[client-lib] Update client wallet interface

[altafan]

This replaces the methods to derive and get addresses from the client's wallet interface with raw methods to get and derive new pubkeys (the single key wallet returns always the same keypair). The methods to derive addresses became internal methods of the client.

EDIT: took the occasion to do some cleanup in the e2e tests

Please @sekulicd @bitcoin-coder-bob review.

Summary by CodeRabbit

• Refactor

  • Wallet APIs moved from address-focused to key-centric lifecycle (create/get/list keys); address objects now include a key identifier and use typed address structures.
  • Address derivation and selection centralized into service-level helpers; legacy address-generation APIs removed.

• Behavioral

  • Transaction signing and submission flows standardized to use the main client and its derived transport/indexer services.

• Tests

  • End-to-end tests unified around a single client setup with automatic cleanup; wallet tests refocused on key lifecycle and lock behavior.

[coderabbitai]

Note

Reviews paused

It looks like this branch is under active development. To avoid overwhelming you with review comments due to an influx of new commits, CodeRabbit has automatically paused this review. You can configure this behavior by changing the reviews.auto_review.auto_pause_after_reviewed_commits setting.

Use the following commands to manage reviews:

• @coderabbitai resume to resume automatic reviews.
• @coderabbitai review to trigger a single review.

Use the checkboxes below for quick actions:

• ▶️ Resume reviews
• 🔍 Trigger review

Walkthrough

Converts wallet APIs from address-centric to key-centric (NewKey/GetKey/ListKeys/KeyRef), moves address derivation into client-lib helpers (newAddress/getAddresses/deriveDefaultAddresses), updates call sites to use these helpers and types.Address with KeyID, and consolidates test setup to setupClient with derived Transport/Indexer and t.Cleanup teardown.

Changes

Cohort / File(s)	Summary
Wallet interface & single-key wallet pkg/client-lib/wallet/wallet.go, pkg/client-lib/wallet/singlekey/bitcoin_wallet.go, pkg/client-lib/wallet/wallet_test.go	Removed address-oriented APIs (GetAddresses, NewAddress, NewAddresses); added key lifecycle APIs (NewKey, GetKey, ListKeys), KeyRef/KeyOption types; updated single-key wallet to expose key primitives and refactored tests to validate key behavior.
Address types pkg/client-lib/types/types.go	Added KeyID string to types.Address.
Service address derivation & helpers pkg/client-lib/funding.go, pkg/client-lib/asset.go, pkg/client-lib/batch_session.go, pkg/client-lib/send.go, pkg/client-lib/service.go, pkg/client-lib/unroll.go	Introduced newAddress(ctx), getAddresses(ctx), and deriveDefaultAddresses; replaced direct wallet address calls with these helpers; generate change/receiver addresses via newAddress and consume []types.Address.
Ark client surface change pkg/client-lib/ark_sdk.go	Changed ArkClient.GetAddresses signature to return onchainAddresses []string plus three []types.Address lists (offchain/boarding/redemption).
Unroll / per-input tapscript handling pkg/client-lib/unroll.go, pkg/client-lib/batch_session.go, pkg/client-lib/service.go	Removed single-key-only assumptions: parse per-input tapscripts from vtxos and use per-key address derivation across unroll and batch flows.
Tests and e2e harness internal/test/e2e/utils_test.go, internal/test/e2e/e2e_test.go, internal/test/e2e/single_batch_smoke_test.go	Consolidated test setup into setupClient, removed deprecated setup helpers, derive transport/indexer via client.Transport()/client.Indexer(), switched teardown to t.Cleanup, and updated signing/submission flows to use wallet key APIs and derived transport clients.

