Feat/sync dev with v1.7.2

[aarmoa]

• PR to sync the dev branch with the changes introduced in master for the v1.7.2 release

Summary by CodeRabbit

• New Features
  • Updated the OFAC list with 82 new Ethereum addresses and removed 4 outdated addresses.
• Bug Fixes
  • Corrected the link to the official OFAC JSON file and refreshed the local copy.
• Documentation
  • Updated changelog to reflect changes for version 1.7.2.

[coderabbitai]

Walkthrough

The changes in this pull request include an update to the changelog for version 1.7.2, which documents a correction to the link for the ofac.json file and notes a refresh of the local copy. Additionally, the ofac.json file has been modified to add 82 new Ethereum addresses and remove 4 existing ones. The OFAC_LIST_URL constant in the ofac.py file has also been updated to reflect a new structured path for accessing the OFAC list.

Changes

File	Change Summary
CHANGELOG.md	Added version entry for 1.7.2, corrected link to ofac.json, noted refresh of local copy.
pyinjective/ofac.json	Added 82 new Ethereum addresses and removed 4 existing addresses.
pyinjective/ofac.py	Updated OFAC_LIST_URL to a new structured path for accessing the ofac.json file.

Possibly related PRs

• Implement OFAC list address check #346: The changes in this PR involve the introduction of an ofac.json file that lists Ethereum addresses for compliance checks, which is directly related to the updates made in the main PR regarding the ofac.json file link correction and refresh.
• fix/sync_dev_after_v1_7_1 #352: This PR includes a fix for obtaining the absolute path of the ofac.json file, which is relevant to the main PR's updates on the changelog and the handling of the ofac.json file.

Suggested reviewers

• PavelInjective

🐰 In the code we hop and play,
New addresses join the fray!
A link corrected, fresh and bright,
Our OFAC list is now just right!
With every change, we take a leap,
In the world of code, our secrets keep! 🐇

---

🪧 Tips

Chat

There are 3 ways to chat with CodeRabbit:

• Review comments: Directly reply to a review comment made by CodeRabbit. Example:
  • I pushed a fix in commit <commit_id>, please review it.
  • Generate unit testing code for this file.
  • Open a follow-up GitHub issue for this discussion.
• Files and specific lines of code (under the "Files changed" tab): Tag @coderabbitai in a new review comment at the desired location with your query. Examples:
  • @coderabbitai generate unit testing code for this file.
  • @coderabbitai modularize this function.
• PR comments: Tag @coderabbitai in a new PR comment to ask questions about the PR branch. For the best results, please provide a very specific query, as very limited context is provided in this mode. Examples:
  • @coderabbitai gather interesting stats about this repository and render them as a table. Additionally, render a pie chart showing the language distribution in the codebase.
  • @coderabbitai read src/utils.ts and generate unit testing code.
  • @coderabbitai read the files in the src/scheduler package and generate a class diagram using mermaid and a README in the markdown format.
  • @coderabbitai help me debug CodeRabbit configuration file.

Note: Be mindful of the bot's finite context window. It's strongly recommended to break down tasks such as reading entire modules into smaller chunks. For a focused discussion, use review comments to chat about specific files and their changes, instead of using the PR comments.

CodeRabbit Commands (Invoked using PR comments)

• @coderabbitai pause to pause the reviews on a PR.
• @coderabbitai resume to resume the paused reviews.
• @coderabbitai review to trigger an incremental review. This is useful when automatic reviews are disabled for the repository.
• @coderabbitai full review to do a full review from scratch and review all the files again.
• @coderabbitai summary to regenerate the summary of the PR.
• @coderabbitai resolve resolve all the CodeRabbit review comments.
• @coderabbitai configuration to show the current CodeRabbit configuration for the repository.
• @coderabbitai help to get help.

Other keywords and placeholders

• Add @coderabbitai ignore anywhere in the PR description to prevent this PR from being reviewed.
• Add @coderabbitai summary to generate the high-level summary at a specific location in the PR description.
• Add @coderabbitai anywhere in the PR title to generate the title automatically.

Documentation and Community

• Visit our Documentation for detailed information on how to use CodeRabbit.
• Join our Discord Community to get help, request features, and share feedback.
• Follow us on X/Twitter for updates and announcements.

