feat(api): max bridge amounts [SLT-165]

[bigboydiamonds]

Description
Adds /getBridgeLimits endpoint to provide min/max origin input values for bridge routes based on query params of

• fromChain
• toChain
• fromToken
• toToken

Summary by CodeRabbit

Summary by CodeRabbit

• New Features

  • Introduced a new API endpoint /get-quote-max for fetching maximum bridge quotes for token transfers across blockchain networks.
  • Added a new API endpoint for retrieving bridge limits, enhancing the API's capabilities.
  • Included a utility for retrieving token information based on blockchain chain and token address.
  • Added a development script for smoother development workflows with automatic application restarts.
  • Included new dependencies for enhanced functionality in Ethereum address handling.

• Bug Fixes

  • Improved validation checks for query parameters in the new endpoints to ensure correct data types and completeness.

714ad0d: synapse-interface preview link
eaa421f: synapse-interface preview link

[coderabbitai]

Walkthrough

The changes involve enhancements to the rest-api package by adding a new development script and dependencies, as well as introducing new API endpoints for fetching maximum bridge quotes and bridge limits for token transfers. These endpoints validate input parameters, retrieve token information, and compare quotes from an external service and the Synapse SDK. Additionally, a console log statement was added to the fetchBridgeQuote thunk for debugging purposes.

Changes

File	Change Summary
packages/rest-api/package.json	Added a development script "dev" and new dependency @ethersproject/address.
packages/rest-api/src/app.ts	Added a new endpoint /get-quote-max for fetching maximum bridge quotes with validation checks.
packages/rest-api/src/controllers/getBridgeLimitsController.ts	Introduced getBridgeLimitsController for calculating and retrieving bridge limits.
packages/rest-api/src/routes/getBridgeLimitsRoute.ts	Created a new route for bridge limits with validation for parameters.
packages/rest-api/src/routes/index.ts	Integrated getBridgeLimitsRoute into the main router under /getBridgeLimits.
packages/rest-api/src/constants/bridgeable.ts	Removed local declaration of ZeroAddress and imported it from index.
packages/rest-api/src/constants/index.ts	Added ZeroAddress constant representing the Ethereum zero address.
packages/rest-api/src/utils/tokenAddressToToken.ts	Added utility function tokenAddressToToken for retrieving token information based on address.
packages/synapse-interface/slices/bridgeQuote/thunks.ts	Added a console log statement in the fetchBridgeQuote thunk for debugging purposes.

Possibly related PRs

• API method updates #3122: This PR adds new API endpoints in app.ts, which may relate to the new /get-quote-max endpoint introduced in the main PR, as both involve enhancements to the API's functionality for handling blockchain transactions.
• REST API Improvements [SLT-179] #3133: This PR includes modifications to the swapTxInfoController and introduces new validation logic for token addresses, which aligns with the changes in the main PR that also involve handling token addresses and validation in the new /get-quote-max endpoint.

Suggested labels

M-docs, javascript

Suggested reviewers

• bigboydiamonds
• Defi-Moses
• abtestingalpha
• trajan0x

In the meadow, code does bloom,
With new scripts to chase away gloom.
Quotes fetched from chains afar,
A rabbit's joy, like a shining star!
So hop along, let’s celebrate,
With code so bright, it’s truly great! 🐇✨

---

Recent review details

Configuration used: .coderabbit.yaml
Review profile: CHILL

Commits

Files that changed from the base of the PR and between c937f64 and 8ce1097.

Files selected for processing (1)

• packages/rest-api/src/controllers/getBridgeLimitsController.ts (1 hunks)

Files skipped from review as they are similar to previous changes (1)

• packages/rest-api/src/controllers/getBridgeLimitsController.ts

---

Thank you for using CodeRabbit. We offer it for free to the OSS community and would appreciate your support in helping us grow. If you find it useful, would you consider giving us a shout-out on your favorite social media?

Share

• X
• Mastodon
• Reddit
• LinkedIn

Tips

Chat

There are 3 ways to chat with CodeRabbit:

• Review comments: Directly reply to a review comment made by CodeRabbit. Example:
  -- I pushed a fix in commit <commit_id>, please review it.
  -- Generate unit testing code for this file.
  • Open a follow-up GitHub issue for this discussion.
• Files and specific lines of code (under the "Files changed" tab): Tag @coderabbitai in a new review comment at the desired location with your query. Examples:
  -- @coderabbitai generate unit testing code for this file.
  -- @coderabbitai modularize this function.
• PR comments: Tag @coderabbitai in a new PR comment to ask questions about the PR branch. For the best results, please provide a very specific query, as very limited context is provided in this mode. Examples:
  -- @coderabbitai generate interesting stats about this repository and render them as a table.
  -- @coderabbitai read src/utils.ts and generate unit testing code.
  -- @coderabbitai read the files in the src/scheduler package and generate a class diagram using mermaid and a README in the markdown format.
  -- @coderabbitai help me debug CodeRabbit configuration file.

