reviews on a PR.
• @coderabbitai resume to resume the paused reviews.
• @coderabbitai review to trigger an incremental review. This is useful when automatic reviews are disabled for the repository.
• @coderabbitai full review to do a full review from scratch and review all the files again.
• @coderabbitai summary to regenerate the summary of the PR.
• @coderabbitai generate docstrings to generate docstrings for this PR. (Beta)
• @coderabbitai resolve resolve all the CodeRabbit review comments.
• @coderabbitai configuration to show the current CodeRabbit configuration for the repository.
• @coderabbitai help to get help.

Other keywords and placeholders

• Add @coderabbitai ignore anywhere in the PR description to prevent this PR from being reviewed.
• Add @coderabbitai summary to generate the high-level summary at a specific location in the PR description.
• Add @coderabbitai anywhere in the PR title to generate the title automatically.

CodeRabbit Configuration File (.coderabbit.yaml)

• You can programmatically configure CodeRabbit by adding a .coderabbit.yaml file to the root of your repository.
• Please see the configuration documentation for more information.
• If your editor has YAML language server enabled, you can add the path at the top of this file to enable auto-completion and validation: # yaml-language-server: $schema=https://coderabbit.ai/integrations/schema.v2.json

Documentation and Community

• Visit our Documentation for detailed information on how to use CodeRabbit.
• Join our Discord Community to get help, request features, and share feedback.
• Follow us on X/Twitter for updates and announcements.

[coderabbitai]

Actionable comments posted: 4

🧹 Nitpick comments (16)

app/upgrades/v8/evm.go (1)

11-16: Add explanatory documentation and consider event logging.

The function itself is straightforward, but consider:

1. Adding a docstring to explain the reasoning behind overriding EvmDenom and HeaderHashNum.
2. Emitting events or logs to indicate a parameter migration occurred for tracking and troubleshooting.

+// migrateEvmParams updates the EVM module parameters, setting the default
+// EVM denomination and HeaderHashNum. Events/logs may be useful for auditing.
 func migrateEvmParams(ctx sdk.Context, evmKeeper *fxevmkeeper.Keeper) error {
     params := evmKeeper.GetParams(ctx)
     params.EvmDenom = fxtypes.DefaultDenom
     params.HeaderHashNum = evmtypes.DefaultHeaderHashNum
     return evmKeeper.SetParams(ctx, params)
 }

app/upgrades/v8/bank.go (3)

14-19: Clarify SendEnabled logic for migrated denominations.

Although the logic to transfer the "send enabled" flag from LegacyFXDenom to DefaultDenom looks correct, consider adding a clear in-code comment explaining why these steps are necessary. It will help maintainers understand the rationale behind toggling send capabilities after removing the legacy entry.

---

25-28: Improve error message for type assertion.

The error “bank keeper not implement bank.BaseKeeper” might be too terse. Consider including context on which keeper was expected and at which step, so administrators can quickly pinpoint misconfigurations if the type assertion fails.

- return errors.New("bank keeper not implement bank.BaseKeeper")
+ return errors.New("bankKeeper does not implement bank.BaseKeeper. Please ensure it is correctly configured for v8 migration.")

---

29-46: Validate coincident supply changes during iteration.

While iterating over all balances, multiple coin updates occur. If other modules also read or mutate balances in the same block, consider carefully reviewing concurrency assumptions or adding locks if applicable.

app/upgrades/v8/crosschain.go (2)

30-46: Handle absent module account more gracefully.

Currently, if the crosschain module account or its permissions are missing, an error is returned. Consider whether a fallback or an auto-creation mechanism might be appropriate, or at least log additional details to guide remediation steps in production.

---

48-56: Maintain backward compatibility checks for Oracle's DelegateAmount.

Swapping the oracle delegate amount in place is straightforward. However, validate that any consumers of the DelegateAmount (e.g., other chain modules or external APIs) can handle the newly swapped values without disruption.

app/upgrades/v8/metadata.go (1)

68-86: Validate adjusted display fields across IBC tokens.

The new logic sets md.Display to the first non-base DenomUnit. This is convenient, but certain IBC tokens might use additional denominations or non-standard display names. Test thoroughly to ensure correct display for chains with unconventional denom unit structures.

app/upgrades/v8/contract.go (2)

18-42: Validate usage of errors.New return paths.
The function correctly returns early on error conditions (e.g., no oracles found). For enhanced observability, consider wrapping errors to provide contextual details (e.g. fmt.Errorf("deployBridgeFeeContract: %w", err)).

---

75-77: Deployment logic for access control contract.
Function is succinct and reads well. You might add logging for success or failure outcomes, mirroring the pattern used in other deploy/update contract functions.

app/upgrades/v8/bridge.go (3)

18-33: Consider logging faced errors in migrateERC20TokenToCrosschain.
Errors are returned immediately, but adding logs before returning could make diagnosing migration failures easier.

