Skip to content

Enforce authorized and reserved share ceilings#238

Open
HardlyDifficult wants to merge 68 commits into
mainfrom
codex/ocf-stock-class-share-ceiling
Open

Enforce authorized and reserved share ceilings#238
HardlyDifficult wants to merge 68 commits into
mainfrom
codex/ocf-stock-class-share-ceiling

Conversation

@HardlyDifficult

@HardlyDifficult HardlyDifficult commented Jul 8, 2026

Copy link
Copy Markdown
Collaborator

Summary

Groups the OCF authorized/reserved share ceiling and security-identity enforcement into one contract-level invariant PR. This supersedes #252, the standalone stock-plan reserved pool ceiling PR, and #270, the standalone security-ID uniqueness PR.

UpdateCapTable now validates the final cap-table state after deletes, edits, issuer edits, and creates, rejecting states where:

  • issued stock-class quantity exceeds effective stock-class authorized shares
  • historical issuances, splits, conversions, warrant exercises, equity-comp exercises, or equity-comp releases would rely on a later authorization change
  • undated stock classes rely on a later issuer adjustment instead of the issuer's initial authorization
  • stock security events reduce a security below zero
  • effective stock-class authorization totals exceed a finite issuer authorization
  • finite issuer authorization is paired with unquantifiable stock-class authorization (UNLIMITED or NOT_APPLICABLE)
  • stock/equity-comp plan allocations, net of valid returns, exceed a stock plan's effective reserved pool
  • stock-plan pool adjustments or plan edits/deletes would invalidate existing allocations
  • plan-backed stock allocations ignore neither stock splits nor still-outstanding stock when evaluating return-to-pool reuse
  • transfer, reissuance, consolidation, balance, exercise, or release successors are double-counted as new stock-plan allocations
  • stock consolidations mix plan-backed and non-plan sources, combine sources attributed to different plans, or declare a result plan that differs from homogeneous source attribution
  • a successor from a non-plan source hides its own declared stock-plan allocation
  • transfer or replacement lineages incorrectly make the source security returnable to a stock plan pool
  • signed plan allocation or return quantities would mask an overallocated stock plan pool
  • returns-to-pool exceed the referenced security's split-adjusted cancelled quantity
  • returns-to-pool predate the receiving stock plan's effective date
  • partial resulting-security coverage or missing balance issuances would silently free authorized-share headroom
  • convertible conversions partially materialize outputs, disagree with derivable result dates, target classes, or quantities, exceed source units, or leave an unmaterialized output without a computable fixed/ratio class and quantity
  • non-fixed warrant exercises without materialized resulting stock issuances would silently infer destination shares from warrant quantity
  • fixed-amount warrant outputs fail to scale the declared total output by the exercised or remaining warrant quantity
  • stock, warrant, and equity-compensation histories overdraw a security or retire the same source more than once, including same-timestamp terminal events
  • negative equity-compensation exercise quantities cannot invert a source-balance reduction into a balance increase; schema-valid zero remains allowed
  • successor IDs reuse their source or balance role, are produced by multiple lifecycle transactions, or collide across issuance security types
  • later balance successors ignore prior reductions merely because an earlier transaction left all output issuances unmaterialized
  • materialized transfer, reissuance, or consolidation successors use mismatched event dates, classes, or quantities
  • equity-compensation cancellation balances fail to replace the source or mismatch its exact date, class, or remainder
  • stock-plan pool adjustments reference a missing or deleted plan
  • classless equity-comp issuances on single-class plans ignore stock splits, while classless multi-class plan issuances with relevant splits are rejected as ambiguous
  • classless equity-comp successors adopt a class that is not uniquely inferable from current plan membership, or record stock-plan attribution that conflicts with attribution inherited from their source lineage
  • cross-plan returns of classless securities cannot prove an unambiguous source class or attempt to backdate a class newly added to a plan
  • conversions cannot rely on missing source issuances or destination stock classes
  • issuer authorized-share adjustments must reference the current cap-table issuer
  • deleted stock classes cannot leave live stock-class share lots outside ceiling validation

Valid returns with a recorded source class may target a different stock plan containing that class, as required for OCF plan rollovers; the returned quantity is credited to the target plan while the source plan's original allocation remains consumed. Validated cross-plan credit may be carried across updates until later allocation, with a precise lower bound that does not weaken same-plan over-return checks. Successor attribution is deterministic from the submitted final state: a recorded successor plan must match any plan inherited from its source lineage, while a successor from a non-plan source may explicitly enter a valid plan.

Also keeps fixture data internally valid by removing unrelated placeholder stock_plan_id values from tests that do not create stock plans.

