feat(signing): put in agreement with styleguide and port code samples to Tolk#2127
feat(signing): put in agreement with styleguide and port code samples to Tolk#2127aigerimu wants to merge 6 commits into
Conversation
|
Warning Rate limit exceeded
To keep reviews running without waiting, you can enable usage-based add-on for your organization. This allows additional reviews beyond the hourly cap. Account admins can enable it under billing. ⌛ How to resolve this issue?After the wait time has elapsed, a review can be triggered using the We recommend that you space out your commits to avoid hitting the rate limit. 🚦 How do rate limits work?CodeRabbit enforces hourly rate limits for each developer per organization. Our paid plans have higher rate limits than the trial, open-source and free plans. In all cases, we re-allow further reviews after a brief timeout. Please see our FAQ for further information. ℹ️ Review info⚙️ Run configurationConfiguration used: defaults Review profile: CHILL Plan: Pro Run ID: 📒 Files selected for processing (1)
📝 WalkthroughWalkthroughRewrites the "Signing messages" MDX page: restructures content into instructional sequences, converts FunC examples to Tolk with updated method calls, reorders verification methods, and adjusts wording/formatting throughout the document. Changes
Estimated code review effort🎯 3 (Moderate) | ⏱️ ~20 minutes Suggested reviewers
Poem
🚥 Pre-merge checks | ✅ 5✅ Passed checks (5 passed)
✏️ Tip: You can configure your own custom pre-merge checks in the settings. ✨ Finishing Touches🧪 Generate unit tests (beta)
Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out. Review rate limit: 0/1 reviews remaining, refill in 6 minutes and 37 seconds.Comment |
|
Preview deployment for your docs. Learn more about Mintlify Previews.
💡 Tip: Enable Workflows to automatically generate PRs for you. |
![coderabbitai[bot]](https://avatars.githubusercontent.com/in/347564?s=60&v=4){kind=small}
There was a problem hiding this comment.
Actionable comments posted: 3
🧹 Nitpick comments (1)
contract-dev/techniques/signing.mdx (1)
73-79: LanguageTool: repeated sentence openings.In both Example 1 (Lines 75-79) and Example 2 (Lines 98-101), four consecutive steps start with "Wallet contract …". Consider varying the subject (e.g., "It verifies …", "Then checks seqno …") or merging tightly related steps to improve readability. Low priority.
Also applies to: 93-101
🤖 Prompt for AI Agents
Verify each finding against the current code and only fix it if needed. In `@contract-dev/techniques/signing.mdx` around lines 73 - 79, The steps list repeats the subject "Wallet contract" several times in both Example 1 and Example 2; update the step wording to improve flow by varying sentence openings or merging closely related steps: for instance, change some "Wallet contract verifies the signature." to "It verifies the signature.", merge "Wallet contract checks seqno for replay protection." and "Wallet contract accepts the message and pays gas..." into "It checks seqno for replay protection, accepts the message, and pays gas from the wallet balance.", and/or reorder to combine verification, seqno check and acceptance into one coherent step; apply similar edits to the other example so the repeated "Wallet contract ..." phrasing is reduced.
🤖 Prompt for all review comments with AI agents
Verify each finding against the current code and only fix it if needed.
Inline comments:
In `@contract-dev/techniques/signing.mdx`:
- Line 202: The sentence "This approach is used in preprocessed wallet v2,
highload wallet v3" is missing terminal punctuation; edit the line in
signing.mdx (the sentence text) to add a period (or other appropriate terminal
punctuation) at the end so it reads "This approach is used in preprocessed
wallet v2, highload wallet v3." and matches surrounding documentation style.
- Line 254: The sentence currently implies all TVM versions introduce builder
hashing; update the phrasing around `HASHBU` to align with the earlier "Recent
TVM versions" wording and, if possible, name the specific TVM release that added
`HASHBU` (e.g., "since TVM vX.Y.Z") or otherwise prefix with "Recent TVM
versions" and add a citation/reference; ensure the sentence mentions the
`HASHBU` instruction explicitly and clarifies that it is an optimization that
reduces gas cost by hashing builder data rather than treating it as a slice.
