feat(platform): add tests for proof verification of recent address balance changes

[QuantumExplorer]

Issue being fixed or feature implemented

This PR adds tests to verify the proof generation and validation for recent address balance changes, ensuring that the prove/verify cycle functions correctly.

What was done?

• Implemented tests for both recent address balance changes and compacted address balance changes with prove: true.
• Added assertions to verify that the generated proofs are valid and contain expected data.
• Enhanced the Drive module to include comments explaining the purpose of the verification functions.

How Has This Been Tested?

Tests were added to check the correctness of the proof verification process for both regular and compacted address balance changes. Assertions ensure that the proofs are not empty and that the verification process returns valid results.

Breaking Changes

None

Checklist

• I have performed a self-review of my own code

• I have commented my code, particularly in hard-to-understand areas

• I have added or updated relevant unit/integration/functional/e2e tests

• I have added ! to the title and described breaking changes in the corresponding section if my code contains any.

  For repository code-owners and collaborators only

• I have assigned this pull request to a milestone

Summary by CodeRabbit

• Tests
  • Expanded test coverage for address balance change verification, adding proof/verify cycles for compacted and non-compacted address balance changes, checkpoint and restart scenarios, and mixed proof/entry paths to ensure robustness and data consistency.
• Bug Fixes
  • Improved verification robustness and consistency checks to prevent empty-proof cases and enforce expected result lengths.

_{✏️ Tip: You can customize this high-level summary in your review settings.}

[coderabbitai]

📝 Walkthrough

Walkthrough

Adds extensive proof-verification test coverage for recent address balance changes (compacted and non-compacted) across checkpoints and restarts, and updates the verifier API to accept optional limits, a subset-verification flag, and platform version, adapting internal verification calls accordingly.

Changes

Cohort / File(s)	Summary
Test Coverage Expansion packages/rs-drive-abci/tests/strategy_tests/test_cases/address_tests.rs	Adds many new proof-verification test blocks exercising GetRecentAddressBalanceChanges and GetRecentCompactedAddressBalanceChanges with prove: true and non-proof paths, asserting non-empty proofs/root hashes, validated verified changes, quorum/signature presence, checkpoint-height metadata, post-restart/post-compaction scenarios, and consistency/error checks.
Verifier API & Logic packages/rs-drive/src/verify/address_funds/verify_recent_address_balance_changes/v0/mod.rs	Changes verify_recent_address_balance_changes_v0 signature to accept limit: Option<u16>, verify_subset_of_proof: bool, and platform_version: &PlatformVersion; switches GroveDb verification calls from subset-with-absence to standard subset/query variants, consolidates bincode config setup, and uses the new flags to control verification and result sizing.

Estimated code review effort

🎯 3 (Moderate) | ⏱️ ~20 minutes

Poem

🐇 I hopped through proofs beneath the moon,

Checked roots and signatures by noon,
Compact or full, each change I found,
Verified all with a joyful bound,
Tiny paws, big ledger sound.

🚥 Pre-merge checks | ✅ 3

✅ Passed checks (3 passed)

Check name	Status	Explanation
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.
Title check	✅ Passed	The title accurately reflects the primary change: adding tests for proof verification of recent address balance changes, which aligns with the substantial test additions in the changeset.
Docstring Coverage	✅ Passed	Docstring coverage is 100.00% which is sufficient. The required threshold is 80.00%.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing touches

• 📝 Generate docstrings

---

📜 Recent review details

Configuration used: defaults

Review profile: CHILL

Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between 41e7cca and 4da403a.

📒 Files selected for processing (1)

• packages/rs-drive/src/verify/address_funds/verify_recent_address_balance_changes/v0/mod.rs

🧰 Additional context used

📓 Path-based instructions (1)

**/*.rs

📄 CodeRabbit inference engine (CLAUDE.md)

**/*.rs: Rust code must pass cargo clippy --workspace linter checks
Rust code must be formatted using cargo fmt --all

**/*.rs: Use 4-space indent for Rust files
Follow rustfmt defaults and keep code clippy-clean for Rust modules
Use snake_case for Rust module names
Use PascalCase for Rust type names
Use SCREAMING_SNAKE_CASE for Rust constants

Files:

• packages/rs-drive/src/verify/address_funds/verify_recent_address_balance_changes/v0/mod.rs

🧠 Learnings (9)

📓 Common learnings

Learnt from: QuantumExplorer
Repo: dashpay/platform PR: 2257
File: packages/rs-drive-abci/src/mimic/test_quorum.rs:159-164
Timestamp: 2024-11-20T16:16:01.830Z
Learning: QuantumExplorer prefers not to receive auto-generated messages asking to post on social media.