OCF requirement references

Schema references are pinned to Open-Cap-Format-OCF commit dd84bdb6bafb63681c77166f315cea5a2078a4c8.

Validation

  • npm run build
  • npm run verify-dars
  • dpm test --files daml/OpenCapTable/TestStockPlanReservedShares.daml --color
  • dpm test --files daml/OpenCapTable/TestStockClassAuthorizedShares.daml --color
  • dpm test --files daml/OpenCapTable/TestConvertibleConversion.daml --color
  • dpm test --files daml/OpenCapTable/TestSecurityIdValidation.daml --color
  • dpm test --files daml/OpenCapTable/TestLifecycleInvariants.daml --color
  • dpm test --files daml/OpenCapTable/TestIssuerAuthorizedShares.daml --color
  • dpm test --files daml/OpenCapTable/TestStockPlanReturnToPool.daml --color
  • npm test (388 scenarios)
  • npm run lint
  • npm run lint:daml
  • npm run format
  • npm run check:schema-gaps -- --ocf-schema-dir /tmp/open-cap-format-ocf-schema-check/schema
  • npm run verify-package
  • npm run check-upgrade-compat
  • git diff --check

Final OpenCapTable-v34 0.0.5 DAR: SHA-256 b99c41fe3a2eb3c3d4ce21febfc7568c90c7e9a509d06cb66db924570435c50f (2,962,199 bytes).


Note

Low Risk
Production change is a narrow OCF field constraint on consolidations; remaining edits are tests and fixtures with no runtime behavior change beyond that validator.

Overview
Adds validateUniqueStringsArray in shared validation and applies it to stock consolidation security_ids, so duplicate source IDs fail at the template ensure layer.

The bulk of the diff is Daml Script test work: new TestIssuerAuthorizedShares, TestLifecycleInvariants, and TestObjectIdUniqueness modules, plus broader TestSecurityIdValidation cases. TestHelpers and Setup gain reusable issuer/stock-class/plan factories and setup combinators.

Existing scenario tests are updated so batches stay valid under stricter cap-table rules—e.g. materialized resulting/balance stock issuances for convertible conversions, equity releases, and partial cancellations; stock_plan_id = None where no plan exists; and addPrerequisites / setupForStockIssuance instead of stakeholder-only setup.

Reviewed by Cursor Bugbot for commit 48a4be2. Bugbot is set up for automated code reviews on this repo. Configure here.

Summary by CodeRabbit

  • New Features

    • Added support for more complete cap table validation around authorized shares, reserved pools, stock splits, cancellations, conversions, warrants, and equity compensation.
    • Expanded test coverage for issuer, stock class, and stock plan share limits.
  • Bug Fixes

    • Improved handling of share-limit checks so edits, deletions, and same-date updates behave consistently.
    • Fixed scenarios where optional stock plan details were being handled incorrectly in test flows.

@coderabbitai

coderabbitai Bot commented Jul 8, 2026

Copy link
Copy Markdown

Review Change Stack

Note

Reviews paused

Use the following commands to manage reviews:

  • @coderabbitai resume to resume automatic reviews.
  • @coderabbitai review to trigger a single review.

Use the checkboxes below for quick actions:

  • ▶️ Resume reviews
  • 🔍 Trigger review
📝 Walkthrough

Walkthrough

Updates the CapTable DAML template to validate issuer, stock-class, and stock-plan authorized-share ceilings from historical data and batch edits. Also bumps package/DAR references, adds new test helpers, and expands test coverage for issuer, stock-class, stock-plan, conversion, warrant, and equity-compensation flows.

