Conversation
Orders can now specify an optional oracle-url that points to a signed context oracle server. When present, tooling encodes a SignedContextOracleV1 metadata item into the order's RainMetaDocumentV1, enabling oracle discovery by takers and indexers.
WalkthroughAdds an optional Changes
Sequence Diagram(s)sequenceDiagram
participant Order as Order Front Matter
participant Chain as RainMetaDocumentV1 (On-chain)
participant Consumer as Consumer/Indexer
participant Oracle as Oracle Server
Order->>Chain: encode SignedContextOracleV1 into RainMetaDocumentV1
Consumer->>Chain: discover order metadata (includes oracle-url)
Consumer->>Oracle: GET <oracle-url>
Oracle-->>Consumer: 200 JSON (SignedContextV1)
Consumer->>Consumer: validate/use SignedContextV1
Estimated code review effort🎯 2 (Simple) | ⏱️ ~12 minutes 🚥 Pre-merge checks | ✅ 4✅ Passed checks (4 passed)
✏️ Tip: You can configure your own custom pre-merge checks in the settings. ✨ Finishing touches🧪 Generate unit tests (beta)
Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out. Comment |
Adds optional oracle-url field to OrderCfg, parsed from the YAML front matter orders section. When present, this URL identifies a signed context oracle server for the order. Changes: - Add oracle_url: Option<String> to OrderCfg struct - Parse oracle-url via optional_string in YAML parsing - Add oracle-url to ALLOWED_ORDER_KEYS - Update Default and PartialEq impls - Add test for oracle-url parsing (present + absent) Spec: rainlanguage/specs#45 Chained on: #2459 (Phase 4)
The signed context is provided by the caller during take/clear, not just 'at take-time'. Updated wording to be precise about the usage context.
There was a problem hiding this comment.
Actionable comments posted: 2
🤖 Fix all issues with AI agents
In `@ob-yaml.md`:
- Around line 285-292: Update the Oracle URL documentation to state transport
and security expectations: require HTTPS for the `oracle-url` to prevent
downgrade/MITM, recommend servers use TLS with valid certificates, and document
that endpoints encoded via `SignedContextOracleV1` (magic 0xff7a1507ba4419ca)
into `RainMetaDocumentV1` are discoverable onchain so callers should not assume
confidentiality of the URL; also suggest optional authentication approaches
(e.g., bearer tokens, client TLS certs, or signature verification of
`SignedContextV1` responses) and indicate that callers must validate TLS and
signature/auth metadata when retrieving `SignedContextV1`.
- Around line 287-289: Update the wording in the documentation fragment that
describes oracle metadata: change “onchain” to “on-chain” and “webapp” to “web
app” to match standard terminology; locate the text mentioning `oracle-url`,
`SignedContextV1`, `SignedContextOracleV1`, and `RainMetaDocumentV1` (including
the magic `0xff7a1507ba4419ca`) and apply the two spelling/wording fixes there.
| ### Oracle URL | ||
|
|
||
| Orders that require external data (e.g. price feeds) can specify an `oracle-url`. This URL points to a server that returns `SignedContextV1` data. The signed context is provided by the caller when taking or clearing the order — the order's rainlang can then read this data from the signed context columns during evaluation. | ||
|
|
||
| When `oracle-url` is specified, the tooling encodes a `SignedContextOracleV1` metadata item (magic `0xff7a1507ba4419ca`) into the order's `RainMetaDocumentV1`. This allows the oracle endpoint to be discovered onchain by anyone who needs to take or clear the order (e.g. Raindex bots, the webapp, or other takers). | ||
|
|
||
| The oracle server MUST respond to `GET` requests and return a JSON object matching the `SignedContextV1` struct: | ||
|
|
There was a problem hiding this comment.
🧹 Nitpick | 🔵 Trivial
Clarify transport/security expectations for oracle-url.
Consider stating whether the URL must be HTTPS (or otherwise authenticated) to avoid leaking endpoint access patterns or enabling downgrade/mitm risks.
🧰 Tools
🪛 LanguageTool
[grammar] ~289-~289: Ensure spelling is correct
Context: ...ws the oracle endpoint to be discovered onchain by anyone who needs to take or clear th...
(QB_NEW_EN_ORTHOGRAPHY_ERROR_IDS_1)
[grammar] ~289-~289: Ensure spelling is correct
Context: ...clear the order (e.g. Raindex bots, the webapp, or other takers). The oracle server M...