📚 Learning: 2024-10-08T13:28:03.529Z

Learnt from: QuantumExplorer
Repo: dashpay/platform PR: 2227
File: packages/rs-drive-abci/src/platform_types/platform_state/mod.rs:141-141
Timestamp: 2024-10-08T13:28:03.529Z
Learning: When converting `PlatformStateV0` to `PlatformStateForSavingV1` in `packages/rs-drive-abci/src/platform_types/platform_state/mod.rs`, only version `0` needs to be handled in the match on `platform_state_for_saving_structure_default` because the changes are retroactive.

Applied to files:

• packages/rs-drive/src/verify/address_funds/verify_recent_address_balance_changes/v0/mod.rs

📚 Learning: 2024-10-09T00:22:57.778Z

Learnt from: QuantumExplorer
Repo: dashpay/platform PR: 2215
File: packages/rs-drive-abci/src/execution/engine/run_block_proposal/mod.rs:105-105
Timestamp: 2024-10-09T00:22:57.778Z
Learning: In `run_block_proposal` in `packages/rs-drive-abci/src/execution/engine/run_block_proposal/mod.rs`, when retrieving `last_block_time_ms`, it's acceptable to use `platform_state` instead of `block_platform_state`, even after updating the protocol version.

Applied to files:

• packages/rs-drive/src/verify/address_funds/verify_recent_address_balance_changes/v0/mod.rs

📚 Learning: 2024-11-22T08:19:14.448Z

Learnt from: shumkov
Repo: dashpay/platform PR: 2345
File: packages/rs-drive-abci/src/execution/platform_events/protocol_upgrade/perform_events_on_first_block_of_protocol_change/v0/mod.rs:93-99
Timestamp: 2024-11-22T08:19:14.448Z
Learning: In `packages/rs-drive-abci/src/execution/platform_events/protocol_upgrade/perform_events_on_first_block_of_protocol_change/v0/mod.rs`, the `insert_contract` method requires an owned `BlockInfo`, so cloning `block_info` is necessary when calling it.

Applied to files:

• packages/rs-drive/src/verify/address_funds/verify_recent_address_balance_changes/v0/mod.rs

📚 Learning: 2024-10-06T16:18:07.994Z

Learnt from: QuantumExplorer
Repo: dashpay/platform PR: 2215
File: packages/rs-drive-abci/src/execution/engine/run_block_proposal/mod.rs:119-120
Timestamp: 2024-10-06T16:18:07.994Z
Learning: In the `run_block_proposal` function in `packages/rs-drive-abci/src/execution/engine/run_block_proposal/mod.rs`, it's acceptable to pass `platform_state` to `perform_events_on_first_block_of_protocol_change`, even if `block_platform_state` has been updated.

Applied to files:

• packages/rs-drive/src/verify/address_funds/verify_recent_address_balance_changes/v0/mod.rs

📚 Learning: 2024-11-15T14:39:23.704Z

Learnt from: QuantumExplorer
Repo: dashpay/platform PR: 2332
File: packages/rs-drive-proof-verifier/src/error.rs:21-23
Timestamp: 2024-11-15T14:39:23.704Z
Learning: In the `packages/rs-drive-proof-verifier`, avoid suggesting size limits for `proof_bytes` in errors unless there's a specific need, as it may not be necessary.

Applied to files:

• packages/rs-drive/src/verify/address_funds/verify_recent_address_balance_changes/v0/mod.rs

📚 Learning: 2024-10-03T11:51:06.980Z

Learnt from: shumkov
Repo: dashpay/platform PR: 2201
File: packages/rs-platform-version/src/version/v2.rs:1186-1188
Timestamp: 2024-10-03T11:51:06.980Z
Learning: In the `IdentityTransitionVersions` structure within `packages/rs-platform-version/src/version/v2.rs`, the field `credit_withdrawal` does not need the `identity_` prefix since it is already encompassed within identity state transitions.