Sequence Diagram(s)

sequenceDiagram
  participant Test
  participant Client
  participant Wallet
  participant Transport
  participant Indexer

  Test->>Client: setupClient(ctx)
  Client->>Wallet: NewKey/GetKey(ctx)
  Wallet-->>Client: KeyRef (Id, PubKey)
  Test->>Client: alice.SignTransaction(ctx, encodedTx)
  Client->>Wallet: SignTransaction(ctx, tx, KeyRef)
  Wallet-->>Client: SignedTx
  Client->>Transport: Transport().SubmitTx(ctx, SignedTx)
  Transport->>Indexer: FinalizeTx / Emit events
  Indexer-->>Test: Event stream / confirmations

Loading

Estimated code review effort

🎯 4 (Complex) | ⏱️ ~45 minutes

Possibly related PRs

• Hd wallet interface prep #1009: Overlapping wallet/key API refactor and address-handling updates (KeyRef, NewKey/GetKey/ListKeys, types.Address changes).
• Client lib improvements #956: Related client-lib surface changes touching Transport/Indexer accessors and address-type updates.
• Tidy up wallet & Introduce Signer #702: Related signer/wallet interface modifications affecting signing and key-loading flows.

Suggested reviewers

• sekulicd

🚥 Pre-merge checks | ✅ 2 | ❌ 1

❌ Failed checks (1 warning)

Check name	Status	Explanation	Resolution
Docstring Coverage	⚠️ Warning	Docstring coverage is 32.26% which is insufficient. The required threshold is 80.00%.	Write docstrings for the functions missing them to satisfy the coverage threshold.

✅ Passed checks (2 passed)

Check name	Status	Explanation
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.
Title check	✅ Passed	The title '[client-lib] Update client wallet interface' accurately summarizes the main change: refactoring the wallet interface methods from address-derivation APIs to key-management APIs.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing Touches

🧪 Generate unit tests (beta)

• Create PR with unit tests

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[arkanaai]

🔍 Aggressive Code Review — #1008

Summary: Replaces GetAddresses/NewAddress/NewAddresses on WalletService interface with raw GetKeyPair/NewKeyPair. Address derivation moves from wallet layer → service layer (funding.go). Good architectural direction — the wallet should own keys, not protocol-specific address formats. But there are blocking issues.

---

🚨 BLOCKING: Cross-repo breakage — go-sdk will not compile

The go-sdk repo directly imports wallet.WalletService and calls GetAddresses(), NewAddress(), and NewAddresses() across 10+ files (sdk.go, client.go, send.go, utils_test.go, e2e tests). There is no companion PR on go-sdk.

Once this merges and go-sdk bumps its dependency, it will fail to compile. A coordinated PR on go-sdk is required before or immediately after merge. Please either:

1. Open a companion PR on go-sdk, or
2. Document in the PR description that go-sdk must be updated before the next release

Files affected in go-sdk: sdk.go:33 (re-exports GetAddresses on ArkClient interface), client.go (5 call sites), send.go, init_opts.go, utils_test.go (mock implements old interface methods).

---

⚠️ Breaking public API change on ArkClient.GetAddresses()

pkg/client-lib/ark_sdk.go: The ArkClient interface changes GetAddresses return type:

Before: ([]string, []string, []string, []string, error)
After: ([]string, []types.Address, []types.Address, []types.Address, error)

This is an intentional improvement (callers now get tapscripts alongside addresses), but it's a breaking change to the public ArkClient interface. All external consumers (go-sdk, any third-party integrations) that call GetAddresses will break. This should be called out in the PR description.

---

🔧 Code duplication in funding.go

pkg/client-lib/funding.go:300-450: newAddress() and getAddresses() share ~80% identical logic:

• Both create DefaultVtxoScript with same params
• Both compute vtxoTapKey via TapTree()
• Both encode offchain address via arklib.Address.EncodeV0()
• Both create boarding script + address
• Both compute onchain taproot key

Suggestion: Extract a common helper like deriveAddresses(pubkey *btcec.PublicKey) (onchain string, offchain, boarding, redemption *types.Address, error) and have both methods call it. newAddress calls NewKeyPair then deriveAddresses; getAddresses calls GetKeyPair then deriveAddresses. This eliminates a maintenance risk — if address derivation logic changes, you'd need to update both methods.

