fix(minibf): Stricter metadata standard definition for /assets

[gonzalezzfelipe]

Summary by CodeRabbit

Release Notes

• New Features
  • Introduced metadata validation system for assets
  • Supports two versions of Cardano metadata standards
  • Automatically filters invalid metadata during asset processing
  • Enforces required fields and proper data formatting

[coderabbitai]

📝 Walkthrough

Walkthrough

This change introduces CIP-25 metadata validation functionality by creating a new validation module in the Cardano crate and integrating it into asset routes to validate metadata before mapping to on-chain standards.

Changes

Cohort / File(s)	Summary
CIP-25 Validation Library crates/cardano/src/cip25.rs	New module implementing CIP-25 metadata validation. Introduces Cip25MetadataVersion enum (V1/V2) and cip25_metadata_is_valid() function that enforces required keys ("name", "image"), string type constraints, optional "files" array validation, and version-specific rules for array-valued fields.
Module Exports crates/cardano/src/lib.rs	Exposes the new cip25 module publicly to make validation functionality accessible.
Asset Routes Integration crates/minibf/src/routes/assets.rs	Imports and integrates validation by replacing direct CIP-25 version mapping with a two-step process: determine Cip25MetadataVersion, validate via cip25_metadata_is_valid(), and conditionally map to OnchainMetadataStandard only if validation passes.

Estimated code review effort

🎯 3 (Moderate) | ⏱️ ~20 minutes

Poem

🐰 A validator hops into place,
CIP-25 metadata gets checked with grace,
Names and images must align,
Arrays dance when versions align,
Assets flow through cleaner refine! ✨

🚥 Pre-merge checks | ✅ 2 | ❌ 1

❌ Failed checks (1 warning)

Check name	Status	Explanation	Resolution
Docstring Coverage	⚠️ Warning	Docstring coverage is 0.00% which is insufficient. The required threshold is 80.00%.	Write docstrings for the functions missing them to satisfy the coverage threshold.

✅ Passed checks (2 passed)

Check name	Status	Explanation
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.
Title check	✅ Passed	The title accurately describes the main change: introducing stricter metadata validation (via cip25_metadata_is_valid) for the /assets endpoint in minibf, which is the central purpose of the changeset.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing touches

• 📝 Generate docstrings

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Post copyable unit tests in a comment
• Commit unit tests in branch fix/stricter-metadata-standard-definition

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[coderabbitai]

Actionable comments posted: 3

🤖 Fix all issues with AI agents

In `@crates/cardano/src/cip68.rs`:
- Around line 259-266: The helper cip25_is_string_array currently returns true
for empty JsonValue::Array because Iterator::all is true on empty iterators;
update cip25_is_string_array to reject empty arrays by checking that the array
is non-empty (e.g., !items.is_empty()) in addition to verifying every element is
a JsonValue::String, so callers (fields like image/src) won’t accept an empty
array.
- Around line 211-236: Add unit tests exercising cip25_metadata_is_valid and
cip25_files_are_valid (and helper behavior via inputs) covering: a V1 case where
all known keys are plain strings (expect true), a V2 case allowing string arrays
for keys like "image"/"description" (expect true), a case missing required keys
(expect false), a case with wrong types for a known key (expect false), and both
valid and invalid "files" nested structures (expect true/false accordingly). Put
tests in the same crate test module (using Cip25MetadataVersion::V1/V2 and
constructing HashMap<String, JsonValue> inputs), assert boolean results from
cip25_metadata_is_valid, and add focused unit tests calling
cip25_files_are_valid for edge cases; then run cargo test --workspace
--all-features to verify.
- Around line 10-15: CIP25_FILES_REQUIRED_KEYS currently omits "name" but per
CIP-25 the files entries must require name, mediaType, and src; update the
CIP25_FILES_REQUIRED_KEYS constant to include "name" along with "mediaType" and
"src" (the constant named CIP25_FILES_REQUIRED_KEYS should list "name",
"mediaType", "src") so it matches the CDDL schema and aligns with the existing
CIP25_FILES_STRING_KEYS reference.

🧹 Nitpick comments (2)

crates/cardano/src/cip68.rs (1)

245-253: cip25_key_in_list is a trivial wrapper around contains.

This adds an indirection without real benefit. You could inline list.contains(&key) at call sites, or if you prefer the abstraction, a brief doc comment explaining why would help. This is a minor stylistic point.

crates/minibf/src/routes/assets.rs (1)

130-142: Logic is correct — clean two-step version gating.

The progression from raw version number → Cip25MetadataVersion → validated OnchainMetadataStandard (or None) is sound. Defaulting to V1 when the version field is absent or not 2 aligns with CIP-25 semantics.

One minor readability note: version is shadowed three times in this function (lines 119, 130, 135) with three different types (Option<i64>, Cip25MetadataVersion, Option<OnchainMetadataStandard>). This is idiomatic Rust but may trip up future readers. Consider using distinct names (e.g., cip25_version and metadata_standard) if you feel it helps clarity.

[coderabbitai]

🛠️ Refactor suggestion | 🟠 Major

Validation logic looks correct but lacks unit test coverage.

The function correctly enforces required keys, type constraints per version, and delegates to cip25_files_are_valid for nested structure validation. However, there are no tests for any of the new validation functions (cip25_metadata_is_valid, cip25_files_are_valid, helpers). Given the centrality of this validation to the PR's purpose (stricter metadata), please add tests covering at least:

• V1 valid metadata (string values only)
• V2 valid metadata (string arrays for image/description)
• Missing required keys → false
• Wrong type for a known key → false
• Valid and invalid files structures

As per coding guidelines, "Run cargo test --workspace --all-features to verify functionality of all changes".

