Merge remote-tracking branch 'upstream/devnet-ready' into feature/add-pallet-contracts

Author: silva-fj

.github/copilot-instructions.md

@@ -0,0 +1,132 @@
+# Bittensor PR Review Guidelines
+
+You are reviewing code for a Substrate-based blockchain with a $4B market cap. Lives and livelihoods depend on the security and correctness of this code. Be thorough, precise, and uncompromising on safety.
+
+## Branch Strategy
+* Unless this is a hotfix or deployment PR (`devnet-ready` => `devnet`, `devnet` => `testnet`, or `testnet` => `main`), all PRs must target `devnet-ready`
+* Flag PRs targeting `main` directly unless they are hotfixes
+* `devnet` and `testnet` branches must only receive merges from their respective `-ready` branches
+
+## CRITICAL: Runtime Safety (Chain-Bricking Prevention)
+The runtime CANNOT panic under any circumstances. A single panic can brick the entire chain.
+
+**Panic Sources to Flag:**
+* Direct indexing: `vec[i]`, `arr[3]` → Must use `.get()` returning `Option`
+* `.unwrap()`, `.expect()` → Must handle `Result`/`Option` properly
+* `.unwrap_or()` is acceptable only with safe defaults
+* Unchecked arithmetic: `a + b`, `a - b`, `a * b`, `a / b` → Must use `checked_*` or `saturating_*`
+* Division without zero checks
+* Type conversions: `.try_into()` without handling, casting that could truncate
+* Iterator operations that assume non-empty collections: `.first().unwrap()`, `.last().unwrap()`
+* String operations: slicing without bounds checking
+* `unsafe` blocks (absolutely prohibited in runtime)
+
+## Substrate-Specific Vulnerabilities
+
+### Storage Safety
+* Unbounded storage iterations (DoS vector) - check for loops over storage maps without limits
+* Missing storage deposits/bonds for user-created entries (state bloat attack)
+* Storage migrations without proper version checks or error handling
+* Direct storage manipulation without proper weight accounting
+* `kill_storage()` or storage removals without cleanup of dependent data
+
+### Weight & Resource Exhaustion
+* Missing or incorrect `#[pallet::weight]` annotations
+* Computational complexity not reflected in weight calculations
+* Database reads/writes not accounted for in weights
+* Potential for weight exhaustion attacks through parameter manipulation
+* Loops with user-controlled bounds in extrinsics
+
+### Origin & Permission Checks
+* Missing `ensure_signed`, `ensure_root`, or `ensure_none` checks
+* Origin checks that can be bypassed
+* Privilege escalation paths
+* Missing checks before state-modifying operations
+* Incorrect origin forwarding in cross-pallet calls
+
+### Economic & Cryptoeconomic Exploits
+* Integer overflow/underflow in token/balance calculations
+* Rounding errors that can be exploited (especially in repeated operations)
+* MEV/front-running vulnerabilities in auction/pricing mechanisms
+* Flash loan-style attacks or single-block exploits
+* Reward calculation errors or manipulation vectors
+* Slashing logic vulnerabilities
+* Economic denial of service (forcing expensive operations on others)
+
+### Migration Safety
+* Migrations without try-state checks or validation
+* Missing version guards (checking current vs new version)
+* Unbounded migrations that could time out
+* Data loss risks during migration
+* Missing rollback handling for failed migrations
+
+### Consensus & Chain State
+* Anything that could cause non-deterministic behavior (randomness sources, timestamps without validation)
+* Fork-causing conditions due to different execution paths
+* Block production or finalization blockers
+*Validator set manipulation vulnerabilities
+
+### Cross-Pallet Interactions
+* Reentrancy-like patterns when calling other pallets
+* Circular dependencies between pallets
+* Assumptions about other pallet state that could be violated
+* Missing error handling from pallet calls
+
+## Supply Chain & Dependency Security
+
+**Flag any PR that:**
+* Adds new dependencies (require justification and thorough vetting)
+* Updates cryptographic or core dependencies
+* Uses dependencies with known vulnerabilities (check advisories)
+* Depends on unmaintained or obscure crates
+* Introduces git dependencies or path dependencies pointing outside the repo
+* Uses pre-release versions of critical dependencies
+* Includes large dependency version jumps without explanation
+
+**For dependency changes, verify:**
+* Changelog review for security fixes or breaking changes
+* Maintainer reputation and project activity
+* Number of reverse dependencies (more = more scrutiny)
+* Whether it introduces new transitive dependencies
+
+## Code Quality & Maintainability
+
+* Code duplication that could lead to inconsistent bug fixes
+* Overly complex logic that obscures security issues
+* Missing error messages or unclear panic contexts in tests
+* Insufficient test coverage for new extrinsics or storage operations
+* Missing or inadequate documentation for complex algorithms
+* Magic numbers without explanation
+* TODO/FIXME comments introducing technical debt in critical paths
+
+## External Contributor Scrutiny
+For contributors without "Nucleus" role, apply **maximum scrutiny**:
+* Verify the PR solves a real, documented issue
+* Check for hidden backdoors or logic bombs
+* Review commit history for suspicious patterns
+* Validate that changes match the stated purpose
+* Question any unusual patterns or overcomplicated solutions
+* Require clear explanations for non-obvious changes
+
+## Build & Tooling
+* If lints fail (clippy, rustfmt, cargo check), suggest running `./scripts/fix_rust.sh`
+* Uncommitted `Cargo.lock` changes should be included in commits
+* Ensure CI passes before deep review
+
+## Review Style
+* Be **concise** - report only legitimate issues, no nitpicks
+* Provide **specific line numbers** and **concrete examples**
+* Suggest **fixes** when possible, not just problems
+* **Severity levels**: Use [CRITICAL], [HIGH], [MEDIUM], [LOW] tags
+* Block PRs on [CRITICAL] and [HIGH] issues
+* For security issues, consider discussing privately before commenting publicly
+
+## Final Check
+Before approving, ask yourself:
+1. Could this brick the chain? (panic, consensus break)
+2. Could this lose or steal funds? (arithmetic, logic errors)
+3. Could this DOS the network? (unbounded operations, weight issues)
+4. Could this introduce a backdoor? (especially for external contributors)
+5. Is this change necessary and minimal?
+
+**Remember: $4B market cap. Err on the side of caution. When in doubt, escalate.**