---

🔧 Dead code on bitcoinWallet

pkg/client-lib/wallet/singlekey/bitcoin_wallet.go: The old methods GetAddresses(), NewAddress(), NewAddresses() are still implemented on the struct but removed from the WalletService interface. They are now dead code — no interface requires them, and all internal callers have been migrated. They should be removed to avoid confusion and reduce maintenance surface.

---

✅ Good changes

• Nil-safety guards added: SignTransaction, NewVtxoTreeSigner, SignMessage now check w.walletData == nil before proceeding — these were missing before and could panic. Good catch.
• Test cleanup: Migration from defer alice.Stop() to t.Cleanup(client.Stop) in setupClient() is correct — ensures cleanup even on t.Fatal.
• Test simplification: Removing setupArkSDKWithTransport, setupArkSDKwithPublicKey, setupIndexer — tests now use setupClient(t) + client.Transport() / client.Indexer(). Much cleaner.
• defer close() → t.Cleanup(close): Correct pattern for test cleanup functions.
• GetKeyPair path parameter: I see it's unused (_ string) in singlekey wallet but exists for future multi-key wallet support. Fine as a placeholder — just ensure any future HD wallet implementation actually uses it.

---

📋 Summary

Category	Status
Protocol correctness	✅ Address derivation logic is preserved identically
Security	✅ Private key exposure unchanged, nil-safety improved
Cross-repo breakage	🚨 go-sdk breaks — no companion PR
Public API breakage	⚠️ ArkClient.GetAddresses() return type changed
Code quality	🔧 Duplication in funding.go, dead code in bitcoin_wallet.go
Test coverage	✅ Good — wallet_test.go rewritten, e2e tests updated

Requesting changes for the go-sdk coordination gap. The code itself is solid — once the cross-repo plan is in place, this is ready.

🤖 Reviewed by Arkana

[coderabbitai]

Actionable comments posted: 1

🧹 Nitpick comments (1)

pkg/client-lib/funding.go (1)

300-366: Extract the shared address-derivation flow.

newAddress and getAddresses duplicate nearly the entire taproot/offchain/boarding derivation pipeline. Any later change to the default script shape, network conversion, or tapscript encoding now has to be mirrored twice, which is easy to drift on.

Also applies to: 368-447

🤖 Prompt for AI Agents

Verify each finding against the current code and only fix it if needed.

In `@pkg/client-lib/funding.go` around lines 300 - 366, Duplicate taproot/address
derivation logic exists in newAddress and getAddresses; extract it into a single
helper (e.g., deriveAddressBundle or buildAddressBundle) that takes ctx, pubkey
(or obtains it via a.wallet.NewKeyPair when needed), network and exit delays and
returns the onchain address string plus two *types.Address for offchain and
boarding or an error. Move shared steps into that helper: utils.ToBitcoinNetwork
conversion, creation of script.NewDefaultVtxoScript, calling TapTree,
arklib.Address construction and EncodeV0, calling Encode on the script, boarding
script creation, btcutil.NewAddressTaproot calls, and
txscript.ComputeTaprootKeyNoScript; update newAddress and getAddresses to call
the new helper and propagate errors, removing duplicated code.

🤖 Prompt for all review comments with AI agents

Verify each finding against the current code and only fix it if needed.

Inline comments:
In `@pkg/client-lib/wallet/wallet.go`:
- Around line 21-24: NewKeyPair currently creates a key but does not return its
derivation handle, preventing stable rediscovery with GetKeyPair; update the
NewKeyPair signature to return the derivation path/handle (e.g., NewKeyPair(ctx
context.Context) (prvkey *btcec.PrivateKey, pubkey *btcec.PublicKey, path
string, err error)) and propagate this change through the wallet backend
implementations and all callers so backends that emit distinct keys can persist
and later call GetKeyPair(ctx, path) to re-open the same key; ensure tests and
any single-key implementations are adjusted to return a deterministic path or a
fixed handle.