Applied to files:

• packages/rs-drive/src/verify/address_funds/verify_recent_address_balance_changes/v0/mod.rs

📚 Learning: 2024-11-20T16:05:40.200Z

Learnt from: QuantumExplorer
Repo: dashpay/platform PR: 2257
File: packages/rs-drive-abci/src/platform_types/signature_verification_quorum_set/v0/for_saving.rs:148-151
Timestamp: 2024-11-20T16:05:40.200Z
Learning: In `packages/rs-drive-abci/src/platform_types/signature_verification_quorum_set/v0/for_saving.rs`, when converting public keys from `QuorumForSavingV0` to `VerificationQuorum`, it's acceptable to use `.expect()` for public key conversion, as the conversion has been verified and panics are acceptable in this context.

Applied to files:

• packages/rs-drive/src/verify/address_funds/verify_recent_address_balance_changes/v0/mod.rs

📚 Learning: 2025-11-25T13:10:23.481Z

Learnt from: CR
Repo: dashpay/platform PR: 0
File: CLAUDE.md:0-0
Timestamp: 2025-11-25T13:10:23.481Z
Learning: Use `rs-drive-proof-verifier` for cryptographic proof verification

Applied to files:

• packages/rs-drive/src/verify/address_funds/verify_recent_address_balance_changes/v0/mod.rs

⏰ Context from checks skipped due to timeout of 90000ms. You can increase the timeout in your CodeRabbit configuration to a maximum of 15 minutes (900000ms). (16)

• GitHub Check: Rust packages (drive) / Linting
• GitHub Check: Rust packages (drive) / Unused dependencies
• GitHub Check: Rust packages (drive) / Tests
• GitHub Check: Rust packages (drive-abci) / Unused dependencies
• GitHub Check: Rust packages (drive-abci) / Check each feature
• GitHub Check: Rust packages (drive-abci) / Tests
• GitHub Check: Rust packages (drive-abci) / Formatting
• GitHub Check: Rust packages (drive-abci) / Linting
• GitHub Check: Rust packages (rs-sdk-ffi) / Tests
• GitHub Check: Rust packages (dash-sdk) / Tests
• GitHub Check: Rust packages (wasm-sdk) / Tests
• GitHub Check: Build Docker images (RS-DAPI, rs-dapi, rs-dapi) / Build RS-DAPI image
• GitHub Check: Build Docker images (Drive, drive, drive-abci, SDK_TEST_DATA=true
  ) / Build Drive image
• GitHub Check: Build JS packages / Build JS
• GitHub Check: Rust crates security audit
• GitHub Check: Swift SDK and Example build (warnings as errors)

🔇 Additional comments (7)

packages/rs-drive/src/verify/address_funds/verify_recent_address_balance_changes/v0/mod.rs (7)

18-21: LGTM - Clear documentation.

The documentation clearly explains the function's purpose and helpfully notes that it mirrors the prove function's query construction.

---

34-36: LGTM - Proper bincode configuration.

The bincode config is correctly initialized before use with big-endian encoding that matches the key encoding used in the query construction.

---

58-63: LGTM - Correct block height parsing.

The block height parsing correctly uses big-endian byte order matching the query construction, with appropriate error handling for invalid key lengths.

---

66-70: LGTM - Proper element type validation.

The code correctly validates that the element is an ItemWithSumItem, which is appropriate for address balance data, with clear error messaging.

---

73-79: LGTM - Correct deserialization logic.

The deserialization uses the matching bincode config and includes helpful error messages with the underlying bincode error for debugging.

---

38-42: LGTM - Query construction matches expected format.

The range query construction correctly uses big-endian encoding for the start height, matching the parsing logic later in the function. The limit parameter is properly threaded through to the SizedQuery.

---

44-48: The verification methods used here are consistent with the standard pattern throughout the codebase.