🤖 Prompt for AI Agents

In `@crates/cardano/src/cip68.rs` around lines 211 - 236, Add unit tests
exercising cip25_metadata_is_valid and cip25_files_are_valid (and helper
behavior via inputs) covering: a V1 case where all known keys are plain strings
(expect true), a V2 case allowing string arrays for keys like
"image"/"description" (expect true), a case missing required keys (expect
false), a case with wrong types for a known key (expect false), and both valid
and invalid "files" nested structures (expect true/false accordingly). Put tests
in the same crate test module (using Cip25MetadataVersion::V1/V2 and
constructing HashMap<String, JsonValue> inputs), assert boolean results from
cip25_metadata_is_valid, and add focused unit tests calling
cip25_files_are_valid for edge cases; then run cargo test --workspace
--all-features to verify.

[coderabbitai]

⚠️ Potential issue | 🟡 Minor

cip25_is_string_array accepts empty arrays.

An empty JsonValue::Array(vec![]) would pass cip25_is_string_array (since all on an empty iterator returns true). Depending on the spec intent, an empty array for image or src is likely not meaningful. Consider whether this should be rejected.

🤖 Prompt for AI Agents

In `@crates/cardano/src/cip68.rs` around lines 259 - 266, The helper
cip25_is_string_array currently returns true for empty JsonValue::Array because
Iterator::all is true on empty iterators; update cip25_is_string_array to reject
empty arrays by checking that the array is non-empty (e.g., !items.is_empty())
in addition to verifying every element is a JsonValue::String, so callers
(fields like image/src) won’t accept an empty array.

[coderabbitai]

Actionable comments posted: 2

🤖 Fix all issues with AI agents

In `@crates/cardano/src/cip25.rs`:
- Around line 59-66: The function cip25_is_string_array currently returns true
for empty arrays due to iter().all vacuity; update cip25_is_string_array to
require the JsonValue::Array to be non-empty and that every element is a
JsonValue::String, i.e., check items.is_empty() == false (or items.len() > 0) in
addition to the existing all(...) predicate so empty arrays (which would be
invalid for required keys like "image") fail validation.
- Around line 1-103: The PR adds non-trivial validation logic but lacks unit
tests; add a new test module exercising cip25_metadata_is_valid and
cip25_files_are_valid (and helper behavior via cip25_is_string_or_string_array)
with cases for: valid V1 and V2 metadata, missing required keys, wrong types
(e.g., numeric name), V1 rejecting arrays for "image"/"description" while V2
accepts them, files validation (valid file entries, missing required file keys,
wrong types), and edge cases (empty files array, empty string arrays); organize
tests using serde_json::json! to build HashMap<String, JsonValue>, assert
true/false for each case, and run cargo test --workspace --all-features to
verify.

[coderabbitai]

🛠️ Refactor suggestion | 🟠 Major

No unit tests for the new validation module.

This module introduces non-trivial validation logic (version differentiation, files sub-structure, type checks) that would benefit from direct unit tests covering:

• Valid V1/V2 metadata
• Missing required keys
• Wrong types (e.g., number for name)
• V1 rejecting arrays for image/description
• V2 accepting arrays
• files validation (valid, missing required file keys, wrong types)
• Edge cases: empty files array, empty string arrays

As per coding guidelines, "Run cargo test --workspace --all-features to verify functionality of all changes."

Would you like me to generate a test suite for this module?

🤖 Prompt for AI Agents

In `@crates/cardano/src/cip25.rs` around lines 1 - 103, The PR adds non-trivial
validation logic but lacks unit tests; add a new test module exercising
cip25_metadata_is_valid and cip25_files_are_valid (and helper behavior via
cip25_is_string_or_string_array) with cases for: valid V1 and V2 metadata,
missing required keys, wrong types (e.g., numeric name), V1 rejecting arrays for
"image"/"description" while V2 accepts them, files validation (valid file
entries, missing required file keys, wrong types), and edge cases (empty files
array, empty string arrays); organize tests using serde_json::json! to build
HashMap<String, JsonValue>, assert true/false for each case, and run cargo test
--workspace --all-features to verify.

[coderabbitai]

⚠️ Potential issue | 🟡 Minor

Empty arrays pass validation — verify this is intentional per CIP-25.

cip25_is_string_array returns true for JsonValue::Array(vec![]) because iter().all(...) is vacuously true. For "image" (a required key), an empty array would be semantically invalid (no URI). Consider adding a non-empty check.

Proposed fix

 fn cip25_is_string_array(value: &JsonValue) -> bool {
     match value {
-        JsonValue::Array(items) => items
+        JsonValue::Array(items) => !items.is_empty() && items
             .iter()
             .all(|item| matches!(item, JsonValue::String(_))),
         _ => false,
     }
 }

📝 Committable suggestion

‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.

Suggested change

	fn cip25_is_string_array(value: &JsonValue) -> bool {
	match value {
	JsonValue::Array(items) => items
	.iter()
	.all(|item| matches!(item, JsonValue::String(_))),
	_ => false,
	}
	}
	fn cip25_is_string_array(value: &JsonValue) -> bool {
	match value {
	JsonValue::Array(items) => !items.is_empty() && items
	.iter()
	.all(|item| matches!(item, JsonValue::String(_))),
	_ => false,
	}
	}

🤖 Prompt for AI Agents

In `@crates/cardano/src/cip25.rs` around lines 59 - 66, The function
cip25_is_string_array currently returns true for empty arrays due to iter().all
vacuity; update cip25_is_string_array to require the JsonValue::Array to be
non-empty and that every element is a JsonValue::String, i.e., check
items.is_empty() == false (or items.len() > 0) in addition to the existing
all(...) predicate so empty arrays (which would be invalid for required keys
like "image") fail validation.