---

54-81: Potentially revise complex condition checks in migrateBridgeBalance.
Nested conditions for aliases, base denominations, and symbol checks might become harder to maintain as new denominations or edge cases appear. Consider extracting the logic into smaller helper functions for clarity.

---

83-110: Evaluate partial migration failures.
If a single balance migration fails, the iteration stops immediately. This prevents migrating other valid balances. Consider collecting errors or applying partial reverts if feasible.

app/upgrades/v8/upgrade.go (1)

221-234: fixPundixCoin: Expose the rationale for minting.
Minting additional coins based on ERC20 supply is logically consistent but might merit clarifying logs or comments to explain the reason behind the minted amounts.

app/upgrades/v8/constants.go (1)

88-98: Validate chain-specific denomination mapping.
The new GetMigrateEscrowDenoms function hardcodes logic for testnet vs. mainnet. This is fine for now, but consider centralizing chain-specific logic to avoid duplication.

app/upgrades/v8/staking.go (1)

70-70: Return nil explicitly when no error is found.
Returning err directly works, but returning nil for the success path can be clearer.

-	return err
+	if err != nil {
+		return err
+	}
+	return nil

app/upgrades/v8/wrap_token.go (1)

56-56: Add more contextual fields to logs for enhanced observability.

Including "module", "upgrade" is beneficial, but consider adding details like the current block height or chain ID for better troubleshooting in production environments.

📜 Review details

Configuration used: CodeRabbit UI
Review profile: CHILL
Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between 8e9620e and af23037.

📒 Files selected for processing (17)

• app/upgrades/store/store.go (1 hunks)
• app/upgrades/v8/bank.go (1 hunks)
• app/upgrades/v8/bridge.go (1 hunks)
• app/upgrades/v8/constants.go (2 hunks)
• app/upgrades/v8/contract.go (1 hunks)
• app/upgrades/v8/crisis.go (1 hunks)
• app/upgrades/v8/crosschain.go (1 hunks)
• app/upgrades/v8/erc20.go (1 hunks)
• app/upgrades/v8/evm.go (1 hunks)
• app/upgrades/v8/feegrant.go (0 hunks)
• app/upgrades/v8/feematket.go (1 hunks)
• app/upgrades/v8/gov.go (1 hunks)
• app/upgrades/v8/ibc.go (1 hunks)
• app/upgrades/v8/metadata.go (1 hunks)
• app/upgrades/v8/staking.go (1 hunks)
• app/upgrades/v8/upgrade.go (2 hunks)
• app/upgrades/v8/wrap_token.go (2 hunks)

💤 Files with no reviewable changes (1)

• app/upgrades/v8/feegrant.go

🧰 Additional context used

🪛 GitHub Check: CodeQL

app/upgrades/v8/ibc.go

[warning] 13-23: Iteration over map
Iteration over map may be a possible source of non-determinism

⏰ Context from checks skipped due to timeout of 90000ms (2)

• GitHub Check: Mergify Merge Protections
• GitHub Check: Summary

🔇 Additional comments (24)

app/upgrades/v8/evm.go (2)

1-2: No issues with the package name.

Using a versioned package (v8) for a significant upgrade is a clear and organized approach that helps keep the code modular.

---

3-9: Imports look correct and consistent.

All required external packages are properly imported. Just ensure the references to fx-core/v8 are appropriately set in your go.mod to avoid version conflicts.

app/upgrades/v8/bank.go (2)

21-24: Verify zero or negative supply edge cases.

When retrieving and storing the supply for LegacyFXDenom, confirm you have test coverage for zero or negative supply scenarios. This prevents unexpected panics or unhandled errors during migration if the supply is already empty or inadvertently set to a negative value in upstream logic.

---

51-55: Confirm final supply reconciliation.

After removing LegacyFXDenom and setting the new supply for DefaultDenom, verify that no corner cases exist where the new supply is miscalculated. For instance, if supply bridging or external calls to the supply are triggered within the same migration block, ensure consistent state across modules.

app/upgrades/v8/crosschain.go (1)

14-28: Check boundary conditions on new DelegateThreshold.

When adjusting DelegateThreshold to the new default denomination and swapped amount, confirm it's tested with minimal and maximal threshold values to catch any precision or rounding issues.

app/upgrades/v8/metadata.go (2)

39-53: Confirm dictionary-based metadata removal approach.

You gather removeMetadata and then remove them from the BaseViewKeeper. Double-check concurrency assumptions and indexing, as well as whether any immediate re-creation of metadata might conflict with these removals during the same block.

