handle consensus

[andrewkmin]

Summary & Motivation

$title

TLDR: Previously, the ACTIVITY_STATUS_CONSENSUS_NEEDED case was blatantly unhandled, resulting in misleading error messages/failure modes.

This change does the following:

• makes changes to the base sdk-browser and sdk-server clients to handle non-terminal activity statuses
• update various client libraries that depend on sdk-browser and sdk-server to allow for awaiting consensus
• adds helpers to retrieve signed transactions + signed messages once consensus has been met on the Turnkey side (i.e. in case of a timeout)
• @turnkey/viem now returns viem BaseErrors that wrap around TurnkeyActivityErrors. This also implicitly addresses err.walk is not a function #121
• includes new example scripts for the ethers, viem, and solana packages (e.g. retry.ts and consensus.ts) which exercise this new functionality

The end user experience is such that if there is a policy enforcing consensus, you can configure a poller to await consensus to be met. See screen recordings in the testing section below.

TODO:

• add unit tests (ideally — this requires policies)

How I Tested These Changes

local examples

Live polling for consensus during Ethers signing scripts:

Screen.Recording.2024-09-07.at.1.49.25.AM.mov

Consensus is not met at first within the polling retry limit, then later met, and the signature is retroactively retrieved + added to a Solana transaction
https://github.com/user-attachments/assets/af7fb6e3-46df-4785-a8ec-e2e7d4d1ff7e

Did you add a changeset?

If updating one of our packages, you'll likely need to add a changeset to your PR. To do so, run pnpm changeset. pnpm changeset will generate a file where you should write a human friendly message about the changes. Note how this (example) includes the package name (should be auto added by the command) along with the type of semver change (major.minor.patch) (which you should set).

These changes will be used at release time to determine what packages to publish and how to bump their version. For more context see this comment.

[codesandbox-ci]

This pull request is automatically built and testable in CodeSandbox.

To see build info of the built libraries, click here or the icon next to each commit SHA.

[zkharit]

What exactly does this look like in the case where an activity requires consensus? Should an error be thrown?

[andrewkmin]

Great question — ended up having the default behavior be to poll for 3 seconds, then return an error. At that point, it's up to the end-user to figure out how they want to handle the error. I've included some examples of handling in the various retry.ts files

[r-n-o]

What makes this example "consensus.ts"? I think consensus vs. not will be driven by the organization setting? (1 vs N root quorum users?)

(basically, it doesn't seem necessary to have separate consensus examples unless I'm missing something 🤔 )

[andrewkmin]

good call! not that useful. retry.ts should be enough to serve the purpose of demonstrating the scenario where one might be waiting for consensus

[r-n-o]

I think the key is to throw a different error when the activity is in need of consensus. Something like:

if (activity.status == "ACTIVITY_STATUS_NEEDS_CONSENSUS") {
    throw new TurnkeyActivityNeedsConsensus({
          message: `Activity requires consensus`,
          activityId: activity.id,
          activityStatus: activity.status as TActivityStatus,
        });
}

Then I agree with @andrewkmin, the retry or error behavior can be up to the caller.

[andrewkmin]

ended up adding some bespoke errors to viem. the thing is it needs .walk() so I ended up extending the BaseError class. let me know what you think — if it adds unnecessary complexity, happy to cut it or reduce it down!

[zkharit]

💯 🚢 🚀

[r-n-o]

Is this still relevant?

EDIT: I think it is! Ignore this.

[andrewkmin]

Yep! a bit ambiguous with the numbers though; will change them such that it might be a bit less confusing

[r-n-o]

this comment was probably not meant to be a permanent comment? :)

[r-n-o]

checkActivityStatus implies it's a stateless innocuous function but I think this is more heavy than it looks: it will throw errors! So maybe assertActivityCompleted since that's kind of what it boils down to?

[andrewkmin]

def more accurate!

[r-n-o]

Why the change from null to undefined?

[andrewkmin]

I went into this because of type compatibility, and ended up going with undefined for consistency. (functionally, null == undefined = true). Specifically, I feel like param: <Type X> | undefined better conveys the idea that the absence of the param is okay

[r-n-o]

Is activityId: TActivityId | undefined; equivalent to activityId?: TActivityId; then?

[r-n-o]

If that's the case I'm a definite +1 on the change; simpler to reason about!

[r-n-o]

the message could be "Cannot get signature from activity type ...etc...". Otherwise it's a bit unclear why it's "unexpected".

[r-n-o]

I'm also thinking this should not be called "TurnkeyActivityError". It's likely an SDK-level / user-level issue if this function is called on the wrong activity type. We might need a plain BadArgumentError? Otherwise users will be led to believe the issue is within the turnkey activity processing when they get this error.

[r-n-o]

Nice. Finally fixing the "retry forever" behavior! 🏆

[r-n-o]

Instead of defining these errors here, can we pull that into http? Is there a way to comply with viem's error interface (implement walk is one thing; maybe others?) without importing viem's BaseError directly?

We'd need to implement this interface in our http/shared errors: https://github.com/wevm/viem/blob/408948bb74685e9d562cd39f50768f9b282463fe/src/errors/base.ts#L37-L83

I don't think it'd hurt anything to have our errors implement more methods than they need to, but maybe not something we need right now; feels a bit awkward to be pushed by a particular framework to implement these methods for all Turnkey errors.

[andrewkmin]

+1 on the sentiment. I'm down to keep these encapsulated to just Viem for now. feels a bit awkward either way but we implement more at the base layer down the line if more cases arise!

[r-n-o]

🚀

[r-n-o]

Now that I'm seeing this with fresh eyes: the activity ID isn't used anywhere really, we're simply comparing the passed in status to CONSENSUS_NEEDED and COMPLETED. Don't think it's necessarily worth changing this but...a bit of an odd interface given nothing guarantees the passed in status come from the passed in activity ID :/

Maybe it'd be clearer if a TActivity was expected and passed in instead?

[andrewkmin]

Attempting this here: aa16d4d

The drawback of this approach is that it's a bit duplicative -- e.g. we return something like (paraphrasing)

{
...
result: activityData["result"]["activityResult"],
activity: activityData
...
}

So you see the overlap there, but having the result up front and center just makes access easier. The reason we needed this in the first place was originally for type-compatibility, but I realized it generally could be helpful to return all activity details

[r-n-o]

yeah it's definitely not super clear-cut, but I like this new version: assertActivityCompleted(activity); reads suuuper nice 😍