Changes

Authorized Shares Ceiling Feature

Layer / File(s) Summary
Package and DAR version bump
OpenCapTable-v34/daml.yaml, Test/daml.yaml, dars/OpenCapTable-v34/0.0.3/OpenCapTable-v34.dar, dars/OpenCapTable-v34/0.0.4/OpenCapTable-v34.dar, dars/OpenCapTable-v34/0.0.5/OpenCapTable-v34.dar
Package manifest and test dependency version references are updated, and the DAR pointer metadata is refreshed across the referenced artifact versions.
Codegen validation flags
scripts/codegen/generate-captable.ts
TypeDef gains validates_stock_class_initial_authorized_shares, and discovery marks StockClass types with that flag.
Authorized shares ceiling logic
scripts/codegen/templates/CapTable.daml.template
Adds ceiling types, event reconstruction, adjustment precedence, stock-class and issuer limit validation, stock-plan pool validation, and UpdateCapTable validation wiring before the updated contract is created.
Test setup and helpers
Test/daml/OpenCapTable/Setup.daml, Test/daml/OpenCapTable/TestHelpers.daml
Test setup now seeds a larger issuer authorized-share amount, and helper factories are added for issuer, stock-class, and stock-plan test data.
Issuer authorized shares tests
Test/daml/OpenCapTable/TestIssuerAuthorizedShares.daml
Adds helpers and scripts covering issuer ceilings, adjustment ordering, edits, historical totals, and finite-versus-unlimited stock-class authorization cases.
Stock class authorized shares tests
Test/daml/OpenCapTable/TestStockClassAuthorizedShares.daml
Adds helpers and scripts covering stock-class ceilings across issuance, adjustments, splits, cancellations, conversions, warrants, and equity compensation.
Stock plan reserved shares and return-to-pool
Test/daml/OpenCapTable/TestStockPlanReservedShares.daml, Test/daml/OpenCapTable/TestStockPlanReturnToPool.daml
Adds stock-plan reserved-share helpers and tests, and reworks return-to-pool scenarios to include stock cancellations and shared setup helpers.
Stock conversion setup
Test/daml/OpenCapTable/TestStockConversion.daml
Adds a preferred-class conversion-right helper and updates conversion tests to create the preferred stock class before issuing stock.
Equity compensation stock plan fields
Test/daml/OpenCapTable/TestEquityCompensationAcceptance.daml, Test/daml/OpenCapTable/TestEquityCompensationCancellation.daml, Test/daml/OpenCapTable/TestEquityCompensationIssuance.daml, Test/daml/OpenCapTable/TestEquityCompensationRetraction.daml, Test/daml/OpenCapTable/TestEquityCompensationTransfer.daml, Test/daml/OpenCapTable/TestVestingAcceleration.daml, Test/daml/OpenCapTable/TestVestingEvent.daml, Test/daml/OpenCapTable/TestVestingStart.daml
Equity-compensation issuance fixtures are updated to omit stock_plan_id across the acceptance, cancellation, issuance, retraction, transfer, and vesting tests.
Warrant exercise setup
Test/daml/OpenCapTable/TestWarrantExercise.daml
Adds a warrant exercise trigger helper, uses it for warrant issuance, and switches prerequisite setup in the exercise tests.

Estimated code review effort: 4 (Complex) | ~60 minutes

Sequence Diagram(s)

sequenceDiagram
  participant UpdateCapTable
  participant processEdit
  participant validateAuthorizedShareCeilings
  participant CapTable

  UpdateCapTable->>processEdit: apply edits and collect finalized maps
  UpdateCapTable->>validateAuthorizedShareCeilings: validate issuer, stock-class, and stock-plan ceilings
  validateAuthorizedShareCeilings-->>UpdateCapTable: pass or fail
  UpdateCapTable->>CapTable: create updated contract
Loading
🚥 Pre-merge checks | ✅ 5
✅ Passed checks (5 passed)
Check name Status Explanation
Docstring Coverage ✅ Passed No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.
Linked Issues check ✅ Passed Check skipped because no linked issues were found for this pull request.
Out of Scope Changes check ✅ Passed Check skipped because no linked issues were found for this pull request.
Description Check ✅ Passed Check skipped - CodeRabbit’s high-level summary is enabled.
Title check ✅ Passed The title clearly summarizes the PR’s main change: enforcing authorized and reserved share ceiling invariants.
✨ Finishing Touches
📝 Generate docstrings
  • Create stacked PR
  • Commit on current branch
🧪 Generate unit tests (beta)
  • Create PR with unit tests
  • Commit unit tests in branch codex/ocf-stock-class-share-ceiling

Comment @coderabbitai help to get the list of available commands.

Copilot AI left a comment

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

Adds contract-level enforcement of stock-class authorized share ceilings during CapTable.UpdateCapTable, ensuring issuances and authorized-share changes cannot result in issued shares exceeding the effective authorized limit (while leaving non-numeric/UNLIMITED values uncapped).

Changes:

  • Adds authorized-share limit calculation + validation helpers to the generated CapTable module template.
  • Updates codegen loop templates to invoke the new validations on create/edit/delete paths for StockIssuance and StockClassAuthorizedSharesAdjustment, and on StockClass edits.
  • Adds a new DAML script test module covering several authorized-share ceiling scenarios; updates the versioned DAR pointer + lock metadata.

Reviewed changes

Copilot reviewed 7 out of 8 changed files in this pull request and generated 4 comments.

