Nnennaokoye/acbu smart contract

[nnennaokoye]

Closes #336
Closes #337
Closes #354
Closes #358

Summary by CodeRabbit

• New Features

  • Added initialization checks across multiple contracts so apps can verify whether a contract is ready to use.
  • Added paginated access to user deposit lots, making large histories easier to browse and load in smaller chunks.

• Bug Fixes

  • Improved reserve verification by adding a cooldown between checks, reducing repeated calls too close together.

• Tests

  • Added regression coverage for pagination behavior and utility calculations.

[drips-wave]

@nnennaokoye Great news! 🎉 Based on an automated assessment of this PR, the linked Wave issue(s) no longer count against your application limits.

You can now already apply to more issues while waiting for a review of this PR. Keep up the great work! 🚀

Learn more about application limits

[coderabbitai]

Warning

Review limit reached

@nnennaokoye, we couldn't start this review because you've reached your PR review rate limit.

More reviews will be available in 37 minutes and 20 seconds. Learn how PR review limits work.

Your organization has used up its prepaid credits, and credit purchases are no longer available. Enable the review add-on in the billing tab to keep reviews running — you're only billed for reviews past your plan's rate limits ($0.25/file).

⌛ How to resolve this issue?

After more reviews become available, a review can be triggered using the @coderabbitai review command as a PR comment. Alternatively, push new commits to this PR.

To avoid repeated limits, reduce automatic review volume by pausing incremental auto-reviews earlier, using label-based review opt-in, excluding WIP or generated PR titles, or requesting reviews manually when the PR is ready. If your team needs uninterrupted high-volume reviews, an organization admin can enable usage-based credits.

🚦 How do rate limits work?

CodeRabbit enforces per-developer PR review limits for each organization. Most developers receive the normal plan review availability.

For paid Pro and Pro+ PR reviews, CodeRabbit uses adaptive limits for sustained high-volume activity. When a developer's recent PR review activity reaches the 95th percentile or higher among CodeRabbit users, additional reviews become available more gradually as earlier reviews age out of the rolling window.

Please see our Fair Usage Limits Policy for further information.

ℹ️ Review info

⚙️ Run configuration

Configuration used: defaults

Review profile: CHILL

Plan: Pro

Run ID: cef9dcd1-aefc-441a-b908-59625cf771ab

📥 Commits

Reviewing files that changed from the base of the PR and between 17c33f7 and 740540a.

📒 Files selected for processing (4)

• acbu_reserve_tracker/src/lib.rs
• acbu_savings_vault/src/lib.rs
• acbu_savings_vault/tests/test.rs
• shared/tests/test_utilities.rs

📝 Walkthrough

Walkthrough

Adds a shared is_initialized helper (checks DataKey::Version in instance storage) and exposes it on the minting, reserve-tracker, and savings-vault contracts. Introduces a 60-second cooldown on verify_reserves via a new last_verify_call storage field. Adds a paginated get_user_lots method to the savings vault. Adds unit tests for shared math utilities.

Changes

Contract helpers, rate-limiting, and shared utilities

Layer / File(s)	Summary
Shared is_initialized helper and utility tests shared/src/lib.rs, shared/tests/test_utilities.rs	Adds is_initialized checking DataKey::Version in instance storage; adds a new test module with coverage for calculate_fee, calculate_amount_after_fee, and calculate_deviation edge cases.
is_initialized on minting and savings vault acbu_minting/src/lib.rs, acbu_savings_vault/src/lib.rs	Adds the public is_initialized method to both contracts, each returning presence of SharedDataKey::Version in instance storage.
verify_reserves cooldown and is_initialized on reserve tracker acbu_reserve_tracker/src/lib.rs	Extends DataKey with last_verify_call, defines VERIFY_RESERVES_COOLDOWN_SECONDS = 60, gates verify_reserves to return false within the cooldown window, and adds is_initialized.
get_user_lots pagination and tests acbu_savings_vault/src/lib.rs, acbu_savings_vault/tests/test.rs	Adds paginated get_user_lots (offset/limit, max 100 per page) and a regression test validating behavior across 150 lots at various offsets and limits.

