fix(abcipp): reject mempool insert no-ops

[beer-1]

Description

Closes: N/A

This PR makes PriorityMempool.Insert return an error when a tx is not actually accepted into the app-side mempool. Previously, some no-op reject paths returned nil, which let BaseApp.CheckTx report success. CometBFT ProxyMempool then cached those txs in knownTxs even though Initia's app-side mempool did not contain them, leaving no later app-side remove event to clear the CometBFT cache.

The changed paths are:

• lower-priority active or queued same-nonce replacements now return ErrTxInMempoolCache
• queued capacity rejects now return ErrMempoolTxMaxCapacity
• docs now describe these candidates as rejected rather than ignored

---

Author Checklist

All items are required. Please add a note to the item if the item is not applicable and
please add links to any relevant follow up issues.

I have...

• included the correct type prefix in the PR title, you can find examples of the prefixes below:
• confirmed ! in the type prefix if API or client breaking change: not applicable
• targeted the correct branch: main
• provided a link to the relevant issue or specification: not applicable
• reviewed "Files changed" and left comments if necessary
• included the necessary unit and integration tests
• updated the relevant documentation or specification, including comments for documenting Go code
• confirmed all CI checks have passed: pending draft PR CI

Validation

go test ./abcipp -count=1

Reviewers Checklist

All items are required. Please add a note if the item is not applicable and please add
your handle next to the items reviewed if you only reviewed selected items.

I have...

• confirmed the correct type prefix in the PR title
• confirmed all author checklist items have been addressed
• reviewed state machine logic, API design and naming, documentation is accurate, tests and test coverage

[coderabbitai]

No actionable comments were generated in the recent review. 🎉

ℹ️ Recent review info

⚙️ Run configuration

Configuration used: Repository UI

Review profile: CHILL

Plan: Pro

Run ID: e5ab1078-7c72-4c34-94d3-77d4b1b306ea

📥 Commits

Reviewing files that changed from the base of the PR and between 5827df6 and 92abe27.

📒 Files selected for processing (1)

• abcipp/docs/spec.md

🚧 Files skipped from review as they are similar to previous changes (1)

• abcipp/docs/spec.md

---

📝 Walkthrough

Walkthrough

Mempool insertion now returns explicit error reasons for rejected transactions; spec text clarifies rejection semantics for lower-priority same-(sender, nonce) candidates and queued capacity edge cases. Call sites and tests were updated to propagate and validate the new error behavior.

Changes

Cohort / File(s)	Summary
Specification Documentation abcipp/docs/spec.md	Clarified routing/insert semantics: lower-priority same-(sender, nonce) candidates are explicitly rejected; per-sender queued eviction rules and MaxQueuedTotal full behavior are specified; "ignored" → "rejected" for active duplicate (sender, nonce).
Mempool Insertion Error Handling abcipp/mempool_insert.go	insertQueuedLocked signature adds an error return. Rejections now return explicit errors: non-increasing priority → ErrTxInMempoolCache (with context); per-sender/global capacity rejections → ErrMempoolTxMaxCapacity. Insert propagates these errors for queued/active conflicts.
Mempool Removal Update abcipp/mempool_remove.go	Updated callsites to capture the new third return value from insertQueuedLocked (now capturing inserted, evicted, _) with unchanged downstream logic.
Mempool Tests abcipp/mempool_test.go	Renamed capacity test to expect explicit rejection. Added tests validating that lower-priority replacements (active & queued) are rejected with ErrTxInMempoolCache, per-sender queued-cap edge case rejects highest-nonce inserts with ErrMempoolTxMaxCapacity, and that rejections emit no events / do not change mempool counts.

Estimated code review effort

🎯 4 (Complex) | ⏱️ ~45 minutes

Poem

🐰 I hopped through queues and bumped my nose,
Found priority rules and clear error prose.
No silent departures, each rejection proclaimed—
Now the mempool’s manners are neatly framed!
✨

🚥 Pre-merge checks | ✅ 4 | ❌ 1

❌ Failed checks (1 warning)

Check name	Status	Explanation	Resolution
Docstring Coverage	⚠️ Warning	Docstring coverage is 60.00% which is insufficient. The required threshold is 80.00%.	Write docstrings for the functions missing them to satisfy the coverage threshold.