Show a summary per file
File Description
Test/daml/OpenCapTable/TestStockClassAuthorizedShares.daml Adds new script tests for authorized-share ceiling enforcement scenarios.
scripts/codegen/templates/loops/edit-case.daml Adds validation hooks for edits (stock class, stock issuance, authorized-share adjustments).
scripts/codegen/templates/loops/delete-case.daml Adds validation hook for deleting authorized-share adjustments.
scripts/codegen/templates/loops/create-case.daml Adds validation hooks for creating stock issuances and authorized-share adjustments.
scripts/codegen/templates/CapTable.daml.template Introduces helper functions to compute effective authorized limits and assert issued shares remain within them.
scripts/codegen/generate-captable.ts Plumbs per-type boolean flags to drive the new validation hooks in templates.
dars/OpenCapTable-v34/0.0.2/OpenCapTable-v34.dar Updates the Git LFS pointer for the generated DAR artifact.
dars/dars.lock Updates checksum/size metadata for the updated DAR artifact.

Comment thread scripts/codegen/templates/loops/edit-case.daml Outdated
Comment thread scripts/codegen/templates/CapTable.daml.template Outdated
Comment thread scripts/codegen/templates/CapTable.daml.template Outdated
Comment thread Test/daml/OpenCapTable/TestStockClassAuthorizedShares.daml
@HardlyDifficult HardlyDifficult marked this pull request as ready for review July 8, 2026 23:48
@HardlyDifficult HardlyDifficult requested a review from Copilot July 8, 2026 23:48
Comment thread scripts/codegen/templates/CapTable.daml.template Outdated

Copilot AI left a comment

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

Copilot reviewed 7 out of 8 changed files in this pull request and generated 2 comments.

Comment thread scripts/codegen/templates/loops/edit-case.daml Outdated
Comment thread scripts/codegen/templates/CapTable.daml.template Outdated

@chatgpt-codex-connector chatgpt-codex-connector Bot left a comment

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

💡 Codex Review

Here are some automated review suggestions for this pull request.

Reviewed commit: 76fb636f4e

ℹ️ About Codex in GitHub

Your team has set up Codex to review pull requests in this repo. Reviews are triggered when you

  • Open a pull request for review
  • Mark a draft as ready
  • Comment "@codex review".

If Codex has suggestions, it will comment; otherwise it will react with 👍.

Codex can also answer questions or update the PR. Try commenting "@codex address that feedback".

Comment thread scripts/codegen/templates/CapTable.daml.template Outdated
Comment thread scripts/codegen/templates/loops/delete-case.daml Outdated
Comment thread scripts/codegen/templates/CapTable.daml.template Outdated
@HardlyDifficult HardlyDifficult changed the title Enforce stock class authorized share ceiling Enforce authorized share ceilings Jul 9, 2026
Comment thread scripts/codegen/templates/CapTable.daml.template Outdated
@HardlyDifficult

Copy link
Copy Markdown
Collaborator Author

@copilot review

Copilot AI left a comment

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

Copilot reviewed 9 out of 10 changed files in this pull request and generated 2 comments.

Comment thread scripts/codegen/templates/CapTable.daml.template Outdated
Comment thread scripts/codegen/templates/CapTable.daml.template Outdated
Comment thread scripts/codegen/templates/CapTable.daml.template Outdated

@coderabbitai coderabbitai Bot left a comment

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Actionable comments posted: 3

Caution

Some comments are outside the diff and can’t be posted inline due to platform limitations.

⚠️ Outside diff range comments (1)
Test/daml/OpenCapTable/Setup.daml (1)

44-58: 📐 Maintainability & Code Quality | 🔵 Trivial | 💤 Low value

LGTM on the authorized-shares bump; consider reusing the new helper.

The bump to 100_000_000.0 is a reasonable fix to keep this shared setup from tripping the new issuer ceiling checks. Since TestHelpers.defaultIssuerWithAuthorizedShares now exists and duplicates this exact IssuerOcfData literal, this construction could be replaced with a call to that helper to avoid the two definitions drifting apart.

♻️ Possible simplification
   capTableCid <- submit issuer do
     exerciseCmd authCid CreateCapTable with
-      issuer_data = IssuerOcfData with
-        id = "ISSUER_1"
-        legal_name = "TestIssuer Inc."
-        formation_date = time (DA.Date.date 2020 Jan 15) 12 0 0
-        country_of_formation = "US"
-        dba = None
-        country_subdivision_of_formation = None
-        country_subdivision_name_of_formation = None
-        tax_ids = []
-        email = None
-        phone = None
-        address = None
-        initial_shares_authorized = Some (OcfInitialSharesNumeric 100_000_000.0)
-        comments = []
+      issuer_data = defaultIssuerWithAuthorizedShares "ISSUER_1" (Some (OcfInitialSharesNumeric 100_000_000.0))
🤖 Prompt for AI Agents
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