Estimated code review effort

🎯 3 (Moderate) | ⏱️ ~20 minutes

Possibly related PRs

• Pi-Defi-world/acbu-smart-contract#145: Introduced the SharedDataKey::Version storage mechanism that all new is_initialized methods rely on.
• Pi-Defi-world/acbu-smart-contract#270: Also modifies verify_reserves in acbu_reserve_tracker, overlapping with this PR's cooldown changes to the same function.

Poem

🐇 Hoppity-hop through the contract land,
A cooldown timer now guards the band.
is_initialized answers the call—
No cryptic errors, no stumbling at all.
Paginated lots in a tidy row,
This bunny's code puts on quite a show! 🌟

🚥 Pre-merge checks | ✅ 4 | ❌ 1

❌ Failed checks (1 inconclusive)

Check name	Status	Explanation	Resolution
Title check	❓ Inconclusive	The title is generic and only names the repo, not the actual changes in pagination, rate limiting, tests, or initialization helpers.	Use a descriptive title that highlights the main change, such as adding pagination, rate limiting, tests, and initialization helpers to ACBU contracts.

✅ Passed checks (4 passed)

Check name	Status	Explanation
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.
Linked Issues check	✅ Passed	The PR addresses #336, #337, #354, and #358 with pagination, a verify_reserves cooldown, shared tests, and is_initialized helpers.
Out of Scope Changes check	✅ Passed	No obvious out-of-scope code changes appear; the added tests and helpers align with the linked issue objectives.
Docstring Coverage	✅ Passed	Docstring coverage is 100.00% which is sufficient. The required threshold is 80.00%.

✨ Finishing Touches

🧪 Generate unit tests (beta)

• Create PR with unit tests

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands.}

[coderabbitai]

Actionable comments posted: 4

🤖 Prompt for all review comments with AI agents

Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

Inline comments:
In `@acbu_reserve_tracker/src/lib.rs`:
- Around line 137-148: The cooldown in the reserve verification path is
contract-wide and permissionless, which lets any caller consume the shared slot
and block everyone else. Update the verify flow in
acbu_reserve_tracker/src/lib.rs around the last_verify_call check so the
cooldown is enforced per caller or only for authorized callers, and use a
distinct rate-limit response instead of returning false for both cooldown and
insufficient reserves. Use the existing verify entrypoint and
DATA_KEY.last_verify_call logic to locate the fix.

In `@acbu_savings_vault/src/lib.rs`:
- Around line 495-505: The `limit` contract in the deposit-lots pagination API
is inconsistent: the doc comment says `0` means no limit, but the implementation
coerces `0` to `100`. Update the `get_deposit_lots` docs and any related
pagination docs/comments to match the actual behavior, or change the `limit`
handling so `0` באמת means unbounded; keep the wording aligned wherever this
behavior is described.
- Around line 516-547: The pagination logic in the getter still deserializes the
entire temporary Vec<DepositLot> for a user/term bucket before slicing, so large
buckets can still hit Soroban resource limits. Update the storage/access pattern
used by deposit() and this retrieval path so lots are stored and fetched in
page- or lot-granularity keys, and only the requested window is loaded in the
pagination function instead of calling temporary().get on the full bucket.

In `@acbu_savings_vault/tests/test.rs`:
- Around line 515-538: The pagination test only checks counts because all lots
created in the deposit loop are identical, so it can miss overlap or
wrong-window bugs in get_user_lots. Update the test setup to make each deposited
lot uniquely distinguishable (for example by varying a field per iteration) and
add assertions that verify the actual page boundaries for the first and second
pages, not just lengths. Also add a case in the get_user_lots coverage for a
limit greater than 100 to confirm the clamp behavior in the pagination logic.

🪄 Autofix (Beta)

Fix all unresolved CodeRabbit comments on this PR:

• Push a commit to this branch (recommended)
• Create a new PR with the fixes

---

ℹ️ Review info

⚙️ Run configuration

Configuration used: defaults

Review profile: CHILL

Plan: Pro

Run ID: e4006718-304e-4025-b4be-d7574d76a1ec

📥 Commits

Reviewing files that changed from the base of the PR and between ab416ca and 17c33f7.

📒 Files selected for processing (6)

• acbu_minting/src/lib.rs
• acbu_reserve_tracker/src/lib.rs
• acbu_savings_vault/src/lib.rs
• acbu_savings_vault/tests/test.rs
• shared/src/lib.rs
• shared/tests/test_utilities.rs