.github/pull_request_template.md

@@ -31,7 +31,7 @@ Please ensure the following tasks are completed before requesting a review:
 
 - [ ] I have performed a self-review of my own code
 - [ ] I have commented my code, particularly in hard-to-understand areas
-- [ ] I have run `cargo fmt` and `cargo clippy` to ensure my code is formatted and linted correctly
+- [ ] I have run `./scripts/fix_rust.sh` to ensure my code is formatted and linted correctly
 - [ ] I have made corresponding changes to the documentation
 - [ ] My changes generate no new warnings
 - [ ] I have added tests that prove my fix is effective or that my feature works

common/src/lib.rs

@@ -147,7 +147,7 @@ pub enum ProxyType {
     NonCritical,
     NonTransfer,
     Senate,
-    NonFungibile, // Nothing involving moving TAO
+    NonFungible, // Nothing involving moving TAO
     Triumvirate,
     Governance, // Both above governance
     Staking,

evm-tests/src/contracts/subnet.ts

@@ -663,24 +663,6 @@ export const ISubnetABI = [
         stateMutability: "payable",
         type: "function",
     },
-    {
-        inputs: [
-            {
-                internalType: "uint16",
-                name: "netuid",
-                type: "uint16",
-            },
-            {
-                internalType: "uint16",
-                name: "maxWeightLimit",
-                type: "uint16",
-            },
-        ],
-        name: "setMaxWeightLimit",
-        outputs: [],
-        stateMutability: "payable",
-        type: "function",
-    },
     {
         inputs: [
             {

evm-tests/test/subnet.precompile.hyperparameter.test.ts

@@ -208,25 +208,17 @@ describe("Test the Subnet precompile contract", () => {
         assert.equal(valueFromContract, onchainValue);
     })
 
-    it("Can set maxWeightLimit parameter", async () => {
+    it("Returns constant maxWeightLimit", async () => {
 
         const totalNetwork = await api.query.SubtensorModule.TotalNetworks.getValue()
         const contract = new ethers.Contract(ISUBNET_ADDRESS, ISubnetABI, wallet);
         const netuid = totalNetwork - 1;
 