In `@Test/daml/OpenCapTable/Setup.daml` around lines 44 - 58, The `exerciseCmd
authCid CreateCapTable` setup duplicates the same `IssuerOcfData` literal now
available in `TestHelpers.defaultIssuerWithAuthorizedShares`, so replace the
inline issuer construction with that helper to keep the shared test setup
consistent and avoid drift. Update the `Setup.daml` fixture to use the helper
for the issuer payload while preserving the authorized-shares value and
surrounding cap table setup.
🤖 Prompt for all review comments with AI agents
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

Inline comments:
In `@scripts/codegen/templates/CapTable.daml.template`:
- Around line 398-409: `stockClassAuthorizedAdjustmentIndex` is being recomputed
in both `validateAuthorizedShareCeilings` and
`validateAuthorizedShareCeilingsForEdits` on the same `CapTableMaps` input.
Compute the adjustment index once in `UpdateCapTable`, then thread that value
into both validator calls by updating `validateAuthorizedShareCeilings` and
`validateAuthorizedShareCeilingsForEdits` to accept the precomputed index
instead of recalculating it.
- Around line 227-304: `stockClassIssuedQuantity` is repeatedly rebuilding share
events for every issuance, which makes `UpdateCapTable` far more expensive than
necessary. Refactor `stockSecurityShareEvents` and
`stockIssuanceCurrentQuantity` so they read from precomputed or indexed event
collections instead of scanning all `Map.values` for cancellations, repurchases,
retractions, and splits on every call. Use `CapTableMaps` as the home for the
new indexes, similar to `stock_issuances_by_security_id`, and update the paths
that call `validateAllStockClassAuthorizedShares` to consume the indexed
lookups.

In `@Test/daml/OpenCapTable/TestIssuerAuthorizedShares.daml`:
- Around line 12-15: The helper definitions duplicated here and in
TestStockClassAuthorizedShares.daml should be consolidated so both test suites
use one shared implementation. Move the shared helpers, especially
limitedStockClass and stockClassAuthorizedSharesAdjustment, into
TestHelpers.daml and update both test files to import and use those shared
functions instead of maintaining separate copies.

---

Outside diff comments:
In `@Test/daml/OpenCapTable/Setup.daml`:
- Around line 44-58: The `exerciseCmd authCid CreateCapTable` setup duplicates
the same `IssuerOcfData` literal now available in
`TestHelpers.defaultIssuerWithAuthorizedShares`, so replace the inline issuer
construction with that helper to keep the shared test setup consistent and avoid
drift. Update the `Setup.daml` fixture to use the helper for the issuer payload
while preserving the authorized-shares value and surrounding cap table setup.
🪄 Autofix (Beta)

Fix all unresolved CodeRabbit comments on this PR:

  • Push a commit to this branch (recommended)
  • Create a new PR with the fixes

ℹ️ Review info
⚙️ Run configuration

Configuration used: Organization UI

Review profile: ASSERTIVE

Plan: Pro

Run ID: 19e0da66-0fa6-41e4-b04e-f98f06b62101

📥 Commits

Reviewing files that changed from the base of the PR and between 4bdf804 and 664cb1d.

⛔ Files ignored due to path filters (1)
  • dars/dars.lock is excluded by !**/*.lock
📒 Files selected for processing (9)
  • OpenCapTable-v34/daml.yaml
  • Test/daml.yaml
  • Test/daml/OpenCapTable/Setup.daml
  • Test/daml/OpenCapTable/TestHelpers.daml
  • Test/daml/OpenCapTable/TestIssuerAuthorizedShares.daml
  • Test/daml/OpenCapTable/TestStockClassAuthorizedShares.daml
  • dars/OpenCapTable-v34/0.0.3/OpenCapTable-v34.dar
  • scripts/codegen/generate-captable.ts
  • scripts/codegen/templates/CapTable.daml.template

Comment thread scripts/codegen/templates/CapTable.daml.template Outdated
Comment thread scripts/codegen/templates/CapTable.daml.template Outdated
Comment thread Test/daml/OpenCapTable/TestIssuerAuthorizedShares.daml Outdated

Copy link
Copy Markdown
Collaborator Author

@copilot review

@chatgpt-codex-connector chatgpt-codex-connector Bot left a comment

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

💡 Codex Review

Here are some automated review suggestions for this pull request.

Reviewed commit: 9c68c7ce06

ℹ️ About Codex in GitHub

Your team has set up Codex to review pull requests in this repo. Reviews are triggered when you

  • Open a pull request for review
  • Mark a draft as ready
  • Comment "@codex review".

If Codex has suggestions, it will comment; otherwise it will react with 👍.

Codex can also answer questions or update the PR. Try commenting "@codex address that feedback".