- Line 43: Edit the sentence in signing.mdx that states "consistent signing
time" for Ed25519; remove that phrase and rephrase to say Ed25519 signatures in
TON operate on hashes to ensure fixed-size input and to satisfy the 1016-bit /
ignored-refs limitation of CHKSIGNS (keep the existing CHKSIGNS explanation at
Line 61). Update the line mentioning Ed25519 so it only references fixed-size
input and the CHKSIGNS limitation, not timing implications.
---
Nitpick comments:
In `@contract-dev/techniques/signing.mdx`:
- Around line 73-79: The steps list repeats the subject "Wallet contract"
several times in both Example 1 and Example 2; update the step wording to
improve flow by varying sentence openings or merging closely related steps: for
instance, change some "Wallet contract verifies the signature." to "It verifies
the signature.", merge "Wallet contract checks seqno for replay protection." and
"Wallet contract accepts the message and pays gas..." into "It checks seqno for
replay protection, accepts the message, and pays gas from the wallet balance.",
and/or reorder to combine verification, seqno check and acceptance into one
coherent step; apply similar edits to the other example so the repeated "Wallet
contract ..." phrasing is reduced.
🪄 Autofix (Beta)
Fix all unresolved CodeRabbit comments on this PR:
- Push a commit to this branch (recommended)
- Create a new PR with the fixes
ℹ️ Review info
⚙️ Run configuration
Configuration used: defaults
Review profile: CHILL
Plan: Pro
Run ID: dce42ec4-76a4-4105-bbc1-3ff11c4be72d
📒 Files selected for processing (1)
contract-dev/techniques/signing.mdx
![github-actions[bot]](https://avatars.githubusercontent.com/in/15368?s=60&v=4){kind=small}
|
Thanks for the updates to Per-comment submission: 1 posted, 1 failed. Unposted inline comments (raw text):
|
|
/review |
There was a problem hiding this comment.
♻️ Duplicate comments (3)
contract-dev/techniques/signing.mdx (3)
61-61:⚠️ Potential issue | 🟡 Minor | ⚡ Quick win
cell referencespoints to the wrong docs page.This link targets the library-cell page, not general cell/reference behavior. Use the general cells page instead.
Suggested tweak
-Hash-based verification (`CHKSIGNU`) is preferred because `CHKSIGNS` only processes data from a single cell with a maximum size of 127 × 8 = 1016 bits and ignores [cell references](/foundations/serialization/library). For messages containing multiple cells or references, hashing the entire structure first is required. +Hash-based verification (`CHKSIGNU`) is preferred because `CHKSIGNS` only processes data from a single cell with a maximum size of 127 × 8 = 1016 bits and ignores [cell references](/foundations/serialization/cells). For messages containing multiple cells or references, hashing the entire structure first is required.🤖 Prompt for AI Agents
Verify each finding against the current code and only fix it if needed. In `@contract-dev/techniques/signing.mdx` at line 61, Update the markdown link labeled "cell references" in the sentence referencing CHKSIGNU and CHKSIGNS so it points to the general cells documentation page instead of the library-cell page; locate the line mentioning "cell references" near the CHKSIGNU/CHKSIGNS explanation and replace the current target URL with the general cells page URL while keeping the link text unchanged.
2-3:⚠️ Potential issue | 🟠 Major | ⚡ Quick winSidebar label is still not action-oriented for a how-to page.
The title is task-based, but
sidebarTitle: "Signing messages"is still noun-form. Prefer an action label for consistency with how-to navigation.Suggested tweak
title: "How to sign messages" -sidebarTitle: "Signing messages" +sidebarTitle: "Sign messages"🤖 Prompt for AI Agents
Verify each finding against the current code and only fix it if needed. In `@contract-dev/techniques/signing.mdx` around lines 2 - 3, The sidebarTitle frontmatter is noun-form and should be action-oriented to match the how-to title; update the sidebarTitle field (sidebarTitle: "Signing messages") to an imperative/action label such as "Sign messages" or "How to sign messages" in the file's frontmatter so the sidebar reads as a task — edit the sidebarTitle value accordingly to maintain consistency with the page title.
195-195:⚠️ Potential issue | 🟡 Minor | ⚡ Quick winHASHBU availability should name the exact TVM version consistently.
