Enforce transaction lifecycle dates#274
Conversation
…y' into codex/ocf-security-id-uniqueness
…y' into codex/ocf-security-id-uniqueness
…y' into codex/ocf-security-id-uniqueness
…y' into codex/ocf-security-id-uniqueness
|
Important Review skippedDraft detected. Please check the settings in the CodeRabbit UI or the ⚙️ Run configurationConfiguration used: Organization UI Review profile: ASSERTIVE Plan: Pro Run ID: You can disable this status message by setting the Use the checkbox below for a quick retry:
✨ Finishing Touches🧪 Generate unit tests (beta)
Comment |
There was a problem hiding this comment.
Pull request overview
Adds contract-level validation to enforce OCF-aligned transaction lifecycle date ordering for security transactions during UpdateCapTable, preventing final cap-table states with chronologically inconsistent transaction/issuance sequences.
Changes:
- Add final-state lifecycle date validation helpers and per-transaction-type checks in the CapTable codegen template.
- Add DAML Script tests for representative failure cases (acceptances before issuance; transfers whose output issuance predates the transfer).
- Bump OpenCapTable-v34 package version to 0.0.15 and update Test DAR dependency and
dars.lock.
Reviewed changes
Copilot reviewed 5 out of 6 changed files in this pull request and generated 1 comment.
Show a summary per file
| File | Description |
|---|---|
| Test/daml/OpenCapTable/TestTransactionLifecycleDates.daml | Adds new DAML Script tests asserting invalid lifecycle date orderings fail. |
| Test/daml.yaml | Updates Test package data-dependency to OpenCapTable-v34 0.0.15 DAR. |
| scripts/codegen/templates/CapTable.daml.template | Introduces lifecycle date validation helpers and wires them into post-batch validation. |
| OpenCapTable-v34/daml.yaml | Bumps package version from 0.0.14 to 0.0.15. |
| dars/OpenCapTable-v34/0.0.15/OpenCapTable-v34.dar | Adds the regenerated DAR (Git LFS pointer). |
| dars/dars.lock | Registers the new DAR artifact (sha/size/sdkVersion/uploadedAt). |
…y' into codex/ocf-security-id-uniqueness
…' into codex/ocf-transaction-lifecycle-dates
…y' into codex/ocf-security-id-uniqueness
…' into codex/ocf-transaction-lifecycle-dates
|
@copilot review |
|
@codex review |
|
@copilot review exact head |
Reviewed exact head |
|
@codex review exact head |
|
@cursor review Please review exact head |
|
@coderabbitai review exact head |
|
✅ Action performedReview finished.
|
There was a problem hiding this comment.
✅ Bugbot reviewed your changes and found no new issues!
Comment @cursor review or bugbot run to trigger another review on this PR
Reviewed by Cursor Bugbot for commit 1a042c5. Configure here.
There was a problem hiding this comment.
💡 Codex Review
Here are some automated review suggestions for this pull request.
Reviewed commit: 1a042c5087
ℹ️ About Codex in GitHub
Your team has set up Codex to review pull requests in this repo. Reviews are triggered when you
- Open a pull request for review
- Mark a draft as ready
- Comment "@codex review".
If Codex has suggestions, it will comment; otherwise it will react with 👍.
Codex can also answer questions or update the PR. Try commenting "@codex address that feedback".
|
@copilot review exact head |
Reviewed exact head |
|
@codex review exact head @cursor review Please review exact head @coderabbitai review exact head |
|
✅ Action performedReview finished.
|
|
@cursor review Please review exact head |
|
Codex Review: Didn't find any major issues. Chef's kiss. Reviewed commit: ℹ️ About Codex in GitHubYour team has set up Codex to review pull requests in this repo. Reviews are triggered when you
If Codex has suggestions, it will comment; otherwise it will react with 👍. Codex can also answer questions or update the PR. Try commenting "@codex address that feedback". |
There was a problem hiding this comment.
✅ Bugbot reviewed your changes and found no new issues!