(QB_NEW_EN_ORTHOGRAPHY_ERROR_IDS_1)
🤖 Prompt for AI Agents
In `@ob-yaml.md` around lines 285 - 292, Update the Oracle URL documentation to
state transport and security expectations: require HTTPS for the `oracle-url` to
prevent downgrade/MITM, recommend servers use TLS with valid certificates, and
document that endpoints encoded via `SignedContextOracleV1` (magic
0xff7a1507ba4419ca) into `RainMetaDocumentV1` are discoverable onchain so
callers should not assume confidentiality of the URL; also suggest optional
authentication approaches (e.g., bearer tokens, client TLS certs, or signature
verification of `SignedContextV1` responses) and indicate that callers must
validate TLS and signature/auth metadata when retrieving `SignedContextV1`.
| Orders that require external data (e.g. price feeds) can specify an `oracle-url`. This URL points to a server that returns `SignedContextV1` data. The signed context is provided by the caller when taking or clearing the order — the order's rainlang can then read this data from the signed context columns during evaluation. | ||
|
|
||
| When `oracle-url` is specified, the tooling encodes a `SignedContextOracleV1` metadata item (magic `0xff7a1507ba4419ca`) into the order's `RainMetaDocumentV1`. This allows the oracle endpoint to be discovered onchain by anyone who needs to take or clear the order (e.g. Raindex bots, the webapp, or other takers). |
There was a problem hiding this comment.
Fix spelling/wording: “on-chain”, “web app”.
Minor doc polish to match standard terminology.
✏️ Suggested edit
-This allows the oracle endpoint to be discovered onchain by anyone who needs to take or clear the order (e.g. Raindex bots, the webapp, or other takers).
+This allows the oracle endpoint to be discovered on-chain by anyone who needs to take or clear the order (e.g. Raindex bots, the web app, or other takers).📝 Committable suggestion
‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.
| Orders that require external data (e.g. price feeds) can specify an `oracle-url`. This URL points to a server that returns `SignedContextV1` data. The signed context is provided by the caller when taking or clearing the order — the order's rainlang can then read this data from the signed context columns during evaluation. | |
| When `oracle-url` is specified, the tooling encodes a `SignedContextOracleV1` metadata item (magic `0xff7a1507ba4419ca`) into the order's `RainMetaDocumentV1`. This allows the oracle endpoint to be discovered onchain by anyone who needs to take or clear the order (e.g. Raindex bots, the webapp, or other takers). | |
| Orders that require external data (e.g. price feeds) can specify an `oracle-url`. This URL points to a server that returns `SignedContextV1` data. The signed context is provided by the caller when taking or clearing the order — the order's rainlang can then read this data from the signed context columns during evaluation. | |
| When `oracle-url` is specified, the tooling encodes a `SignedContextOracleV1` metadata item (magic `0xff7a1507ba4419ca`) into the order's `RainMetaDocumentV1`. This allows the oracle endpoint to be discovered on-chain by anyone who needs to take or clear the order (e.g. Raindex bots, the web app, or other takers). |
🧰 Tools
🪛 LanguageTool
[grammar] ~289-~289: Ensure spelling is correct
Context: ...ws the oracle endpoint to be discovered onchain by anyone who needs to take or clear th...
(QB_NEW_EN_ORTHOGRAPHY_ERROR_IDS_1)
[grammar] ~289-~289: Ensure spelling is correct
Context: ...clear the order (e.g. Raindex bots, the webapp, or other takers). The oracle server M...
(QB_NEW_EN_ORTHOGRAPHY_ERROR_IDS_1)
🤖 Prompt for AI Agents
In `@ob-yaml.md` around lines 287 - 289, Update the wording in the documentation
fragment that describes oracle metadata: change “onchain” to “on-chain” and
“webapp” to “web app” to match standard terminology; locate the text mentioning
`oracle-url`, `SignedContextV1`, `SignedContextOracleV1`, and
`RainMetaDocumentV1` (including the magic `0xff7a1507ba4419ca`) and apply the
two spelling/wording fixes there.
Adds optional oracle-url field to OrderCfg, parsed from the YAML front matter orders section. When present, this URL identifies a signed context oracle server for the order. Changes: - Add oracle_url: Option<String> to OrderCfg struct - Parse oracle-url via optional_string in YAML parsing - Add oracle-url to ALLOWED_ORDER_KEYS - Update Default and PartialEq impls - Add test for oracle-url parsing (present + absent) Spec: rainlanguage/specs#45 Chained on: #2459 (Phase 4)
Motivation
Orders that require external data (e.g. price feeds) at take-time currently have no way to advertise their oracle endpoint in the YAML config. This adds the spec for it.
Changes
Adds an optional
oracle-urlfield to theorderssection of the ob-yaml spec. When present, tooling encodes aSignedContextOracleV1metadata item (magic0xff7a1507ba4419ca) into the order'sRainMetaDocumentV1, enabling oracle endpoint discovery by takers and indexers.Includes:
SignedContextV1JSON)oracle-urlContext
Part of the signed context oracle integration:
Summary by CodeRabbit