The concern about removing absence proof verification is unfounded. The verify_query and verify_subset_query methods are the standard verification approach used consistently across the codebase (voting, tokens, documents, groups, identities). The corresponding prove_recent_address_balance_changes_v0 function uses grove_get_proved_path_query() to generate proofs using the same API pattern. Tests in address_tests.rs confirm this verification approach works correctly.

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[QuantumExplorer]

Self Reviewed

[coderabbitai]

Actionable comments posted: 0

🧹 Nitpick comments (1)

packages/rs-drive-abci/tests/strategy_tests/test_cases/address_tests.rs (1)

2508-2574: Consider asserting on verified_changes.

The test verifies that root_hash is not empty but doesn't assert anything about verified_changes. Earlier in this same test (lines 2419-2499), the non-proof query found and verified compacted entries, which means compaction has occurred. Therefore, verified_changes should also be non-empty and could be asserted.

Compare with lines 474-476 which do assert verified_changes is not empty.

Suggested assertion to add

                         assert!(
                             !root_hash.is_empty(),
                             "root hash should not be empty"
                         );
-                        // Note: verified_changes might be empty if no compaction occurred
+                        assert!(
+                            !verified_changes.is_empty(),
+                            "verified changes should not be empty after compaction"
+                        );

📜 Review details

Configuration used: defaults

Review profile: CHILL

Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between 0ae4d16 and 41e7cca.

📒 Files selected for processing (2)

• packages/rs-drive-abci/tests/strategy_tests/test_cases/address_tests.rs
• packages/rs-drive/src/verify/address_funds/verify_recent_address_balance_changes/v0/mod.rs

🧰 Additional context used

📓 Path-based instructions (2)

**/*.rs

📄 CodeRabbit inference engine (CLAUDE.md)

**/*.rs: Rust code must pass cargo clippy --workspace linter checks
Rust code must be formatted using cargo fmt --all

**/*.rs: Use 4-space indent for Rust files
Follow rustfmt defaults and keep code clippy-clean for Rust modules
Use snake_case for Rust module names
Use PascalCase for Rust type names
Use SCREAMING_SNAKE_CASE for Rust constants

Files:

• packages/rs-drive-abci/tests/strategy_tests/test_cases/address_tests.rs
• packages/rs-drive/src/verify/address_funds/verify_recent_address_balance_changes/v0/mod.rs

**/tests/**/*.{js,jsx,ts,tsx,rs}

📄 CodeRabbit inference engine (AGENTS.md)

**/tests/**/*.{js,jsx,ts,tsx,rs}: Name tests descriptively, starting with 'should …'
Unit and integration tests should not perform network calls; mock dependencies

Files:

• packages/rs-drive-abci/tests/strategy_tests/test_cases/address_tests.rs

🧠 Learnings (11)

📓 Common learnings

Learnt from: QuantumExplorer
Repo: dashpay/platform PR: 2257
File: packages/rs-drive-abci/src/mimic/test_quorum.rs:159-164
Timestamp: 2024-11-20T16:16:01.830Z
Learning: QuantumExplorer prefers not to receive auto-generated messages asking to post on social media.

📚 Learning: 2024-11-20T20:43:41.185Z

Learnt from: QuantumExplorer
Repo: dashpay/platform PR: 2257
File: packages/rs-drive-abci/tests/strategy_tests/masternodes.rs:212-220
Timestamp: 2024-11-20T20:43:41.185Z
Learning: In `packages/rs-drive-abci/tests/strategy_tests/masternodes.rs`, the pattern of generating a `PrivateKey`, converting it to bytes, and reconstructing a `BlsPrivateKey` from those bytes is intentional. Avoid suggesting to simplify this code in future reviews.

Applied to files:

• packages/rs-drive-abci/tests/strategy_tests/test_cases/address_tests.rs

📚 Learning: 2024-10-04T14:16:05.798Z

Learnt from: lklimek
Repo: dashpay/platform PR: 2207
File: packages/rs-drive-proof-verifier/src/proof.rs:1646-1664
Timestamp: 2024-10-04T14:16:05.798Z
Learning: In the implementation of `FromProof<platform::GetContestedResourceIdentityVotesRequest>` in `packages/rs-drive-proof-verifier/src/proof.rs`, when matching `maybe_votes`, using `.expect()` on `v.into_iter().next()` is acceptable because the prior match arm `Some(v) if v.is_empty()` ensures that the map is not empty, preventing a panic.