---

Nitpick comments:
In `@pkg/client-lib/funding.go`:
- Around line 300-366: Duplicate taproot/address derivation logic exists in
newAddress and getAddresses; extract it into a single helper (e.g.,
deriveAddressBundle or buildAddressBundle) that takes ctx, pubkey (or obtains it
via a.wallet.NewKeyPair when needed), network and exit delays and returns the
onchain address string plus two *types.Address for offchain and boarding or an
error. Move shared steps into that helper: utils.ToBitcoinNetwork conversion,
creation of script.NewDefaultVtxoScript, calling TapTree, arklib.Address
construction and EncodeV0, calling Encode on the script, boarding script
creation, btcutil.NewAddressTaproot calls, and
txscript.ComputeTaprootKeyNoScript; update newAddress and getAddresses to call
the new helper and propagate errors, removing duplicated code.

🪄 Autofix (Beta)

Fix all unresolved CodeRabbit comments on this PR:

• Push a commit to this branch (recommended)
• Create a new PR with the fixes

---

ℹ️ Review info

⚙️ Run configuration

Configuration used: Organization UI

Review profile: CHILL

Plan: Pro

Run ID: da9e4e80-b06a-4a4f-907f-5584aae9adc4

📥 Commits

Reviewing files that changed from the base of the PR and between d372608 and 66363cf.

📒 Files selected for processing (13)

• internal/test/e2e/e2e_test.go
• internal/test/e2e/single_batch_smoke_test.go
• internal/test/e2e/utils_test.go
• pkg/client-lib/ark_sdk.go
• pkg/client-lib/asset.go
• pkg/client-lib/batch_session.go
• pkg/client-lib/funding.go
• pkg/client-lib/send.go
• pkg/client-lib/service.go
• pkg/client-lib/unroll.go
• pkg/client-lib/wallet/singlekey/bitcoin_wallet.go
• pkg/client-lib/wallet/wallet.go
• pkg/client-lib/wallet/wallet_test.go

[arkanaai]

Arkana Review — arkd#1008

Scope: Client wallet interface refactoring — replaces GetAddresses/NewAddress/NewAddresses with GetKeyPair/NewKeyPair, moving address derivation logic to the service layer.

Assessment

Architecture change is sound. The wallet interface becomes a pure key-management abstraction, and address derivation (which depends on server config like signer pubkey, exit delays) moves to service.go where it belongs. This is cleaner separation of concerns.

Key observations:

1. API surface reduction is correct. The WalletService interface shrinks from ~6 methods to ~4 that deal with keys, and address-related methods become internal to the service. This makes it easier to implement alternative wallet backends.

2. Test refactoring is thorough. All e2e tests updated from setupArkSDK → setupClient, removing manual defer Stop() calls in favor of t.Cleanup. Good.

3. SignTransaction no longer needs explorer externally — the service now owns the explorer reference. This is a nice ergonomic improvement.

4. GetKeyPair and NewKeyPair return the same key in the single-key wallet — NewKeyPair doesn't actually generate a new key. This is intentional for the single-key implementation but could be confusing. Consider adding a comment to the interface doc noting that single-key wallets return the same key pair.

5. newAddress helper in service.go — make sure this doesn't break callers that previously relied on the change parameter behavior of NewAddress(ctx, change bool). The new newAddress(ctx) appears to always pass false for change.

No protocol-critical concerns — this is a client-side refactoring that doesn't touch transaction construction, signing logic, or VTXO handling.

⚠️ Flagged for human review as it changes a core SDK interface that downstream consumers (fulmine, wallet apps) depend on.

[tiero]

Overall I think Wallet is not anymore the right terminology if it reduces to low level signing methods and key derivation (address encoding is a pure function stateless and not changing between implementations, so irrelevant)

In TypeScript we call it Identity and allows to be injected into Wallets (which are instead stateful and aware of how spending from scripts and transactions).