Comment thread scripts/codegen/templates/CapTable.daml.template Outdated

Copilot AI left a comment

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

Copilot reviewed 31 out of 35 changed files in this pull request and generated 6 comments.

Comment thread Test/daml/OpenCapTable/TestLifecycleInvariants.daml
Comment thread Test/daml/OpenCapTable/TestLifecycleInvariants.daml
Comment thread Test/daml/OpenCapTable/TestLifecycleInvariants.daml
Comment thread Test/daml/OpenCapTable/TestLifecycleInvariants.daml
Comment thread Test/daml/OpenCapTable/TestLifecycleInvariants.daml
Comment thread Test/daml/OpenCapTable/TestLifecycleInvariants.daml
@HardlyDifficult

HardlyDifficult commented Jul 11, 2026

Copy link
Copy Markdown
Collaborator Author

@codex review

Please review exact head 15aab77373e15ec2e125006a7d36a8a0c8d964f0, including the narrow follow-up that rejects negative equity-compensation exercise quantities at the shared source-balance reduction boundary while preserving schema-valid zero.

@HardlyDifficult

HardlyDifficult commented Jul 11, 2026

Copy link
Copy Markdown
Collaborator Author

@cursor review

Please review exact head 15aab77373e15ec2e125006a7d36a8a0c8d964f0, focusing on the negative CSAR exercise sign-inversion fix at the shared equity-compensation source-balance reduction boundary and the schema-valid zero semantics.

@cursor cursor Bot left a comment

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

✅ Bugbot reviewed your changes and found no new issues!

1 issue from previous review remains unresolved.

Fix All in Cursor

Comment @cursor review or bugbot run to trigger another review on this PR

Reviewed by Cursor Bugbot for commit 15aab77. Configure here.

@chatgpt-codex-connector

Copy link
Copy Markdown

Codex Review: Didn't find any major issues. Keep it up!

Reviewed commit: 15aab77373

ℹ️ About Codex in GitHub

Your team has set up Codex to review pull requests in this repo. Reviews are triggered when you

  • Open a pull request for review
  • Mark a draft as ready
  • Comment "@codex review".

If Codex has suggestions, it will comment; otherwise it will react with 👍.

Codex can also answer questions or update the PR. Try commenting "@codex address that feedback".

Copy link
Copy Markdown
Collaborator Author

@cursor review

Please reconcile the prior unresolved-issue signal against exact head 15aab77373e15ec2e125006a7d36a8a0c8d964f0. GitHub currently reports all 196 inline review threads resolved. Please confirm whether any actionable issue remains on this exact head.

@cursor cursor Bot left a comment

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

✅ Bugbot reviewed your changes and found no new issues!

1 issue from previous review remains unresolved.

Fix All in Cursor

Comment @cursor review or bugbot run to trigger another review on this PR

Reviewed by Cursor Bugbot for commit 15aab77. Configure here.

Copy link
Copy Markdown
Collaborator Author

Readiness audit on exact head 15aab77373e15ec2e125006a7d36a8a0c8d964f0: required CI is green, all 196 GitHub review threads are resolved, Codex is clean on this head, and the branch is technically mergeable. The remaining blocker is Cursor Bugbot's NEUTRAL check, which reports historical issue f464606a-1c51-43fe-87e7-85cb684323da as unresolved.

That finding is disproved by current exact-head behavior: validateStockTransferResultIssuances revalidates the complete materialized successor quantity before plan-pool accounting, and testStockPlanReservedShares_StockTransferExactContinuityRejectsEditedSuccessorQuantity proves a later successor edit is rejected by continuity even with sufficient pool headroom. The inline thread is answered and resolved, but Cursor did not reconcile its internal historical signal after an exact-head rerun. Keeping this PR unassigned at Stage 2 and not issuing another duplicate bot request; no code change is warranted solely to perturb the check.

Copy link
Copy Markdown
Collaborator Author

@coderabbitai review

Please perform a substantive review of exact head 15aab77373e15ec2e125006a7d36a8a0c8d964f0. Copilot and Codex completed exact-head reviews, Cursor found no new issues on this head, all 196 inline threads are resolved, and required CI is green. Please focus on the grouped authorized-share ceilings, exact cross-plan return credits, materialized-or-derivable convertible outputs, security identity, and the final negative equity-compensation exercise boundary.

@coderabbitai

coderabbitai Bot commented Jul 11, 2026

Copy link
Copy Markdown

@HardlyDifficult I'll perform a fresh review of the current head (15aab77), focusing on the areas you called out: the grouped authorized-share ceiling enforcement, exact cross-plan return credit bounds, materialized-or-derivable convertible output handling, security identity checks, and the negative equity-compensation exercise boundary fix.

✅ Action performed

Review finished.