[coderabbitai]

Actionable comments posted: 1

🧹 Outside diff range and nitpick comments (3)

pyinjective/ofac.py (2)

7-9: Consider adding URL fallback mechanism

Since this is a critical security feature (OFAC compliance), consider implementing a fallback mechanism in case the primary URL is unavailable.

Consider this implementation:

-OFAC_LIST_URL = (
-    "https://raw.githubusercontent.com/InjectiveLabs/injective-lists/refs/heads/master/json/wallets/ofac.json"
-)
+# Primary URL with new structure
+OFAC_LIST_URL_PRIMARY = (
+    "https://raw.githubusercontent.com/InjectiveLabs/injective-lists/refs/heads/master/json/wallets/ofac.json"
+)
+# Fallback URL with old structure
+OFAC_LIST_URL_FALLBACK = (
+    "https://raw.githubusercontent.com/InjectiveLabs/injective-lists/master/wallets/ofac.json"
+)
+OFAC_LIST_URL = OFAC_LIST_URL_PRIMARY

Then update the download_ofac_list method to attempt the fallback URL if the primary fails:

@classmethod
async def download_ofac_list(cls):
    async with aiohttp.ClientSession() as session:
        # Try primary URL first
        try:
            async with session.get(OFAC_LIST_URL_PRIMARY) as response:
                response.raise_for_status()
                text_content = await response.text()
                ofac_list = json.loads(text_content)
                cls._save_ofac_list(ofac_list)
                return
        except Exception as primary_error:
            # Try fallback URL
            try:
                async with session.get(OFAC_LIST_URL_FALLBACK) as response:
                    response.raise_for_status()
                    text_content = await response.text()
                    ofac_list = json.loads(text_content)
                    cls._save_ofac_list(ofac_list)
                    return
            except Exception as fallback_error:
                raise Exception(
                    f"Error fetching OFAC list: Primary: {primary_error}, Fallback: {fallback_error}"
                )

@classmethod
def _save_ofac_list(cls, ofac_list):
    ofac_file_path = cls.get_ofac_list_path()
    with open(ofac_file_path, "w") as f:
        json.dump(ofac_list, f, indent=2)
        f.write("\n")

---

Line range hint 31-37: Enhance error handling with specific exception types

The current error handling catches all exceptions generically. Consider separating the handling of different error types for better error reporting and debugging.

Here's a suggested implementation:

     @classmethod
     async def download_ofac_list(cls):
         async with aiohttp.ClientSession() as session:
             try:
                 async with session.get(OFAC_LIST_URL) as response:
                     response.raise_for_status()
                     text_content = await response.text()
-                    ofac_list = json.loads(text_content)
-                    ofac_file_path = cls.get_ofac_list_path()
-                    with open(ofac_file_path, "w") as f:
-                        json.dump(ofac_list, f, indent=2)
-                        f.write("\n")
-                    return
-            except Exception as e:
-                raise Exception(f"Error fetching OFAC list: {e}")
+                    try:
+                        ofac_list = json.loads(text_content)
+                    except json.JSONDecodeError as e:
+                        raise ValueError(f"Invalid JSON in OFAC list response: {e}")
+                    
+                    try:
+                        ofac_file_path = cls.get_ofac_list_path()
+                        with open(ofac_file_path, "w") as f:
+                            json.dump(ofac_list, f, indent=2)
+                            f.write("\n")
+                    except IOError as e:
+                        raise IOError(f"Failed to write OFAC list to file: {e}")
+                    return
+            except aiohttp.ClientError as e:
+                raise ConnectionError(f"Failed to fetch OFAC list: {e}")

pyinjective/ofac.json (1)

1-157: Consider implementing version tracking for OFAC list updates

To improve maintainability and auditability, consider adding:

1. A version identifier in the JSON file
2. A last updated timestamp
3. A reference to the source OFAC list version

Example structure:

 [
+  {
+    "version": "1.7.2",
+    "last_updated": "2024-11-13",
+    "source_reference": "OFAC_SDN_LIST_20241113",
+    "addresses": [
       "0x01e2919679362dfbc9ee1644ba9c6da6d6245bb1",
       ...
     ]
+  }
 ]

📜 Review details

Configuration used: .coderabbit.yaml
Review profile: CHILL

📥 Commits

Reviewing files that changed from the base of the PR and between 9f7b8e3 and be9cc3f.