[arkanaai]

Arkana PR Review 🔍

Large refactoring of e2e tests to use a unified setupClient(t) helper instead of the previous setupArkSDK, setupArkSDKWithTransport, and setupArkSDKwithPublicKey helpers. This aligns tests with a new client wallet interface.

Key changes:

• setupClient(t) returns a client that exposes .Transport(), .Indexer(), .Wallet(), and .GetAddresses() directly
• Removes manual defer alice.Stop() and defer grpcClient.Close() in favor of t.Cleanup inside the helper
• SignTransaction signature simplified: no longer takes explorer parameter
• defer close() → t.Cleanup(close) for event streams (safer cleanup order)

Observations:

1. This is a test-only change — no production code modified. The risk is limited to test breakage.
2. The new interface is cleaner: the client directly exposes Transport() and Indexer() instead of requiring separate setup functions
3. The SignTransaction(ctx, encodedArkTx) no longer takes an explorer — the client must handle UTXO lookups internally. This is a nicer API but means the client implementation handles more.
4. Several test functions remove the mempool_explorer.NewExplorer(...) boilerplate, which is good cleanup.

Note: This PR has CHANGES_REQUESTED already. The underlying client-lib interface changes should be reviewed for correctness at the implementation level, not just the test level. The tests here just consume the new interface.

No protocol-critical concerns — this is test refactoring only.

[altafan]

Overall I think Wallet is not anymore the right terminology if it reduces to low level signing methods and key derivation (address encoding is a pure function stateless and not changing between implementations, so irrelevant)

In TypeScript we call it Identity and allows to be injected into Wallets (which are instead stateful and aware of how spending from scripts and transactions).

I can go for the renaming in this PR directly

[bitcoin-coder-bob]

should we also add these 2 checks into sinTapscriptSpend and signTaprootKeySpend

[altafan]

i didn't touch the existing code but i'll check

[arkanaai]

Arkana Incremental Review — New Commits (fa6785c, 1d33066)

Focusing on what changed since my last review on Apr 8-9. The new commits replace GetKeyPair/NewKeyPair with GetKey/NewKey/ListKeys, introduce KeyRef/KeyOption types, extract deriveDefaultAddresses, and add KeyID to types.Address.

Good progress — the code duplication I flagged is now resolved via deriveDefaultAddresses, and the interface is cleaner. But there are issues in the new code.

---

🚨 BUG: newAddress silently swallows errors from deriveDefaultAddresses

pkg/client-lib/funding.go:301-310

func (a *service) newAddress(
    ctx context.Context,
) (onchainAddr string, offchainAddr, boardingAddr *types.Address, err error) {
    key, err := a.wallet.NewKey(ctx)
    if err != nil {
        return "", nil, nil, err
    }

    onchainAddr, offchainAddr, boardingAddr, _, err = a.deriveDefaultAddresses(*key)

    return onchainAddr, offchainAddr, boardingAddr, nil  // ← returns nil, not err
}

The named return err is assigned by deriveDefaultAddresses, but then explicitly overwritten with nil in the return statement. If deriveDefaultAddresses fails (e.g., TapTree() errors, invalid network params), the caller gets zero-value addresses with a nil error. This will cause silent corruption downstream — wrong addresses used for receiving funds, change outputs, boarding.

Fix: return onchainAddr, offchainAddr, boardingAddr, err

---

🔧 singleKeyID constant declared but never used

pkg/client-lib/wallet/singlekey/bitcoin_wallet.go:30

const singleKeyID = "single"

NewKey and GetKey return &wallet.KeyRef{PubKey: w.privateKey.PubKey()} without setting Id. So KeyRef.Id is always "". This means:

1. types.Address.KeyID is always empty (populated from key.Id in deriveDefaultAddresses)
2. getAddresses() deduplication via seenKeys[key.Id] works by accident for singlekey (empty string deduplicates), but semantically the Id field is documented as meaningful