Note: CodeRabbit is an incremental review system and does not re-review already reviewed commits. This command is applicable only when automatic reviews are paused.

Copy link
Copy Markdown
Collaborator Author

@coderabbitai Please explicitly confirm whether the fresh review you just completed on exact head 15aab77373e15ec2e125006a7d36a8a0c8d964f0 found any actionable issues. The command acknowledgement says only that the review finished, so it is not yet an explicit findings or no-findings response.

@coderabbitai

coderabbitai Bot commented Jul 11, 2026

Copy link
Copy Markdown
🧩 Analysis chain

🏁 Script executed:

#!/bin/bash
set -euo pipefail
# Find PR review comments authored by coderabbitai on PR 238
gh api repos/Fairmint/open-captable-protocol-daml/pulls/238/comments --paginate \
  --jq '.[] | select(.user.login=="coderabbitai" or .user.login=="coderabbitai[bot]") | {id, commit_id, path, line, created_at, body: (.body[0:200])}'
echo "---REVIEWS---"
gh api repos/Fairmint/open-captable-protocol-daml/pulls/238/reviews --paginate \
  --jq '.[] | select(.user.login=="coderabbitai" or .user.login=="coderabbitai[bot]") | {id, commit_id, state, submitted_at, body: (.body[0:300])}'

Length of output: 6852


🏁 Script executed:

#!/bin/bash
set -euo pipefail
# Check resolution status of review threads, focusing on the one tied to commit 15aab77 (id 3551731544)
gh api graphql -f query='
query {
  repository(owner: "Fairmint", name: "open-captable-protocol-daml") {
    pullRequest(number: 238) {
      reviewThreads(first: 100) {
        nodes {
          isResolved
          isOutdated
          comments(first: 1) {
            nodes {
              databaseId
              path
              body
              originalCommit { oid }
              createdAt
              author { login }
            }
          }
        }
      }
    }
  }
}' --jq '.data.repository.pullRequest.reviewThreads.nodes[] | select(.comments.nodes[0].author.login=="coderabbitai" or .comments.nodes[0].author.login=="coderabbitai[bot]") | {isResolved, isOutdated, path: .comments.nodes[0].path, commit: .comments.nodes[0].originalCommit.oid, created: .comments.nodes[0].createdAt, id: .comments.nodes[0].databaseId}'

Length of output: 2514


@HardlyDifficult, confirming explicitly: the `` command I ran did not produce a fresh, new set of findings for 15aab77. As the acknowledgement noted, CodeRabbit's incremental review system does not re-review commits that have already been incrementally reviewed while automatic reviews remain unpaused — so there was no new comment output.

I checked the full history of review threads I've posted on this PR directly via the API:

  • All 7 of my review comments/threads are marked isResolved: true.
  • The only one whose head commit resolves to 15aab77 (the "negative offset" test-isolation note on Test/daml/OpenCapTable/TestStockPlanReservedShares.daml, line 388, Minor severity) is also resolved and not outdated.
  • The most recent full review payload in the review list (commit 5629c13) had an empty body, i.e., no actionable comments were raised at that point either.

So, to directly answer your question: no, I did not find any new actionable issues on exact head 15aab77373e15ec2e125006a7d36a8a0c8d964f0. Every comment I have on record for this PR is already resolved, and my last command invocation was an acknowledgement rather than a new incremental pass because there were no new commits since my last actual review to trigger fresh analysis. If you want a guaranteed full re-analysis regardless of incremental state, you can pause automatic reviews first and then request a review, or use @coderabbitai full_review.

✅ Action performed

Review finished.

Note: CodeRabbit is an incremental review system and does not re-review already reviewed commits. This command is applicable only when automatic reviews are paused.

Copy link
Copy Markdown
Collaborator Author

@cursor review exact head 15aab77373e15ec2e125006a7d36a8a0c8d964f0. The prior exact-head Bugbot run reported one previous thread unresolved and left a neutral check, but a fresh paginated sweep now shows all 196 review threads resolved. Please rerun against the unchanged head so the current review/check state reflects that clean thread set. Copilot already reviewed this exact head recently; all build and DAR checks remain green.

@cursor cursor Bot left a comment

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

✅ Bugbot reviewed your changes and found no new issues!

1 issue from previous review remains unresolved.

Fix All in Cursor

Comment @cursor review or bugbot run to trigger another review on this PR

Reviewed by Cursor Bugbot for commit 15aab77. Configure here.