Line 195 says “Recent TVM versions,” while Line 254 says “TVM versions introduce...”. Since this was explicitly being clarified, use a concrete version (
TVM v12) in both places.Suggested tweak
- Recent TVM versions support `builder.hash()` for efficient hashing. [Convert the slice to a builder and hash it](`#optimization-builder-hashing`) — this costs less than 100 gas total. + Starting with TVM v12, `builder.hash()` is available for efficient hashing. [Convert the slice to a builder and hash it](`#optimization-builder-hashing`) — this costs less than 100 gas total.-TVM versions introduce builder hashing through the `HASHBU` instruction. This optimization reduces the gas cost of the signed data as a slice approach. +Starting with TVM v12, builder hashing is available through the `HASHBU` instruction. This optimization reduces the gas cost of the "signed data as slice" approach.In ton-blockchain/ton GlobalVersions.md, which TVM version introduced HASHBU, and what wording is best to document its availability in user docs?Also applies to: 254-254
🤖 Prompt for AI Agents
Verify each finding against the current code and only fix it if needed. In `@contract-dev/techniques/signing.mdx` at line 195, Replace the vague phrasing that says “Recent TVM versions” and “TVM versions introduce...” with the concrete version that introduced HASHBU: use “TVM v12” in both occurrences; specifically edit the sentences mentioning builder.hash() and HASHBU (e.g., the line referencing builder.hash() and the later sentence about TVM introducing HASHBU) to read that HASHBU is available since TVM v12 so the doc consistently names the exact version.
🤖 Prompt for all review comments with AI agents
Verify each finding against the current code and only fix it if needed.
Duplicate comments:
In `@contract-dev/techniques/signing.mdx`:
- Line 61: Update the markdown link labeled "cell references" in the sentence
referencing CHKSIGNU and CHKSIGNS so it points to the general cells
documentation page instead of the library-cell page; locate the line mentioning
"cell references" near the CHKSIGNU/CHKSIGNS explanation and replace the current
target URL with the general cells page URL while keeping the link text
unchanged.
- Around line 2-3: The sidebarTitle frontmatter is noun-form and should be
action-oriented to match the how-to title; update the sidebarTitle field
(sidebarTitle: "Signing messages") to an imperative/action label such as "Sign
messages" or "How to sign messages" in the file's frontmatter so the sidebar
reads as a task — edit the sidebarTitle value accordingly to maintain
consistency with the page title.
- Line 195: Replace the vague phrasing that says “Recent TVM versions” and “TVM
versions introduce...” with the concrete version that introduced HASHBU: use
“TVM v12” in both occurrences; specifically edit the sentences mentioning
builder.hash() and HASHBU (e.g., the line referencing builder.hash() and the
later sentence about TVM introducing HASHBU) to read that HASHBU is available
since TVM v12 so the doc consistently names the exact version.
ℹ️ Review info
⚙️ Run configuration
Configuration used: defaults
Review profile: CHILL
Plan: Pro
Run ID: 84d6132c-38f3-43ba-a5c7-d58f3f61af18
📒 Files selected for processing (1)
contract-dev/techniques/signing.mdx
Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
| Schema — Wallet v3r2: | ||
| Schema for wallet v3r2: | ||
|
|
||
| ```tlb |
There was a problem hiding this comment.
| ```tlb | |
| ```tlb title="TL-B" |
| ```func | ||
| slice signature = in_msg_body~load_bits(512); | ||
| slice signed_data = in_msg_body; // Remaining data | ||
| ```tolk |
There was a problem hiding this comment.
| ```tolk | |
| ```tolk title="Tolk" |
| Schema — Preprocessed Wallet v2: | ||
| Schema for preprocessed wallet v2: | ||
|
|
||
| ```tlb |
There was a problem hiding this comment.
| ```tlb | |
| ```tlb title="TL-B" |
| ```func | ||
| slice signature = in_msg_body~load_bits(512); | ||
| cell signed_data = in_msg_body~load_ref(); // Signed data as cell | ||
| ```tolk |
There was a problem hiding this comment.