Applied to files:

• packages/rs-drive-abci/tests/strategy_tests/test_cases/address_tests.rs

📚 Learning: 2024-10-06T16:18:07.994Z

Learnt from: QuantumExplorer
Repo: dashpay/platform PR: 2215
File: packages/rs-drive-abci/src/execution/engine/run_block_proposal/mod.rs:119-120
Timestamp: 2024-10-06T16:18:07.994Z
Learning: In the `run_block_proposal` function in `packages/rs-drive-abci/src/execution/engine/run_block_proposal/mod.rs`, it's acceptable to pass `platform_state` to `perform_events_on_first_block_of_protocol_change`, even if `block_platform_state` has been updated.

Applied to files:

• packages/rs-drive-abci/tests/strategy_tests/test_cases/address_tests.rs
• packages/rs-drive/src/verify/address_funds/verify_recent_address_balance_changes/v0/mod.rs

📚 Learning: 2024-10-09T00:22:57.778Z

Learnt from: QuantumExplorer
Repo: dashpay/platform PR: 2215
File: packages/rs-drive-abci/src/execution/engine/run_block_proposal/mod.rs:105-105
Timestamp: 2024-10-09T00:22:57.778Z
Learning: In `run_block_proposal` in `packages/rs-drive-abci/src/execution/engine/run_block_proposal/mod.rs`, when retrieving `last_block_time_ms`, it's acceptable to use `platform_state` instead of `block_platform_state`, even after updating the protocol version.

Applied to files:

• packages/rs-drive-abci/tests/strategy_tests/test_cases/address_tests.rs
• packages/rs-drive/src/verify/address_funds/verify_recent_address_balance_changes/v0/mod.rs

📚 Learning: 2024-10-30T11:04:33.634Z

Learnt from: lklimek
Repo: dashpay/platform PR: 2277
File: packages/rs-sdk/src/platform/fetch_unproved.rs:0-0
Timestamp: 2024-10-30T11:04:33.634Z
Learning: In `packages/rs-sdk/src/platform/fetch_unproved.rs`, the `execute()` method consumes the request object, so cloning the request is necessary before passing it to `execute()` and `maybe_from_unproved_with_metadata`.

Applied to files:

• packages/rs-drive-abci/tests/strategy_tests/test_cases/address_tests.rs

📚 Learning: 2024-10-08T13:28:03.529Z

Learnt from: QuantumExplorer
Repo: dashpay/platform PR: 2227
File: packages/rs-drive-abci/src/platform_types/platform_state/mod.rs:141-141
Timestamp: 2024-10-08T13:28:03.529Z
Learning: When converting `PlatformStateV0` to `PlatformStateForSavingV1` in `packages/rs-drive-abci/src/platform_types/platform_state/mod.rs`, only version `0` needs to be handled in the match on `platform_state_for_saving_structure_default` because the changes are retroactive.

Applied to files:

• packages/rs-drive/src/verify/address_funds/verify_recent_address_balance_changes/v0/mod.rs

📚 Learning: 2024-11-22T08:19:14.448Z

Learnt from: shumkov
Repo: dashpay/platform PR: 2345
File: packages/rs-drive-abci/src/execution/platform_events/protocol_upgrade/perform_events_on_first_block_of_protocol_change/v0/mod.rs:93-99
Timestamp: 2024-11-22T08:19:14.448Z
Learning: In `packages/rs-drive-abci/src/execution/platform_events/protocol_upgrade/perform_events_on_first_block_of_protocol_change/v0/mod.rs`, the `insert_contract` method requires an owned `BlockInfo`, so cloning `block_info` is necessary when calling it.