-        const newValue = 106;
-        const tx = await contract.setMaxWeightLimit(netuid, newValue);
-        await tx.wait();
-
-        let onchainValue = await api.query.SubtensorModule.MaxWeightsLimit.getValue(netuid)
-
-
-        let valueFromContract = Number(
+        const valueFromContract = Number(
             await contract.getMaxWeightLimit(netuid)
         );
 
-        assert.equal(valueFromContract, newValue)
-        assert.equal(valueFromContract, onchainValue);
+        assert.equal(valueFromContract, 0xFFFF)
     })
 
     it("Can set immunityPeriod parameter", async () => {

hyperparameters.md

@@ -2,6 +2,7 @@
 ```rust
 DefaultTake: u16 = 11_796; // 18% honest number.
 TxRateLimit: u64 = 1; // [1 @ 64,888]
+MaxWeightsLimit: u16 = u16::MAX; // constant limit
 ```
 
 ### netuid 1 (text_prompting)
@@ -13,7 +14,6 @@ MaxAllowedUids: u16 = 1024;
 Issuance: u64 = 0;
 MinAllowedWeights: u16 = 8;
 EmissionValue: u64 = 142_223_000;
-MaxWeightsLimit: 455; // 455/2^16 = 0.0069
 ValidatorBatchSize: u16 = 1;
 ValidatorSequenceLen: u16 = 2048; // 2048
 ValidatorEpochLen: u16 = 100;
@@ -54,7 +54,6 @@ MaxAllowedUids: u16 = 4096;
 Issuance: u64 = 0;
 MinAllowedWeights: u16 = 50;
 EmissionValue: u64 = 857_777_000;
-MaxWeightsLimit: u16 = 655; // 655/2^16 = 0.01 [655 @ 7,160]
 ValidatorBatchSize: u16 = 32; // 32
 ValidatorSequenceLen: u16 = 256; // 256
 ValidatorEpochLen: u16 = 250; // [250 @ 7,161]

pallets/admin-utils/src/benchmarking.rs

@@ -292,19 +292,6 @@ mod benchmarks {
 		_(RawOrigin::Root, 1u16.into()/*netuid*/, 100u16/*immunity_period*/)/*sudo_set_immunity_period*/;
     }
 
-    #[benchmark]
-    fn sudo_set_max_weight_limit() {
-        // disable admin freeze window
-        pallet_subtensor::Pallet::<T>::set_admin_freeze_window(0);
-        pallet_subtensor::Pallet::<T>::init_new_network(
-            1u16.into(), /*netuid*/
-            1u16,        /*tempo*/
-        );
-
-        #[extrinsic_call]
-		_(RawOrigin::Root, 1u16.into()/*netuid*/, 100u16/*max_weight_limit*/)/*sudo_set_max_weight_limit*/;
-    }
-
     #[benchmark]
     fn sudo_set_max_registrations_per_block() {
         // disable admin freeze window