---

55-66: Ensure updated default metadata for the new denom is sufficiently comprehensive.

When calling NewDefaultMetadata() for pundiai, confirm it includes all the required fields (e.g., display, symbol, description, and any necessary denom units). Incomplete metadata can degrade UX for explorers or wallet integrations.

app/upgrades/v8/contract.go (3)

1-2: Package and file structure look good.
No issues found with the package declaration and overall file structure.

---

4-16: Imports appear consistent and necessary.
All imports are used and relevant to the file context.

---

44-55: Confirm viability of forcibly deleting accounts.
evmKeeper.DeleteAccount is invoked for the contract and oracle addresses. Ensure there's no scenario where prior state or balances are needed post-upgrade. If partial refunds or record retention is required, you may want to handle it before deletion.

app/upgrades/v8/bridge.go (1)

35-52: Ensure minted supply doesn’t exceed expected constraints.
The function calculates new mints based on IBC supply differences, which is correct, but double-check any existing supply constraints, especially for test environments or total supply ceilings.

app/upgrades/v8/upgrade.go (2)

115-117: Flow check in upgradeMainnet: Migrate Gov params earlier or later?
You’re running migrateGovDefaultParams after migrateGovCustomParam. Verify that default param overrides don’t unintentionally override or conflict with custom param migrations.

---

240-280: fixPurseCoin: Carefully unify multi-chain supplies.
The function merges supply from multiple chains (ETH, BSC, IBC) into a base coin. Confirm that each chain’s crosschain minted coins remain in sync with underlying contract logic and that modules handle new minted coins properly.

app/upgrades/v8/feematket.go (2)

1-9: No issues with package declaration and imports
Everything here seems appropriate for the new migration logic.

---

11-16: Verify default gas price for production
Confirm that fxtypes.DefaultGasPrice aligns with your desired baseline. If it's too high/low, it could significantly impact transaction costs.

app/upgrades/v8/crisis.go (2)

1-9: Imports are correct
All imported packages are consistent with the file’s purpose.

---

11-19: Check correctness for crisis module’s constant fee
Assigning 133 * 1e18 to the fee requires validating that it aligns with your chain’s supply and desired penalty level. Otherwise, it could become too large or too small.

app/upgrades/v8/erc20.go (2)

1-9: No issues with package and imports
They align with the intended functionality for ERC20 migration.

---

10-20: Ensure robust handling of legacy token retrieval
Consider verifying that the old token actually exists. If LegacyFXDenom doesn’t exist, handle it gracefully rather than proceeding with an empty token.

app/upgrades/store/store.go (1)

20-20: Improved logging context
Including "module", "upgrade" in the log statement enhances clarity for debugging migration operations.

app/upgrades/v8/gov.go (2)

29-31: Ensure large deposit amount is correct.
A minimum deposit of 30×10^18 may be extremely high for certain governance proposals. Verify that this aligns with community expectations and usage patterns.

---

17-17: Double-check removed keys.
Ensure the removed store keys are no longer in use elsewhere in the codebase. This helps prevent accidental data loss or mismatch.

✅ Verification successful

Verified: Store key removal is part of planned v8 migration
The removed keys (FxBaseParamsKeyPrefix, FxEGFParamsKey) are being replaced with new custom params as part of a coordinated v8 upgrade. The immediate initialization of new params and presence of tests confirm this is a safe, planned migration.

🏁 Scripts executed

The following scripts were executed for the analysis:

Script:

#!/bin/bash
# Confirm that none of the removed keys are still in use.
rg -A 3 -B 3 'fxgovv8.GetRemovedStoreKeys' 

Length of output: 1045

---

Script:

#!/bin/bash
# Find the implementation of GetRemovedStoreKeys
ast-grep --pattern 'func GetRemovedStoreKeys() []string {
  $$$
}'

# In case it's not found with ast-grep, try ripgrep
rg -A 5 "func GetRemovedStoreKeys\(\)"

Length of output: 1196

app/upgrades/v8/constants.go (1)

64-66: Renamed constants improve clarity.
Thank you for renaming to pundixBaseDenom and purseBaseDenom—this is clearer.

app/upgrades/v8/wrap_token.go (1)

68-68: Maintain consistent logging style across different upgrade actions.

This log statement aligns well with the earlier log change. Ensuring consistent key-value pairs across all upgrade logs will help simplify log parsing and correlation.

[coderabbitai]

⚠️ Potential issue

Refine alias removal logic.

Aliasing is stripped from each DenomUnits[0] array. While removing them outright seems intentional, ensure this action doesn’t break external references reliant on these aliases (e.g., wallets or blockchain explorers).

[coderabbitai]

🛠️ Refactor suggestion

Mirror the error-handling approach from WPUNDIAI to ERC20.
Same rationale applies: returning an error on failure ensures that upgrade processes can cleanly fail when a contract update is unsuccessful.