Note: Be mindful of the bot's finite context window. It's strongly recommended to break down tasks such as reading entire modules into smaller chunks. For a focused discussion, use review comments to chat about specific files and their changes, instead of using the PR comments.

CodeRabbit Commands (Invoked using PR comments)

• @coderabbitai pause to pause the reviews on a PR.
• @coderabbitai resume to resume the paused reviews.
• @coderabbitai review to trigger an incremental review. This is useful when automatic reviews are disabled for the repository.
• @coderabbitai full review to do a full review from scratch and review all the files again.
• @coderabbitai summary to regenerate the summary of the PR.
• @coderabbitai resolve resolve all the CodeRabbit review comments.
• @coderabbitai configuration to show the current CodeRabbit configuration for the repository.
• @coderabbitai help to get help.

Other keywords and placeholders

• Add @coderabbitai ignore anywhere in the PR description to prevent this PR from being reviewed.
• Add @coderabbitai summary to generate the high-level summary at a specific location in the PR description.
• Add @coderabbitai anywhere in the PR title to generate the title automatically.

Documentation and Community

• Visit our Documentation for detailed information on how to use CodeRabbit.
• Join our Discord Community to get help, request features, and share feedback.
• Follow us on X/Twitter for updates and announcements.

Tip

Early access features: enabled

We are currently testing the following features in early access:

• OpenAI o1 for code reviews: OpenAI's new o1 model is being tested for code reviews. This model has advanced reasoning capabilities and can provide more nuanced feedback on your code.

Note:

• You can enable or disable early access features from the CodeRabbit UI or by updating the CodeRabbit configuration file.
• • Please join our Discord Community to provide feedback and report issues on the discussion post.

[codecov]

Bundle Report

Changes will increase total bundle size by 409.84kB (1.14%) ⬆️. This is within the configured threshold ✅

Detailed changes

Bundle name	Size	Change
sdk-router-@synapsecns/sdk-router-cjs	527.05kB	409.81kB ⬆️
synapse-interface-client-array-push*	7.5MB	33 bytes ⬆️
synapse-interface-server-cjs	1.47MB	1 bytes ⬇️

ℹ️ *Bundle size includes cached data from a previous commit

[codecov]

Codecov Report

All modified and coverable lines are covered by tests ✅

Project coverage is 90.96267%. Comparing base (377a7fa) to head (8ce1097).
Report is 5 commits behind head on master.

Additional details and impacted files

@@                 Coverage Diff                  @@
##              master       #3131          +/-   ##
====================================================
+ Coverage   38.23421%   90.96267%   +52.72846%     
====================================================
  Files            423          54         -369     
  Lines          24363        1018       -23345     
  Branches         119          82          -37     
====================================================
- Hits            9315         926        -8389     
+ Misses         14309          91       -14218     
+ Partials         739           1         -738     

Flag	Coverage Δ
cctp-relayer	?
core	?
ethergo	?
git-changes-action	?
omnirpc	?
opbot	?
packages	90.96267% <ø> (ø)
screener-api	?
scribe	?
solidity	?
tools	?

Flags with carried forward coverage won't be shown. Click here to find out more.

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

[cloudflare-workers-and-pages]

Deploying sanguine-fe with    Cloudflare Pages

Latest commit:	d006117
Status:	✅  Deploy successful!
Preview URL:	https://2417be54.sanguine-fe.pages.dev
Branch Preview URL:	https://api-bridge-max-amounts.sanguine-fe.pages.dev

View logs

[coderabbitai]

Actionable comments posted: 3

Review details

Configuration used: .coderabbit.yaml
Review profile: CHILL

Commits

Files that changed from the base of the PR and between 8530122 and 7eab9a7.

Files ignored due to path filters (1)

• yarn.lock is excluded by !**/yarn.lock, !**/*.lock

Files selected for processing (4)

• packages/rest-api/package.json (1 hunks)
• packages/rest-api/src/controllers/getBridgeLimitsController.ts (1 hunks)
• packages/rest-api/src/routes/getBridgeLimitsRoute.ts (1 hunks)
• packages/rest-api/src/routes/index.ts (2 hunks)

Files skipped from review as they are similar to previous changes (1)

• packages/rest-api/package.json

Additional comments not posted (4)

packages/rest-api/src/routes/index.ts (2)

8-8: LGTM!