📒 Files selected for processing (3)

• CHANGELOG.md (1 hunks)
• pyinjective/ofac.json (1 hunks)
• pyinjective/ofac.py (1 hunks)

🧰 Additional context used

🪛 LanguageTool

CHANGELOG.md

[duplication] ~6-~6: Possible typo: you repeated a word
Context: ...this file. ## [1.7.2] - 2024-11-13 ### Fixed - Fixed link to official ofac.json file - Ref...

(ENGLISH_WORD_REPEAT_RULE)

🔇 Additional comments (1)

pyinjective/ofac.py (1)

7-9: Verify the accessibility and validity of the new OFAC list URL

The URL structure has been updated to include additional path segments. Let's verify that the new URL is accessible and returns valid JSON data.

✅ Verification successful

URL change is valid but old URL is no longer accessible

The verification results show:

• New URL is accessible (HTTP 200) and returns valid JSON with 156 entries
• Old URL structure is no longer valid (returns invalid JSON)
• The repository has been reorganized to use the new path structure with /refs/heads/master/json/ prefix

This confirms that the URL update in the code is necessary and correct, as it aligns with the new repository structure.

🏁 Scripts executed

The following scripts were executed for the analysis:

Script:

#!/bin/bash
# Description: Verify the new OFAC list URL is accessible and returns valid JSON

# Test 1: Check if the URL is accessible
echo "Testing URL accessibility..."
curl -s -f -I "https://raw.githubusercontent.com/InjectiveLabs/injective-lists/refs/heads/master/json/wallets/ofac.json" || echo "URL not accessible"

# Test 2: Verify JSON validity
echo "Testing JSON validity..."
curl -s "https://raw.githubusercontent.com/InjectiveLabs/injective-lists/refs/heads/master/json/wallets/ofac.json" | jq . >/dev/null 2>&1 || echo "Invalid JSON"

# Test 3: Compare with the old URL structure to ensure no data loss
echo "Comparing with old URL structure..."
NEW_URL="https://raw.githubusercontent.com/InjectiveLabs/injective-lists/refs/heads/master/json/wallets/ofac.json"
OLD_URL="https://raw.githubusercontent.com/InjectiveLabs/injective-lists/master/wallets/ofac.json"

curl -s "$NEW_URL" | jq length
curl -s "$OLD_URL" | jq length

Length of output: 1844

[coderabbitai]

💡 Codebase verification

⚠️ Potential issue

Address marked for removal is still present in the OFAC list

The verification revealed that the address 0x19aa5fe80d33a56d56c78e82ea5e50e5d80b4dff that was supposed to be removed is still present in the list. Additionally, the script verification showed:

• Total addresses: 156
• All addresses follow valid Ethereum address format
• No duplicate addresses found

🔗 Analysis chain

Verify OFAC list synchronization with official source

The JSON array is properly formatted and contains valid Ethereum addresses. However, given the security-critical nature of this file for compliance purposes, we should verify:

1. The completeness of the list
2. The accuracy of additions and removals
3. The synchronization with the official OFAC SDN list

Please ensure that:

1. The changes align with the latest official OFAC SDN list
2. The implementation in ofac.py is updated to handle any new address patterns
3. Comprehensive testing is performed to verify blocking functionality

Would you like me to help generate test cases for the updated list?

🏁 Scripts executed

The following scripts were executed for the analysis:

Script:

#!/bin/bash
# Description: Verify the OFAC list changes and synchronization

# 1. Verify the removed addresses are not present
echo "Checking for removed addresses..."
for addr in "0x19aa5fe80d33a56d56c78e82ea5e50e5d80b4dff"
do
    if grep -q "$addr" pyinjective/ofac.json; then
        echo "WARNING: Removed address $addr is still present"
    fi
done

# 2. Count total addresses for verification
echo "Total addresses in list:"
jq length pyinjective/ofac.json

# 3. Verify address format
echo "Checking address format..."
jq -r '.[]' pyinjective/ofac.json | while read -r addr; do
    if ! [[ $addr =~ ^0x[a-fA-F0-9]{40}$ ]]; then
        echo "Invalid address format: $addr"
    fi
done

# 4. Check for duplicates
echo "Checking for duplicates..."
jq -r '.[]' pyinjective/ofac.json | sort | uniq -d

Length of output: 14600