Comment @cursor review or bugbot run to trigger another review on this PR
Reviewed by Cursor Bugbot for commit 4d90aa7. Configure here.
|
Feature/test follow-up is complete at exact commit This completes approval-date consistency for every dated transaction family that exposes board or stockholder approval dates. Each optional approval date must be on or before the transaction date, or the valuation Coverage exercises all eight dated families, alternates both approval fields, proves same-day approval is valid, and verifies edit-time revalidation. Local validation on this feature commit passed: No package version, DAR backup, dependency, workflow-policy, or release-policy files changed in this follow-up. The PR intentionally remains draft and unassigned until stack normalization is complete and the resulting exact head passes CI and refreshed automated review gates. |
Preliminary OCF validation-policy auditPolicy: OCF Validation Policy Appears supported
Needs line-by-line evidence or narrowing
Proposed next step |
Summary
Stacked on #254.
This adds contract-level lifecycle date validation for security transactions.
UpdateCapTablenow rejects final cap-table states where:security_idresulting_security_idspoint to output issuances whose issuance date does not match the transaction that created thembalance_security_idpoints to a remainder issuance whose issuance date does not match the transaction that created itThe validation runs as a final-state pass, so it applies after creates, edits, and deletes and catches invalid historical sequences even when the bad state is created across multiple batches.
OCF requirement references
Source checked against Open-Cap-Format-OCF at
dd84bdb6bafb63681c77166f315cea5a2078a4c8.Transaction.dateis required and defines when a transaction occurred.SecurityTransaction.security_idsays future transactions on a security must reference thesecurity_idcreated by the issuance.Transfer.resulting_security_idsandbalance_security_ididentify new security IDs created by transfer transactions.security_idas created by an issuance and used by later transactions acting on that issuance.security_idand either extinguish it or issue newsecurity_ids for resulting/balance securities.EquityCompensationRelease.settlement_dateidentifies when released shares settle; settlement and resulting issuance dates must not precede the release.VestingStart,VestingEvent, andVestingAccelerationare dated security transactions and therefore cannot predate their referenced issuance.Stack/version
codex/ocf-vesting-graph-integrity)0.0.14dars.lockentry for this lifecycle category.Validation
Exact head:
4d90aa722a7209eaabf0d9d3d74a309e276a16c8npm run buildnpm test(all 625 behavioral test scripts plus 2 setup scripts passed)npm run lint(0 errors; 2 pre-existing warnings)npm run lint:daml(no hints)npm run formatnpm run check:schema-gaps -- --ocf-schema-dir /tmp/open-cap-format-ocf-schema-check/schema(55/55 clean)npm run verify-dars(14 verified;0.0.14SHA-256099c610b1248e1ef312cb15b0715e791088671c70ac13f44e7e103b22a20d88c, 3,235,156 bytes)npm run codegenandnpm run verify-packagenpm run check-upgrade-compat(0.0.13 -> 0.0.14)git diff --checkNote
Medium Risk
Tightens cap-table mutation rules in core ledger logic; previously accepted out-of-order or mis-typed successor securities may now fail UpdateCapTable, though behavior is covered by new tests and a minor package upgrade.
Overview
UpdateCapTablenow runs a final-statevalidateTransactionLifecycleDatespass (wired from the CapTable codegen template) so invalid dated security histories are rejected after creates, edits, and deletes.The new rules enforce that downstream transactions are not dated before their source issuance; terminal
resulting_security_idsandbalance_security_idissuances align with the creating transaction’s date (with convertible outputs required to match exactly); output IDs cannot be the wrong issuance type; equity-compensation releases cannot settle before the release date; and vesting transactions cannot predate the issuance they reference.OpenCapTable-v34 is bumped to
0.0.14with an updated DAR backup anddars.lock.Testdepends on the new DAR and addsTestTransactionLifecycleDates.damlwith 17 Daml Script cases covering the failure modes above.Reviewed by Cursor Bugbot for commit 4d90aa7. Bugbot is set up for automated code reviews on this repo. Configure here.