Either use singleKeyID when constructing KeyRef, or remove the constant. I'd recommend using it:

return &wallet.KeyRef{Id: singleKeyID, PubKey: w.privateKey.PubKey()}, nil

---

⚠️ unroll.go:addInputs — good bug fix, but verify VTXO tapscripts are always populated

pkg/client-lib/unroll.go:536-540

The old code derived tapscripts from the wallet key, which was wrong for VTXOs with custom/delegated scripts. Now it correctly uses utxo.Tapscripts. This is a genuine bug fix. However, ensure that utxo.Tapscripts is always populated for all VTXO sources (indexer responses, local state). If any code path produces a types.Utxo without Tapscripts, this will now fail with a parse error instead of silently using the wrong script — which is actually better (fail-loud > silent corruption).

---

⚠️ Cross-repo status unchanged

No companion PR on arkade-os/go-sdk yet. The go-sdk still imports WalletService with the old interface methods. My previous concern stands — this must be coordinated before the go-sdk bumps its arkd dependency.

---

✅ Good changes in new commits

• deriveDefaultAddresses extraction: Eliminates the duplication I flagged. Single source of truth for address derivation. Clean.
• KeyRef type hides private key: WalletService no longer exposes *btcec.PrivateKey through the interface. Private key access is internal to the wallet impl. This is a meaningful security improvement for the interface contract.
• KeyOption variadic pattern: Clean extensibility for future HD wallet options without breaking the interface.
• ListKeys method: Necessary for getAddresses to work with multi-key wallets. Correct abstraction.
• types.Address.KeyID: Good addition — callers can now trace which wallet key produced an address.
• e2e_test.go TestDelegateRefresh: Updated correctly to use GetKey + aliceKey.PubKey instead of the old GetKeyPair destructuring.

---

Summary

Finding	Severity
newAddress swallows deriveDefaultAddresses error	🚨 Bug — silent corruption risk
singleKeyID unused, KeyRef.Id always empty	🔧 Should fix
go-sdk companion PR still missing	⚠️ Coordination needed
addInputs tapscript fix	✅ Correct

Requesting changes for the error-swallowing bug. The rest is solid.

🤖 Reviewed by Arkana

[coderabbitai]

Actionable comments posted: 1

♻️ Duplicate comments (2)

pkg/client-lib/wallet/wallet.go (1)

15-18: ⚠️ Potential issue | 🟠 Major

Make the key handle contract stable and explicit.

KeyRef.Id is the only thing callers can persist, but the current contract still treats it as arbitrary and GetKey does not require that same handle back in a discoverable way. That leaves HD implementations without a clear round-trip path and keeps the API implicitly single-key-friendly. I’d tighten this by documenting Id as stable/unique and either making it an explicit GetKey parameter or adding a typed selector like WithKeyID(...).

Based on learnings, the intended flow is “new key → persist derivation handle → reopen the same key later,” and the single-key wallet should use a fixed constant handle.

Also applies to: 30-31

🤖 Prompt for AI Agents

Verify each finding against the current code and only fix it if needed.

In `@pkg/client-lib/wallet/wallet.go` around lines 15 - 18, KeyRef.Id must be
declared and treated as a stable, unique handle for persistent key lookup;
update the KeyRef docs to state Id is a stable/unique identifier that callers
may persist and must round-trip, then change the wallet API so GetKey accepts
that explicit handle (e.g., GetKey(ctx, keyID string) or add a typed selector
WithKeyID(keyID string) used by existing GetKey/GetKeys flows) and ensure
single-key implementations use a fixed constant handle; update usages/comments
referencing KeyRef.Id, GetKey, and any key creation paths to persist and consume
the same handle so HD and single-key wallets have a clear discoverable
round-trip.

pkg/client-lib/wallet/singlekey/bitcoin_wallet.go (1)

46-67: ⚠️ Potential issue | 🟠 Major

Populate KeyRef.Id in the single-key backend.

Both methods drop the stable handle and only return the pubkey, so downstream KeyID values stay empty and callers cannot round-trip the reference later. This file already defines the fixed handle; it just never gets used.