| ```tolk | |
| ```tolk title="Tolk" |
| Choose the structure based on the contract design (see [Message structure for signing](#message-structure-for-signing) above): | ||
| Choose the structure based on the contract design: | ||
|
|
||
| ```typescript |
There was a problem hiding this comment.
| ```typescript | |
| ```typescript title="TypeScript" |
|
|
||
| Build the message data that will be signed: | ||
|
|
||
| ```typescript |
There was a problem hiding this comment.
| ```typescript title="TypeScript" |
|
|
||
| Sign the hash of the signed data: | ||
|
|
||
| ```typescript |
There was a problem hiding this comment.
| ```typescript title="TypeScript" |
|
|
||
| Generate a new mnemonic: | ||
|
|
||
| ```typescript |
There was a problem hiding this comment.
| ```typescript title="TypeScript" |
|
|
||
| Load an existing mnemonic: | ||
|
|
||
| ```typescript |
There was a problem hiding this comment.
| ```typescript title="TypeScript" |
| ```func | ||
| slice signature = in_msg_body~load_bits(512); | ||
| slice signed_data = in_msg_body; | ||
| ```tolk |
There was a problem hiding this comment.
| ```tolk | |
| ```tolk title="Tolk" |
| ```tolk | ||
| val signature = inMsgBody.loadBits(512); | ||
| val signedData = inMsgBody; // remaining data | ||
|
|
||
| int hash = slice_hash(signed_data); // 526 gas | ||
| throw_unless(35, check_signature(hash, signature, public_key)); | ||
| val hash = signedData.hash(); | ||
| assert (isSignatureValid(hash, signature, publicKey)) throw 35; | ||
| ``` |
There was a problem hiding this comment.
in Tolk, loadBits and loadRef are mutating slice methods (mutate self), so they need the receiver to be var, not val. as written inMsgBody is unbound here, and if a reader pastes this body into a contract handler where inMsgBody is the typical immutable parameter, the snippet fails to compile. could we either declare inMsgBody explicitly or call it out?
same fix needed at lines 236-242 (loadRef) and at lines 258-265
| ```tolk | |
| val signature = inMsgBody.loadBits(512); | |
| val signedData = inMsgBody; // remaining data | |
| int hash = slice_hash(signed_data); // 526 gas | |
| throw_unless(35, check_signature(hash, signature, public_key)); | |
| val hash = signedData.hash(); | |
| assert (isSignatureValid(hash, signature, publicKey)) throw 35; | |
| ``` | |
| ```tolk | |
| var inMsgBody = in.body; | |
| val signature = inMsgBody.loadBits(512); | |
| val signedData = inMsgBody; // remaining data | |
| val hash = signedData.hash(); | |
| assert (isSignatureValid(hash, signature, publicKey)) throw 35; |
| - [Node.js](https://nodejs.org/en/download/) 18 or later LTS | ||
|
|
||
| Install required packages: | ||
| ### Step 0: Install dependencies |
There was a problem hiding this comment.
Step 0 is unusual - step lists in other how-tos on the site start from Step 1.the existing Step 1 onwards shifts up by one? keeps the page consistent with patterns like the first-smart-contract tutorial where setup is step 1
| ### Step 0: Install dependencies | |
| ### Step 1: Install dependencies |
and bump the labels at lines 291 (Step 1 -> Step 2), 317 (Step 2 -> Step 3), 329 (Step 3 -> Step 4), 347 (Step 4 -> Step 5), 358 (Step 5 -> Step 6)
| | [BLS12-381](https://en.wikipedia.org/wiki/BLS_digital_signature) | Pairing-based operations for signature aggregation and zero-knowledge proofs. | | ||
| | [Ristretto255](https://en.wikipedia.org/wiki/Curve25519#Ristretto) | Prime-order group over Curve25519 for advanced cryptographic constructions. | | ||
|
|
||
| For details, see crypto instructions in [TVM instructions](/tvm/instructions). |
There was a problem hiding this comment.
tiny: crypto instructions in [TVM instructions] says "instructions" twice in a row
| For details, see crypto instructions in [TVM instructions](/tvm/instructions). | |
| For details, see the [cryptographic primitives in TVM instructions](/tvm/instructions#cryptography). |
3 participants
closes #2116
closes #2126
Summary by CodeRabbit