The import statement for getBridgeLimitsRoute follows the same pattern as other route imports and is consistent with the file's structure.

---

21-21: Looks good!

The new route /getBridgeLimits is added correctly using the imported getBridgeLimitsRoute. This addition enhances the API's capabilities related to bridge transactions without modifying existing functionality.

packages/rest-api/src/routes/getBridgeLimitsRoute.ts (1)

11-31: LGTM!

The route definition is well-structured and follows best practices:

• The route path is appropriate for retrieving bridge limits.
• The validation checks ensure that the required parameters are provided and are valid.
• The showFirstValidationError middleware is used to handle validation errors.
• The getBridgeLimitsController is invoked after successful validation.

packages/rest-api/src/controllers/getBridgeLimitsController.ts (1)

110-116: Error handling for unexpected errors looks good!

The function includes a catch block that handles any unexpected errors that may occur during its execution. It returns a 500 status code and an error message to the client, which is an appropriate way to handle unexpected errors in an API endpoint.

[coderabbitai]

Consider breaking down the function into smaller, more focused functions and adding more detailed comments.

The getBridgeLimitsController function is quite large and performs several distinct tasks, such as:

• Validating request parameters
• Retrieving quotes from external services
• Filtering and comparing quotes
• Calculating transfer limits

To improve readability and maintainability, consider breaking down the function into smaller, more focused functions that each perform a single task. Additionally, consider adding more detailed comments explaining the purpose and logic of each section of the function.

[coderabbitai]

Consider adding error handling for the API call to the RFQ service.

The function makes an API call to the RFQ service to retrieve quotes for the specified token transfer. However, it does not handle potential errors that may occur during this API call, such as network errors or invalid responses.

To improve the robustness of the function, consider adding error handling for this API call, such as catching any errors and returning an appropriate error response to the client.

[coderabbitai]

Consider adding error handling for the API calls to the Synapse service.

The function makes two API calls to the Synapse service to retrieve bridge quotes for the upper and lower limit amounts. However, it does not handle potential errors that may occur during these API calls, such as network errors or invalid responses.

To improve the robustness of the function, consider adding error handling for these API calls, such as catching any errors and returning an appropriate error response to the client.

Also applies to: 62-69

[coderabbitai]

Actionable comments posted: 5

Outside diff range and nitpick comments (1)

packages/rest-api/src/utils/tokenAddressToToken.ts (1)

3-17: Add unit tests for tokenAddressToToken to ensure correctness and reliability

Including unit tests for the tokenAddressToToken function would help validate its behavior across various scenarios and enhance the reliability of the code.

Review details

Configuration used: .coderabbit.yaml
Review profile: CHILL

Commits

Files that changed from the base of the PR and between 7eab9a7 and ddb245d.

Files selected for processing (4)

• packages/rest-api/src/controllers/getBridgeLimitsController.ts (1 hunks)
• packages/rest-api/src/routes/getBridgeLimitsRoute.ts (1 hunks)
• packages/rest-api/src/tests/getBridgeLimits.test.ts (1 hunks)
• packages/rest-api/src/utils/tokenAddressToToken.ts (1 hunks)

Files skipped from review as they are similar to previous changes (2)

• packages/rest-api/src/controllers/getBridgeLimitsController.ts
• packages/rest-api/src/routes/getBridgeLimitsRoute.ts

Additional context used

Gitleaks

packages/rest-api/src/tests/getBridgeLimits.test.ts

13-13: Detected a Generic API Key, potentially exposing access to various services and sensitive operations.

(generic-api-key)

---

15-15: Detected a Generic API Key, potentially exposing access to various services and sensitive operations.

(generic-api-key)

---

27-27: Detected a Generic API Key, potentially exposing access to various services and sensitive operations.

(generic-api-key)

---

28-28: Detected a Generic API Key, potentially exposing access to various services and sensitive operations.

(generic-api-key)

---

41-41: Detected a Generic API Key, potentially exposing access to various services and sensitive operations.

(generic-api-key)

---

42-42: Detected a Generic API Key, potentially exposing access to various services and sensitive operations.

(generic-api-key)

---

52-52: Detected a Generic API Key, potentially exposing access to various services and sensitive operations.

(generic-api-key)

---

62-62: Detected a Generic API Key, potentially exposing access to various services and sensitive operations.

(generic-api-key)

Additional comments not posted (2)

packages/rest-api/src/tests/getBridgeLimits.test.ts (2)

10-21: Test case for valid input is correctly implemented

The test accurately checks that the endpoint returns the expected data when provided with valid input parameters.