✅ Passed checks (4 passed)

Check name	Status	Explanation
Title check	✅ Passed	The title 'fix(abcipp): reject mempool insert no-ops' accurately describes the main change - making PriorityMempool.Insert return errors for transactions not actually accepted into the mempool.
Description check	✅ Passed	The description clearly explains the problem being fixed (nil returns allowing CometBFT caching of non-mempool transactions), identifies the changed paths with specific error types, and references the relevant code changes.
Linked Issues check	✅ Passed	Check skipped because no linked issues were found for this pull request.
Out of Scope Changes check	✅ Passed	Check skipped because no linked issues were found for this pull request.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing Touches

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Commit unit tests in branch fix/abcipp-mempool-insert-rejects

---

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[github-actions]

Dependency Review

✅ No vulnerabilities or license issues or OpenSSF Scorecard issues found.

Scanned Files

None

[beer-1]

@coderabbitai review

[coderabbitai]

✅ Actions performed

Review triggered.

Note: CodeRabbit is an incremental review system and does not re-review already reviewed commits. This command is applicable only when automatic reviews are paused.

[coderabbitai]

🧹 Nitpick comments (2)

abcipp/mempool_test.go (1)

294-314: This test currently validates active replacement, not queued replacement.

At Line 301 and Line 306, nonce 0 targets the active path. Consider adding a queued-nonce variant (e.g., nonce 2 with a gap) to explicitly cover insertQueuedLocked lower-priority rejection.

🤖 Prompt for AI Agents

Verify each finding against the current code and only fix it if needed.

In `@abcipp/mempool_test.go` around lines 294 - 314, The test
TestLowerPriorityReplacementRejected currently uses nonce 0 which exercises the
active replacement path; change it to also add a queued-nonce variant to cover
insertQueuedLocked behavior by creating a second low-priority tx with a
non-contiguous nonce (e.g., nonce 2 while sequence remains 0) instead of nonce
0, insert it with lower priority (using newTestTxWithPriv and mp.Insert with
sdkCtx.WithPriority(10)), and assert that the insert is rejected with
sdkerrors.ErrTxInMempoolCache and that the mempool contents/count and event
expectations remain unchanged; reference the
TestLowerPriorityReplacementRejected test, newTestTxWithPriv helper, and the
insertQueuedLocked path to locate where to add this queued-nonce case.

abcipp/mempool_remove.go (1)

176-182: Capture demotion insert errors instead of discarding them.

At Line 176, the ignored error makes demotion failures opaque. Handling it explicitly will improve diagnosability without changing behavior.

Suggested refactor

-		inserted, evicted, _ := p.insertQueuedLocked(ss, entry.key, entry)
+		inserted, evicted, insertErr := p.insertQueuedLocked(ss, entry.key, entry)
+		if insertErr != nil {
+			// demotion fallback keeps current behavior: tx is removed if not re-queued
+			removed = append(removed, entry)
+			continue
+		}
 		if evicted != nil {
 			removed = append(removed, evicted)
 		}
 		if !inserted {
 			removed = append(removed, entry)
 		}

🤖 Prompt for AI Agents

Verify each finding against the current code and only fix it if needed.

In `@abcipp/mempool_remove.go` around lines 176 - 182, The call to
p.insertQueuedLocked currently ignores its error return making demotion insert
failures invisible; change the assignment to capture the error (e.g., "inserted,
evicted, err := p.insertQueuedLocked(ss, entry.key, entry)"), and then handle
err explicitly: if err != nil, append the original entry to removed (like when
!inserted) and record/log the error for diagnostics (preserving existing
behavior for inserted/evicted). Update any surrounding control flow that checks
inserted/evicted to account for the new err variable and ensure the function
name insertQueuedLocked, variables inserted, evicted, err, entry and removed are
used to locate and modify the code.

🤖 Prompt for all review comments with AI agents

Verify each finding against the current code and only fix it if needed.

Nitpick comments:
In `@abcipp/mempool_remove.go`:
- Around line 176-182: The call to p.insertQueuedLocked currently ignores its
error return making demotion insert failures invisible; change the assignment to
capture the error (e.g., "inserted, evicted, err := p.insertQueuedLocked(ss,
entry.key, entry)"), and then handle err explicitly: if err != nil, append the
original entry to removed (like when !inserted) and record/log the error for
diagnostics (preserving existing behavior for inserted/evicted). Update any
surrounding control flow that checks inserted/evicted to account for the new err
variable and ensure the function name insertQueuedLocked, variables inserted,
evicted, err, entry and removed are used to locate and modify the code.

