v29: Harden ENSJobPages preview & FreeTrialSubdomainRegistrarIdentity (contract-faithful identity flow)#1480
Conversation
![chatgpt-codex-connector[bot]](https://avatars.githubusercontent.com/in/1144995?s=60&v=4){kind=small}
There was a problem hiding this comment.
💡 Codex Review
Here are some automated review suggestions for this pull request.
Reviewed commit: 79e070c225
ℹ️ About Codex in GitHub
Your team has set up Codex to review pull requests in this repo. Reviews are triggered when you
- Open a pull request for review
- Mark a draft as ready
- Comment "@codex review".
If Codex has suggestions, it will comment; otherwise it will react with 👍.
Codex can also answer questions or update the PR. Try commenting "@codex address that feedback".
| const wrapperAddr = wrapperCheckDegraded ? NAME_WRAPPER : managerWrapperAddr; | ||
| if(!wrapperAddr || isZeroAddress(wrapperAddr)) throw new Error('No usable NameWrapper address available for verification.'); | ||
| const nw = new web3.eth.Contract(NameWrapperABI, wrapperAddr); | ||
| const runtimeNameWrapper = await agiJobManager?.methods?.nameWrapper().call().catch(()=> '') || NAME_WRAPPER; |
There was a problem hiding this comment.
This lookup now falls back only on empty/failed reads, not on the all-zero address, so when AGIJobManager.nameWrapper() returns 0x000...000 the code still instantiates NameWrapperABI at the zero address and ownerOf/approval checks fail. In that degraded-but-supported configuration, ENS role verification regresses from "works with fallback" to hard error for agent/club validation.
Useful? React with 👍 / 👎.
| if(preview?.tokenId && !!preview?.identityExists){ | ||
| const [ownerOf, labelData, tokenURI, lockedState] = await Promise.all([ | ||
| freeTrialRegistrarIdentity.methods.ownerOf(preview.tokenId).call().catch(()=> preview?.tokenOwner || ''), | ||
| if(preview?.identityExists && preview?.tokenId){ |
There was a problem hiding this comment.
The token-card rendering now only updates inside if (preview?.identityExists && preview?.tokenId) and no longer has the previous reset branch, so switching from a label with an identity token to one without a token leaves stale owner/minted/metadata/image values on screen. The same stale state occurs when tokenURI is not base64 JSON, because that path also no longer clears metadata fields.
Useful? React with 👍 / 👎.
| }else if(connected && isMainnet && hasAcceptedTerms && !verified.agentAlpha){ | ||
| title = 'Mint your alpha-agent ENS access key'; | ||
| body = 'You can mint a free-trial *.alpha.agent.agi.eth identity now (gas only), then auto-verify it for agent readiness.'; |
There was a problem hiding this comment.
Mission-control now branches on !verified.agentAlpha before any preview-driven claim/sync logic, while the p.claimable/desynced checks were moved into the later System ready block. That means wallets with claimable/desynced identity state but no local ENS verification flag are steered to "mint free alpha-agent ENS" instead of the correct claim/sync repair action.
Useful? React with 👍 / 👎.
There was a problem hiding this comment.
💡 Codex Review
Here are some automated review suggestions for this pull request.
Reviewed commit: ac746fc3b0
ℹ️ About Codex in GitHub
Your team has set up Codex to review pull requests in this repo. Reviews are triggered when you
- Open a pull request for review
- Mark a draft as ready
- Comment "@codex review".
If Codex has suggestions, it will comment; otherwise it will react with 👍.
Codex can also answer questions or update the PR. Try commenting "@codex address that feedback".
| }else if(connected && isMainnet && hasAcceptedTerms && !verified.agentAlpha){ | ||
| title = 'Mint your alpha-agent ENS access key'; | ||
| body = 'You can mint a free-trial *.alpha.agent.agi.eth identity now (gas only), then auto-verify it for agent readiness.'; |
There was a problem hiding this comment.
The new !verified.agentAlpha branch now runs before both the validator (jobStats.completion > 0 && verified.club) and agent (jobStats.open > 0 && verified.agent) branches, so connected mainnet users who have actionable jobs but lack the alpha badge are redirected to mint guidance instead of the task they can perform right now. This regresses mission-control prioritization and can hide urgent review/apply workflows behind an unrelated identity prompt.