[coderabbitai]

🛠️ Refactor suggestion

Consider returning error after logging contract update failures.
Both success and error paths are appropriately logged, but the function silently swallows errors. This could mask issues during upgrades. Returning an error might help detect failures earlier.

 func updateWPUNDIAILogicCode(ctx sdk.Context, keeper *fxevmkeeper.Keeper) error {
     wpundiai := contract.GetWPUNDIAI()
-    if err := keeper.UpdateContractCode(ctx, wpundiai.Address, wpundiai.Code); err != nil {
+    err := keeper.UpdateContractCode(ctx, wpundiai.Address, wpundiai.Code)
+    if err != nil {
         ctx.Logger().Error("update WPUNDIAI contract", "module", "upgrade", "err", err.Error())
+        return err
     } else {
         ctx.Logger().Info("update WPUNDIAI contract", "module", "upgrade", "codeHash", wpundiai.CodeHash())
     }
     return nil
 }

📝 Committable suggestion

‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.

Suggested change

	func updateWPUNDIAILogicCode(ctx sdk.Context, keeper *fxevmkeeper.Keeper) {
	wpundiai := contract.GetWPUNDIAI()
	if err := keeper.UpdateContractCode(ctx, wpundiai.Address, wpundiai.Code); err != nil {
	ctx.Logger().Error("update WPUNDIAI contract", "module", "upgrade", "err", err.Error())
	} else {
	ctx.Logger().Info("update WPUNDIAI contract", "module", "upgrade", "codeHash", wpundiai.CodeHash())
	}
	}
	func updateWPUNDIAILogicCode(ctx sdk.Context, keeper *fxevmkeeper.Keeper) error {
	wpundiai := contract.GetWPUNDIAI()
	err := keeper.UpdateContractCode(ctx, wpundiai.Address, wpundiai.Code)
	if err != nil {
	ctx.Logger().Error("update WPUNDIAI contract", "module", "upgrade", "err", err.Error())
	return err
	} else {
	ctx.Logger().Info("update WPUNDIAI contract", "module", "upgrade", "codeHash", wpundiai.CodeHash())
	}
	return nil
	}

[coderabbitai]

🛠️ Refactor suggestion

Address non-deterministic iteration over map.
In a blockchain environment, iterating over a map directly can introduce non-determinism. Consider sorting keys before processing them to ensure a deterministic sequence of migration.

-	for oldDenom, newDenom := range escrowDenoms {
+	sortedDenoms := make([]string, 0, len(escrowDenoms))
+	for denom := range escrowDenoms {
+		sortedDenoms = append(sortedDenoms, denom)
+	}
+	sort.Strings(sortedDenoms)
+
+	for _, oldDenom := range sortedDenoms {
+		newDenom := escrowDenoms[oldDenom]
 		totalEscrow := transferKeeper.GetTotalEscrowForDenom(ctx, oldDenom)
 		...

📝 Committable suggestion

‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.

Suggested change

	for oldDenom, newDenom := range escrowDenoms {
	totalEscrow := transferKeeper.GetTotalEscrowForDenom(ctx, oldDenom)
	newAmount := totalEscrow.Amount
	if oldDenom == fxtypes.LegacyFXDenom {
	newAmount = fxtypes.SwapAmount(newAmount)
	}
	// first remove old denom
	transferKeeper.SetTotalEscrowForDenom(ctx, sdk.NewCoin(oldDenom, sdkmath.ZeroInt()))
	// then add new denom
	transferKeeper.SetTotalEscrowForDenom(ctx, sdk.NewCoin(newDenom, newAmount))
	}
	sortedDenoms := make([]string, 0, len(escrowDenoms))
	for denom := range escrowDenoms {
	sortedDenoms = append(sortedDenoms, denom)
	}
	sort.Strings(sortedDenoms)
	for _, oldDenom := range sortedDenoms {
	newDenom := escrowDenoms[oldDenom]
	totalEscrow := transferKeeper.GetTotalEscrowForDenom(ctx, oldDenom)
	newAmount := totalEscrow.Amount
	if oldDenom == fxtypes.LegacyFXDenom {
	newAmount = fxtypes.SwapAmount(newAmount)
	}
	// first remove old denom
	transferKeeper.SetTotalEscrowForDenom(ctx, sdk.NewCoin(oldDenom, sdkmath.ZeroInt()))
	// then add new denom
	transferKeeper.SetTotalEscrowForDenom(ctx, sdk.NewCoin(newDenom, newAmount))
	}

🧰 Tools

🪛 GitHub Check: CodeQL

[warning] 13-23: Iteration over map
Iteration over map may be a possible source of non-determinism