In `@abcipp/mempool_test.go`:
- Around line 294-314: The test TestLowerPriorityReplacementRejected currently
uses nonce 0 which exercises the active replacement path; change it to also add
a queued-nonce variant to cover insertQueuedLocked behavior by creating a second
low-priority tx with a non-contiguous nonce (e.g., nonce 2 while sequence
remains 0) instead of nonce 0, insert it with lower priority (using
newTestTxWithPriv and mp.Insert with sdkCtx.WithPriority(10)), and assert that
the insert is rejected with sdkerrors.ErrTxInMempoolCache and that the mempool
contents/count and event expectations remain unchanged; reference the
TestLowerPriorityReplacementRejected test, newTestTxWithPriv helper, and the
insertQueuedLocked path to locate where to add this queued-nonce case.

---

ℹ️ Review info

⚙️ Run configuration

Configuration used: Repository UI

Review profile: CHILL

Plan: Pro

Run ID: 99f34427-7756-4ebf-8095-b2983e8b6648

📥 Commits

Reviewing files that changed from the base of the PR and between 2cae5fc and c743954.

📒 Files selected for processing (4)

• abcipp/docs/spec.md
• abcipp/mempool_insert.go
• abcipp/mempool_remove.go
• abcipp/mempool_test.go

[codecov]

Codecov Report

❌ Patch coverage is 97.14286% with 1 line in your changes missing coverage. Please review.
✅ Project coverage is 38.17%. Comparing base (2cae5fc) to head (92abe27).
⚠️ Report is 1 commits behind head on main.

Files with missing lines	Patch %	Lines
abcipp/mempool_insert.go	97.05%	1 Missing ⚠️

Additional details and impacted files

@@            Coverage Diff             @@
##             main     #514      +/-   ##
==========================================
+ Coverage   38.08%   38.17%   +0.09%     
==========================================
  Files         325      325              
  Lines       30817    30840      +23     
==========================================
+ Hits        11737    11774      +37     
+ Misses      17186    17176      -10     
+ Partials     1894     1890       -4     

Files with missing lines	Coverage Δ
abcipp/mempool_remove.go	76.51% <100.00%> (ø)
abcipp/mempool_insert.go	82.64% <97.05%> (+7.43%)	⬆️

... and 2 files with indirect coverage changes

🚀 New features to boost your workflow:

• ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.

[traviolus]

LGTM just a minor issue there

[traviolus]

I think this is unreachable since every !inserted path in insertQueuedLocked sets insertErr

[beer-1]

I think good to keep this as fallback just in case for future!

[coderabbitai]

🧹 Nitpick comments (2)

abcipp/checktx.go (1)

121-127: Compute recheck hash once for consistency/readability.

TxHash(req.Tx) is computed twice in this block; caching it locally avoids duplicate work and keeps compare/log values identical by construction.

♻️ Small refactor

-		if currentHash != TxHash(req.Tx) {
+		recheckHash := TxHash(req.Tx)
+		if currentHash != recheckHash {
 			h.logger.Debug(
 				"tx from comet mempool was replaced in app-side mempool",
 				"tx", tx,
 				"current_hash", currentHash,
-				"recheck_hash", TxHash(req.Tx),
+				"recheck_hash", recheckHash,
 			)

🤖 Prompt for AI Agents

Verify each finding against the current code and only fix it if needed.

In `@abcipp/checktx.go` around lines 121 - 127, Compute TxHash(req.Tx) once into a
local variable (e.g., recheckHash) and use that variable for both the comparison
and the logger.Debug call to avoid duplicate computation and ensure identical
values in the message; update the block where currentHash is compared to
TxHash(req.Tx) (referencing currentHash, TxHash, req.Tx and logger.Debug) to use
the new recheckHash variable instead.

abcipp/mempool_test.go (1)

294-314: Consider adding a queued-lower-priority replacement test case.

This test covers lower-priority rejection for same-nonce replacement on the active path. A companion case for future nonce queued replacement would directly lock in coverage for insertQueuedLocked’s lower-priority rejection branch.