Useful? React with 👍 / 👎.
| const lockedReason = identityWriteLockedReason(preview); | ||
| const registerEnabled = !lockedReason && preview?.registrable; | ||
| const claimEnabled = !lockedReason && preview?.claimable; | ||
| const syncEnabled = !lockedReason && preview?.identityExists && (preview.status===3 || preview.status===4); |
There was a problem hiding this comment.
This flow still detects a ROOT_NODE mismatch, but lockedReason no longer incorporates that condition, so register/claim/sync can remain enabled even when namehash(ALPHA_AGENT_PARENT) disagrees with the contract root. In that misconfigured state users are prompted to submit identity writes that are expected to fail or target inconsistent state, whereas the previous logic explicitly locked writes on mismatch.
Useful? React with 👍 / 👎.
There was a problem hiding this comment.
💡 Codex Review
Here are some automated review suggestions for this pull request.
Reviewed commit: 82a0255f1c
ℹ️ About Codex in GitHub
Your team has set up Codex to review pull requests in this repo. Reviews are triggered when you
- Open a pull request for review
- Mark a draft as ready
- Comment "@codex review".
If Codex has suggestions, it will comment; otherwise it will react with 👍.
Codex can also answer questions or update the PR. Try commenting "@codex address that feedback".
|
|
||
| const rootMismatch = (rootNode || h?.rootNode) && computed.toLowerCase() !== String(h?.rootNode || rootNode).toLowerCase(); | ||
| let mismatchWarnings = []; | ||
| const rootNodeMismatch = !!rootNode && computed.toLowerCase() !== String(rootNode).toLowerCase(); |
There was a problem hiding this comment.
rootNodeMismatch now compares only ROOT_NODE() output, but that getter is read with .catch(()=> '') and can fail independently from rootHealth(). In that degraded-read scenario, rootNodeMismatch becomes false even when rootHealth.rootNode disagrees with namehash(ALPHA_AGENT_PARENT), so lockedReason no longer blocks register/claim/sync and users can be prompted into writes against an inconsistent root. The previous logic used the health tuple as a fallback and avoided this safety regression.
Useful? React with 👍 / 👎.
1 participant
Motivation
job-<id>label guesses, simplified identity ABI) and drive identity UX from the registrarpreview(label)+rootHealth()canonical reads.Description
AGIJobManager.ensJobPages()first and then use the verified fallback0x06188e77c1c38d392b16d9d9fb24673363ce1da0with explicitensPagesAddressSourcetracking, and hydrate the preview with live getters includingowner,ens,nameWrapper,publicResolver,jobLabelPrefix,jobLabelSnapshot(nextJobId),jobEns*andnextJobId.ENSJobPagesABIandFreeTrialSubdomainRegistrarIdentityABIshapes to match the authoritative contract tuples forrootHealth,preview, andlabelData, and parse their full return tuples.preview(label)is the primary truth driving status labels, CTA enablement, token card fields, and post-success refresh; map status codes to named states and enableregister,claimIdentity, andsyncIdentityByLabelaccording to the contract semantics.FreeTrialSubdomainRegistrarIdentity.register(label)), preserve the ENS-only expertregisterSimple(parentNode,label,newOwner)path as secondary (recipient override only on ENS-only path), and do not expose any transfer/approval controls for the soulbound identity NFT.claimableanddesynced/expiredrepair states win ahead of generic mint prompts; prefer live reads for wrapper/resolver viaAGIJobManager.nameWrapper()/ens()and show explicit degraded messaging when those reads fail.tokenURIJSON (base64 data:) client-side to populate NFT name/description/image and display the identity token card fields usingpreview(label),ownerOf(tokenId), andlabelData(tokenId)in contract-faithful ways; add root-health cross-checks (namehash vsROOT_NODE) and mismatch warnings for wrapper/registry differences.Testing
node --check /tmp/v29.jsto validate script syntax after the changes, which succeeded.0xc19A84,job-<id>,job-${, andalert|confirm|prompt) and found none of the banned items present; these checks passed.parseIdentityPreviewResult, ENSJobPages resolution) via local JS inspection and small runtime checks in the file; these validated the updated parsing and runtime-read ordering.file://screenshot run to visually verify layout, which failed in the current container environment due tofile:///resolution constraints (environmental limitation), not a code error; no browser artifact produced.Codex Task