Tools

Gitleaks

13-13: Detected a Generic API Key, potentially exposing access to various services and sensitive operations.

(generic-api-key)

---

15-15: Detected a Generic API Key, potentially exposing access to various services and sensitive operations.

(generic-api-key)

---

23-35: Test case for unsupported 'fromChain' is appropriate

The test correctly ensures that the API returns a 400 status and an appropriate error message when an unsupported 'fromChain' is provided.

Tools

Gitleaks

27-27: Detected a Generic API Key, potentially exposing access to various services and sensitive operations.

(generic-api-key)

---

28-28: Detected a Generic API Key, potentially exposing access to various services and sensitive operations.

(generic-api-key)

[coderabbitai]

Specify the return type of tokenAddressToToken for improved type safety

To enhance type safety and readability, consider specifying the return type of the tokenAddressToToken function. Defining an interface for the returned token information would clarify the expected output.

For example:

interface TokenInfo {
  address: string;
  symbol: string;
  decimals: number;
}

export const tokenAddressToToken = (chain: string, tokenAddress: string): TokenInfo | null => {
  // function body...
}

[coderabbitai]

Normalize tokenAddress to ensure consistent token lookups

Token addresses may differ in case, potentially leading to lookup failures since object keys in JavaScript are case sensitive. Consider normalizing tokenAddress, such as converting it to lowercase, and ensure that the keys in BRIDGE_MAP are in the same format.

Apply this diff to normalize tokenAddress:

 const tokenInfo = chainData[tokenAddress]
+const normalizedTokenAddress = tokenAddress.toLowerCase()
+const tokenInfo = chainData[normalizedTokenAddress]

 if (!tokenInfo) {
   return null
 }

Also, ensure that the keys in BRIDGE_MAP are normalized for consistency.

Committable suggestion was skipped due to low confidence.

[coderabbitai]

Actionable comments posted: 2

Outside diff range and nitpick comments (1)

packages/rest-api/src/tests/getBridgeLimits.test.ts (1)

30-35: Simplify error message assertions for improved readability

You can consolidate the error message assertions into single-line statements to enhance readability and maintain consistency across your test cases.

Apply this diff to streamline the assertions:

-    expect(response.body.error).toHaveProperty(
-      'message',
-      'Unsupported fromChain'
-    )
+    expect(response.body.error).toHaveProperty('message', 'Unsupported fromChain')

...

-    expect(response.body.error).toHaveProperty('message', 'Unsupported toChain')
+    expect(response.body.error).toHaveProperty('message', 'Unsupported toChain')

Also applies to: 44-46

Review details

Configuration used: .coderabbit.yaml
Review profile: CHILL

Commits

Files that changed from the base of the PR and between ddb245d and 139e27c.

Files selected for processing (1)

• packages/rest-api/src/tests/getBridgeLimits.test.ts (1 hunks)

Additional context used

Gitleaks

packages/rest-api/src/tests/getBridgeLimits.test.ts

13-13: Detected a Generic API Key, potentially exposing access to various services and sensitive operations.

(generic-api-key)

---

15-15: Detected a Generic API Key, potentially exposing access to various services and sensitive operations.

(generic-api-key)

---

27-27: Detected a Generic API Key, potentially exposing access to various services and sensitive operations.

(generic-api-key)

---

28-28: Detected a Generic API Key, potentially exposing access to various services and sensitive operations.

(generic-api-key)

---

41-41: Detected a Generic API Key, potentially exposing access to various services and sensitive operations.

(generic-api-key)

---

42-42: Detected a Generic API Key, potentially exposing access to various services and sensitive operations.

(generic-api-key)

---

52-52: Detected a Generic API Key, potentially exposing access to various services and sensitive operations.

(generic-api-key)

---

62-62: Detected a Generic API Key, potentially exposing access to various services and sensitive operations.

(generic-api-key)

Additional comments not posted (2)

packages/rest-api/src/tests/getBridgeLimits.test.ts (2)

9-21: Test case for valid input is comprehensive and well-implemented

The test correctly validates successful responses for valid inputs, ensuring that both maxOriginAmount and minOriginAmount are present in the response body.

Tools

Gitleaks

13-13: Detected a Generic API Key, potentially exposing access to various services and sensitive operations.

(generic-api-key)

---

15-15: Detected a Generic API Key, potentially exposing access to various services and sensitive operations.

(generic-api-key)

---

58-66: Consistency in test descriptions and assertions

Good job maintaining consistency in the test description and expected status code for the missing 'toToken' case.

Tools

Gitleaks

62-62: Detected a Generic API Key, potentially exposing access to various services and sensitive operations.