🤖 Prompt for AI Agents

Verify each finding against the current code and only fix it if needed.

In `@abcipp/mempool_test.go` around lines 294 - 314, Add a companion test that
exercises the queued-path lower-priority replacement rejection: create a mempool
via newTestMempoolWithEvents, set the sender sequence to a higher value so the
first tx (txHigh) uses a future nonce and is inserted into the queue, then
attempt to insert a second tx with the same future nonce but lower priority
using mp.Insert so that insertQueuedLocked is exercised and returns the
lower-priority rejection (assert error is sdkerrors.ErrTxInMempoolCache); mirror
the assertions in TestLowerPriorityReplacementRejected (check no events
removed/inserted, original tx remains in queue, and CountTx behaves as expected)
and name the test e.g. TestLowerPriorityReplacementQueuedRejected.

🤖 Prompt for all review comments with AI agents

Verify each finding against the current code and only fix it if needed.

Nitpick comments:
In `@abcipp/checktx.go`:
- Around line 121-127: Compute TxHash(req.Tx) once into a local variable (e.g.,
recheckHash) and use that variable for both the comparison and the logger.Debug
call to avoid duplicate computation and ensure identical values in the message;
update the block where currentHash is compared to TxHash(req.Tx) (referencing
currentHash, TxHash, req.Tx and logger.Debug) to use the new recheckHash
variable instead.

In `@abcipp/mempool_test.go`:
- Around line 294-314: Add a companion test that exercises the queued-path
lower-priority replacement rejection: create a mempool via
newTestMempoolWithEvents, set the sender sequence to a higher value so the first
tx (txHigh) uses a future nonce and is inserted into the queue, then attempt to
insert a second tx with the same future nonce but lower priority using mp.Insert
so that insertQueuedLocked is exercised and returns the lower-priority rejection
(assert error is sdkerrors.ErrTxInMempoolCache); mirror the assertions in
TestLowerPriorityReplacementRejected (check no events removed/inserted, original
tx remains in queue, and CountTx behaves as expected) and name the test e.g.
TestLowerPriorityReplacementQueuedRejected.

---

ℹ️ Review info

⚙️ Run configuration

Configuration used: Repository UI

Review profile: CHILL

Plan: Pro

Run ID: ce22b39f-0080-4337-ac9a-4c1baec3f5f7

📥 Commits

Reviewing files that changed from the base of the PR and between c743954 and cde40b3.

📒 Files selected for processing (6)

• abcipp/checktx.go
• abcipp/checktx_test.go
• abcipp/docs/spec.md
• abcipp/mempool_insert.go
• abcipp/mempool_remove.go
• abcipp/mempool_test.go

🚧 Files skipped from review as they are similar to previous changes (1)

• abcipp/docs/spec.md

[coderabbitai]

Actionable comments posted: 1

🤖 Prompt for all review comments with AI agents

Verify each finding against the current code and only fix it if needed.

Inline comments:
In `@abcipp/docs/spec.md`:
- Line 46: Update the spec text describing "nonce > nextExpected" queued inserts
to also document explicit rejection paths: state that if the candidate itself is
the highest nonce for that sender it may be rejected rather than evicting (the
per-sender eviction only applies when a lower-nonce candidate can be favored),
and that insertion can be rejected when global queued capacity (MaxQueuedTotal)
is already full; reference the same semantics implemented in the mempool insert
logic (mempool_insert.go / the insertion routine and the MaxQueuedTotal and
per-sender queued limit checks) so readers know these are legitimate reject
branches.

🪄 Autofix (Beta)

Fix all unresolved CodeRabbit comments on this PR:

• Push a commit to this branch (recommended)
• Create a new PR with the fixes

---

ℹ️ Review info

⚙️ Run configuration

Configuration used: Repository UI

Review profile: CHILL

Plan: Pro

Run ID: 560bf460-082e-465a-bc59-6fb2697b791c

📥 Commits

Reviewing files that changed from the base of the PR and between cde40b3 and 5827df6.

📒 Files selected for processing (4)

• abcipp/docs/spec.md
• abcipp/mempool_insert.go
• abcipp/mempool_remove.go
• abcipp/mempool_test.go

🚧 Files skipped from review as they are similar to previous changes (2)

• abcipp/mempool_remove.go
• abcipp/mempool_test.go