pallets/admin-utils/src/lib.rs

@@ -426,40 +426,6 @@ pub mod pallet {
             Ok(())
         }
 
-        /// The extrinsic sets the adjustment beta for a subnet.
-        /// It is only callable by the root account or subnet owner.
-        /// The extrinsic will call the Subtensor pallet to set the adjustment beta.
-        #[pallet::call_index(12)]
-        #[pallet::weight(Weight::from_parts(26_890_000, 0)
-        .saturating_add(<T as frame_system::Config>::DbWeight::get().reads(3_u64))
-        .saturating_add(<T as frame_system::Config>::DbWeight::get().writes(1_u64)))]
-        pub fn sudo_set_max_weight_limit(
-            origin: OriginFor<T>,
-            netuid: NetUid,
-            max_weight_limit: u16,
-        ) -> DispatchResult {
-            let maybe_owner = pallet_subtensor::Pallet::<T>::ensure_sn_owner_or_root_with_limits(
-                origin,
-                netuid,
-                &[Hyperparameter::MaxWeightLimit.into()],
-            )?;
-
-            ensure!(
-                pallet_subtensor::Pallet::<T>::if_subnet_exist(netuid),
-                Error::<T>::SubnetDoesNotExist
-            );
-            pallet_subtensor::Pallet::<T>::set_max_weight_limit(netuid, max_weight_limit);
-            pallet_subtensor::Pallet::<T>::record_owner_rl(
-                maybe_owner,
-                netuid,
-                &[Hyperparameter::MaxWeightLimit.into()],
-            );
-            log::debug!(
-                "MaxWeightLimitSet( netuid: {netuid:?} max_weight_limit: {max_weight_limit:?} ) "
-            );
-            Ok(())
-        }
-
         /// The extrinsic sets the immunity period for a subnet.
         /// It is only callable by the root account or subnet owner.
         /// The extrinsic will call the Subtensor pallet to set the immunity period.
@@ -1252,7 +1218,7 @@ pub mod pallet {
         /// The extrinsic will call the Subtensor pallet to set the minimum delegate take.
         #[pallet::call_index(46)]
         #[pallet::weight((
-            Weight::from_parts(5_000_000, 0).saturating_add(T::DbWeight::get().writes(1_u64)),
+            Weight::from_parts(7_885_000, 0).saturating_add(T::DbWeight::get().writes(1_u64)),
             DispatchClass::Operational,
             Pays::Yes
         ))]
@@ -1999,7 +1965,7 @@ pub mod pallet {
         /// Only callable by root.
         #[pallet::call_index(74)]
         #[pallet::weight((
-			Weight::from_parts(5_771_000, 0)
+			Weight::from_parts(9_418_000, 0)
 				.saturating_add(<T as frame_system::Config>::DbWeight::get().reads(0_u64))
 				.saturating_add(<T as frame_system::Config>::DbWeight::get().writes(1_u64)),
 			DispatchClass::Operational

pallets/admin-utils/src/tests/mock.rs

@@ -77,7 +77,6 @@ pub type UncheckedExtrinsic = TestXt<RuntimeCall, ()>;
 parameter_types! {
     pub const InitialMinAllowedWeights: u16 = 0;
     pub const InitialEmissionValue: u16 = 0;
-    pub const InitialMaxWeightsLimit: u16 = u16::MAX;
     pub BlockWeights: limits::BlockWeights = limits::BlockWeights::with_sensible_defaults(
         Weight::from_parts(2_000_000_000_000, u64::MAX),
         Perbill::from_percent(75),
@@ -162,7 +161,6 @@ impl pallet_subtensor::Config for Test {
     type Scheduler = Scheduler;
     type InitialMinAllowedWeights = InitialMinAllowedWeights;
     type InitialEmissionValue = InitialEmissionValue;
-    type InitialMaxWeightsLimit = InitialMaxWeightsLimit;
     type InitialTempo = InitialTempo;
     type InitialDifficulty = InitialDifficulty;
     type InitialAdjustmentInterval = InitialAdjustmentInterval;

pallets/admin-utils/src/tests/mod.rs

@@ -391,39 +391,6 @@ fn test_sudo_subnet_owner_cut() {
     });
 }
 
-#[test]
-fn test_sudo_set_max_weight_limit() {
-    new_test_ext().execute_with(|| {
-        let netuid = NetUid::from(1);
-        let to_be_set: u16 = 10;
-        add_network(netuid, 10);
-        let init_value: u16 = SubtensorModule::get_max_weight_limit(netuid);
-        assert_eq!(
-            AdminUtils::sudo_set_max_weight_limit(
-                <<Test as Config>::RuntimeOrigin>::signed(U256::from(1)),
-                netuid,
-                to_be_set
-            ),
-            Err(DispatchError::BadOrigin)
-        );
-        assert_eq!(
-            AdminUtils::sudo_set_max_weight_limit(
-                <<Test as Config>::RuntimeOrigin>::root(),
-                netuid.next(),
-                to_be_set
-            ),
-            Err(Error::<Test>::SubnetDoesNotExist.into())
-        );
-        assert_eq!(SubtensorModule::get_max_weight_limit(netuid), init_value);
-        assert_ok!(AdminUtils::sudo_set_max_weight_limit(
-            <<Test as Config>::RuntimeOrigin>::root(),
-            netuid,
-            to_be_set
-        ));
-        assert_eq!(SubtensorModule::get_max_weight_limit(netuid), to_be_set);
-    });
-}
-
 #[test]
 fn test_sudo_set_issuance() {
     new_test_ext().execute_with(|| {