Applied to files:

• packages/rs-drive/src/verify/address_funds/verify_recent_address_balance_changes/v0/mod.rs

📚 Learning: 2024-11-20T10:01:50.837Z

Learnt from: QuantumExplorer
Repo: dashpay/platform PR: 2257
File: packages/rs-drive-abci/src/platform_types/platform_state/v0/old_structures/mod.rs:94-94
Timestamp: 2024-11-20T10:01:50.837Z
Learning: In `packages/rs-drive-abci/src/platform_types/platform_state/v0/old_structures/mod.rs`, when converting with `PublicKey::try_from`, it's acceptable to use `.expect()` to handle potential conversion errors.

Applied to files:

• packages/rs-drive/src/verify/address_funds/verify_recent_address_balance_changes/v0/mod.rs

📚 Learning: 2024-11-20T16:05:40.200Z

Learnt from: QuantumExplorer
Repo: dashpay/platform PR: 2257
File: packages/rs-drive-abci/src/platform_types/signature_verification_quorum_set/v0/for_saving.rs:148-151
Timestamp: 2024-11-20T16:05:40.200Z
Learning: In `packages/rs-drive-abci/src/platform_types/signature_verification_quorum_set/v0/for_saving.rs`, when converting public keys from `QuorumForSavingV0` to `VerificationQuorum`, it's acceptable to use `.expect()` for public key conversion, as the conversion has been verified and panics are acceptable in this context.

Applied to files:

• packages/rs-drive/src/verify/address_funds/verify_recent_address_balance_changes/v0/mod.rs

📚 Learning: 2025-11-25T13:10:23.481Z

Learnt from: CR
Repo: dashpay/platform PR: 0
File: CLAUDE.md:0-0
Timestamp: 2025-11-25T13:10:23.481Z
Learning: Use `rs-drive-proof-verifier` for cryptographic proof verification

Applied to files:

• packages/rs-drive/src/verify/address_funds/verify_recent_address_balance_changes/v0/mod.rs

⏰ Context from checks skipped due to timeout of 90000ms. You can increase the timeout in your CodeRabbit configuration to a maximum of 15 minutes (900000ms). (7)

• GitHub Check: Rust packages (drive-abci) / Tests
• GitHub Check: Rust packages (dash-sdk) / Tests
• GitHub Check: Rust packages (drive-abci) / Unused dependencies
• GitHub Check: Build Docker images (Drive, drive, drive-abci, SDK_TEST_DATA=true
  ) / Build Drive image
• GitHub Check: Build Docker images (RS-DAPI, rs-dapi, rs-dapi) / Build RS-DAPI image
• GitHub Check: Build JS packages / Build JS
• GitHub Check: Rust crates security audit

🔇 Additional comments (6)

packages/rs-drive/src/verify/address_funds/verify_recent_address_balance_changes/v0/mod.rs (5)

18-21: LGTM! Clear documentation.

The documentation clearly explains the verification approach and importantly notes that it uses the same query as the prove function, which is critical for proof verification to work correctly.

---

22-28: LGTM! Function signature properly extended.

The additional parameters (limit, verify_subset_of_proof, platform_version) provide the necessary flexibility for proof verification and match the requirements described in the PR objectives.

---

34-36: LGTM! Config initialization refactored efficiently.

Creating the bincode config once at the top and reusing it is cleaner than the previous approach. The configuration (big-endian, no limit) is appropriate for deserializing address balance maps.

---

38-52: LGTM! Verification logic correctly implemented.

The query construction matches the prove function (as documented), and the conditional verification logic properly supports both full and subset proof verification modes. The limit parameter is correctly passed through to the SizedQuery.

---

54-89: LGTM! Data parsing logic is robust.

The parsing correctly:

• Validates key length and converts to block height
• Verifies element type is ItemWithSumItem
• Deserializes address balance maps with proper error handling
• Returns the expected result tuple

packages/rs-drive-abci/tests/strategy_tests/test_cases/address_tests.rs (1)

418-483: LGTM! Comprehensive proof verification test.

This test properly exercises the prove/verify cycle for recent address balance changes:

• Creates a proof request with prove: true
• Verifies the proof is generated (non-empty grovedb_proof)
• Calls Drive::verify_recent_address_balance_changes with correct parameters
• Validates the verification succeeds and returns non-empty results

The use of verify_subset_of_proof=false provides thorough verification.