Copy link
Copy Markdown
Collaborator Author

Exact-head readiness recheck for 15aab77373e15ec2e125006a7d36a8a0c8d964f0: the fresh Cursor rerun found no new issues. Cursor still reports one previous internal issue and concludes neutral, but a paginated GitHub sweep shows 0 of 196 review threads unresolved. The surviving internal finding is the successor-edit/pool-accounting report (f464606a-1c51-43fe-87e7-85cb684323da), which is covered by the immutable transfer-quantity continuity check and testStockPlanReservedShares_StockTransferExactContinuityRejectsEditedSuccessorQuantity added in 6f6124e; the thread contains that rationale and is resolved. Build, DAR, Socket, CodeRabbit, and all other exact-head review gates remain green. Treating the Cursor neutral result as resolved review bookkeeping rather than an actionable code blocker.

Copy link
Copy Markdown
Collaborator Author

Feature/test follow-up is complete at exact commit 87942997988353f62ae297fc757b2e1ec54da3f32.

This adds cap-table-wide OCF object-ID uniqueness across the issuer and all 47 supported OCF object/transaction types. Validation reads the underlying OCF data IDs from final state, so mismatched map keys cannot hide a duplicate. Coverage includes same-batch and prior-batch cross-type collisions, issuer-ID reuse, corrupted/upgraded state with duplicate underlying IDs, and valid delete-then-reuse behavior.

Local validation on this feature commit passed: npm run build, the full npm test Daml script suite, npm run lint:daml, and git diff --check.

No package version, DAR backup, dependency, workflow-policy, or release-policy files changed in this follow-up. The PR intentionally remains draft and unassigned while the existing main conflict/stack normalization is reconciled; the resulting exact head must pass CI and refreshed automated review gates before readiness.

Copilot AI left a comment

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

Copilot reviewed 32 out of 36 changed files in this pull request and generated no new comments.

…ormalization

# Conflicts:
#	dars/OpenCapTable-v34/0.0.3/OpenCapTable-v34.dar
#	scripts/codegen/templates/CapTable.daml.template
@HardlyDifficult

Copy link
Copy Markdown
Collaborator Author

Updated to exact head 48a4be2 after merging current main. OpenCapTable-v34 is normalized to the single 0.0.2 candidate anchored to deployment tag 0.0.1; superseded branch-only 0.0.4 and 0.0.5 backups were removed while retained history remains intact. The OCF object-ID validation was also corrected to match the spec: uniqueness is enforced within each object type, while cross-type reuse is allowed. Local validation passed: full build and test suite, DAML lint, DAR policy tests, integrity verification, and the 0.0.1 to 0.0.2 upgrade check. Kept draft while fresh CI runs.

@HardlyDifficult

Copy link
Copy Markdown
Collaborator Author

@copilot review
@codex review
@cursor review
@coderabbitai review

@coderabbitai

coderabbitai Bot commented Jul 14, 2026

Copy link
Copy Markdown

@HardlyDifficult I'll run a fresh review on the current head (48a4be2), which includes the merge from main, the OpenCapTable-v34 version normalization to 0.0.2, and the corrected OCF object-ID uniqueness scoping (per-type instead of cross-type).

✅ Action performed

Review finished.

Note: CodeRabbit is an incremental review system and does not re-review already reviewed commits. This command is applicable only when automatic reviews are paused.

@chatgpt-codex-connector

Copy link
Copy Markdown

Codex Review: Didn't find any major issues. Keep it up!

Reviewed commit: 48a4be210d

ℹ️ About Codex in GitHub

Your team has set up Codex to review pull requests in this repo. Reviews are triggered when you

  • Open a pull request for review
  • Mark a draft as ready
  • Comment "@codex review".

If Codex has suggestions, it will comment; otherwise it will react with 👍.

Codex can also answer questions or update the PR. Try commenting "@codex address that feedback".

@HardlyDifficult

Copy link
Copy Markdown
Collaborator Author

@copilot review

Copy link
Copy Markdown
Collaborator Author

Preliminary OCF validation-policy audit

Policy: OCF Validation Policy

The current standard has two layers: formal schema validity and documented OCF data-model validity. A rule can be required even when JSON Schema cannot express it.

Appears supported

  • OCF object-ID uniqueness within an object type.
  • Core authorized/reserved-share semantics where official OCF sources actually define a ceiling.

Needs line-by-line evidence or narrowing

  • Historical authorization reconstruction, later-adjustment dependency checks, cross-plan credit accounting, inferred class/plan attribution, warrant-output reconstruction, and other detailed accounting algorithms.
  • These may be reasonable, but each rejection needs an OCF semantic basis rather than a Fairmint-designed accounting model.

Proposed next step
Review this PR by invariant group, retain the smallest documented requirements, and remove or split any reconstructed algorithms that are stronger than OCF. No merge recommendation yet; dev and prod replay must pass on the final exact SHA.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

3 participants