(generic-api-key)

[coderabbitai]

Actionable comments posted: 1

Review details

Configuration used: .coderabbit.yaml
Review profile: CHILL

Commits

Files that changed from the base of the PR and between 139e27c and 95a93ca.

Files selected for processing (1)

• packages/rest-api/src/tests/getBridgeLimits.test.ts (1 hunks)

Additional context used

Gitleaks

packages/rest-api/src/tests/getBridgeLimits.test.ts

13-13: Detected a Generic API Key, potentially exposing access to various services and sensitive operations.

(generic-api-key)

---

15-15: Detected a Generic API Key, potentially exposing access to various services and sensitive operations.

(generic-api-key)

---

27-27: Detected a Generic API Key, potentially exposing access to various services and sensitive operations.

(generic-api-key)

---

28-28: Detected a Generic API Key, potentially exposing access to various services and sensitive operations.

(generic-api-key)

---

41-41: Detected a Generic API Key, potentially exposing access to various services and sensitive operations.

(generic-api-key)

---

42-42: Detected a Generic API Key, potentially exposing access to various services and sensitive operations.

(generic-api-key)

---

55-55: Detected a Generic API Key, potentially exposing access to various services and sensitive operations.

(generic-api-key)

---

56-56: Detected a Generic API Key, potentially exposing access to various services and sensitive operations.

(generic-api-key)

---

66-66: Detected a Generic API Key, potentially exposing access to various services and sensitive operations.

(generic-api-key)

---

76-76: Detected a Generic API Key, potentially exposing access to various services and sensitive operations.

(generic-api-key)

[coderabbitai]

Actionable comments posted: 1

Review details

Configuration used: .coderabbit.yaml
Review profile: CHILL

Commits

Files that changed from the base of the PR and between 95a93ca and c6cd501.

Files selected for processing (4)

• packages/rest-api/src/constants/bridgeable.ts (1 hunks)
• packages/rest-api/src/constants/index.ts (1 hunks)
• packages/rest-api/src/controllers/getBridgeLimitsController.ts (1 hunks)
• packages/rest-api/src/utils/tokenAddressToToken.ts (1 hunks)

Files skipped from review due to trivial changes (1)

• packages/rest-api/src/constants/bridgeable.ts

Files skipped from review as they are similar to previous changes (2)

• packages/rest-api/src/controllers/getBridgeLimitsController.ts
• packages/rest-api/src/utils/tokenAddressToToken.ts

[coderabbitai]

Use consistent naming conventions for constants

To maintain consistency with existing constants like VALID_BRIDGE_MODULES, consider renaming ZeroAddress to ZERO_ADDRESS.

Apply this diff to rename the constant:

-export const ZeroAddress = '0x0000000000000000000000000000000000000000'
+export const ZERO_ADDRESS = '0x0000000000000000000000000000000000000000'

Committable suggestion

‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.

Suggested change

	export const ZeroAddress = '0x0000000000000000000000000000000000000000'
	export const ZERO_ADDRESS = '0x0000000000000000000000000000000000000000'

[Defi-Moses]

Logic looks great to me, no structural changes that I see. The two things I think that need to be updated:

1. Validation for isTokenAddress in addition to isAddress --> gives more clarity to the developer when reading errors
2. Certain routes have weird responses regarding their decimals. Check out this example: http://localhost:3000/getBridgeLimits?fromChain=1&fromToken=0xa0b86991c6218b36c1d19d4a2e9eb0ce3606eb48&toChain=81457&toToken=0x4300000000000000000000000000000000000003

(the response isnt formatted for decimals properly and thus returns the incorrect maxAmountOut. My hunch is that you are parsing using fromToken decimals for the output, not toTokenDecimals.

Other than that seems good to me

[bigboydiamonds]

Logic looks great to me, no structural changes that I see. The two things I think that need to be updated:

1. Validation for isTokenAddress in addition to isAddress --> gives more clarity to the developer when reading errors
2. Certain routes have weird responses regarding their decimals. Check out this example: http://localhost:3000/getBridgeLimits?fromChain=1&fromToken=0xa0b86991c6218b36c1d19d4a2e9eb0ce3606eb48&toChain=81457&toToken=0x4300000000000000000000000000000000000003

(the response isnt formatted for decimals properly and thus returns the incorrect maxAmountOut. My hunch is that you are parsing using fromToken decimals for the output, not toTokenDecimals.

Other than that seems good to me

Thanks for catching this! Updated in bb9aa82 , was using the bridgeQuote.originQuery.tokenOut decimals when it should've been the bridgeQuote.destQuery.tokenOut decimals to parse for max origin values