Proposed fix

 func (w *bitcoinWallet) NewKey(
 	ctx context.Context, opts ...wallet.KeyOption,
 ) (*wallet.KeyRef, error) {
 	if w.walletData == nil {
 		return nil, fmt.Errorf("wallet not initialized")
 	}
 	if w.IsLocked() {
 		return nil, fmt.Errorf("wallet is locked")
 	}
-	return &wallet.KeyRef{PubKey: w.privateKey.PubKey()}, nil
+	return &wallet.KeyRef{
+		Id:     singleKeyID,
+		PubKey: w.privateKey.PubKey(),
+	}, nil
 }
 
 func (w *bitcoinWallet) GetKey(
 	ctx context.Context, opts ...wallet.KeyOption,
 ) (*wallet.KeyRef, error) {
 	if w.walletData == nil {
 		return nil, fmt.Errorf("wallet not initialized")
 	}
 	if w.IsLocked() {
 		return nil, fmt.Errorf("wallet is locked")
 	}
-	return &wallet.KeyRef{PubKey: w.privateKey.PubKey()}, nil
+	return &wallet.KeyRef{
+		Id:     singleKeyID,
+		PubKey: w.privateKey.PubKey(),
+	}, nil
 }

Based on learnings, the single-key wallet is expected to return a fixed constant handle so callers can persist and later reuse that key reference.

🤖 Prompt for AI Agents

Verify each finding against the current code and only fix it if needed.

In `@pkg/client-lib/wallet/singlekey/bitcoin_wallet.go` around lines 46 - 67, The
NewKey and GetKey methods on bitcoinWallet currently return wallet.KeyRef with
only PubKey set, leaving KeyRef.Id empty; update both bitcoinWallet.NewKey and
bitcoinWallet.GetKey to also populate KeyRef.Id with the single-key backend's
fixed handle (the fixed handle variable defined in this file, e.g.
singleKeyHandle) so callers can persist and round-trip the reference; ensure the
returned struct is &wallet.KeyRef{Id: singleKeyHandle, PubKey:
w.privateKey.PubKey()} and keep existing nil checks and lock checks unchanged.

🤖 Prompt for all review comments with AI agents

Verify each finding against the current code and only fix it if needed.

Inline comments:
In `@pkg/client-lib/wallet/wallet_test.go`:
- Around line 66-73: The test currently only asserts the public key matches; add
assertions on the returned key handle (KeyRef.Id) to ensure it is non-empty and
stable across calls: after walletSvc.GetKey(t.Context()) assert key.Id is not
empty, then call walletSvc.NewKey(...) and walletSvc.ListKeys(...) (or the
existing test positions around lines using GetKey/NewKey/ListKeys) and assert
the same KeyRef.Id is returned each time and is non-empty; update the assertions
in the spots referenced (GetKey, NewKey, ListKeys) so tests fail if an empty or
differing KeyRef.Id is returned.

---

Duplicate comments:
In `@pkg/client-lib/wallet/singlekey/bitcoin_wallet.go`:
- Around line 46-67: The NewKey and GetKey methods on bitcoinWallet currently
return wallet.KeyRef with only PubKey set, leaving KeyRef.Id empty; update both
bitcoinWallet.NewKey and bitcoinWallet.GetKey to also populate KeyRef.Id with
the single-key backend's fixed handle (the fixed handle variable defined in this
file, e.g. singleKeyHandle) so callers can persist and round-trip the reference;
ensure the returned struct is &wallet.KeyRef{Id: singleKeyHandle, PubKey:
w.privateKey.PubKey()} and keep existing nil checks and lock checks unchanged.

In `@pkg/client-lib/wallet/wallet.go`:
- Around line 15-18: KeyRef.Id must be declared and treated as a stable, unique
handle for persistent key lookup; update the KeyRef docs to state Id is a
stable/unique identifier that callers may persist and must round-trip, then
change the wallet API so GetKey accepts that explicit handle (e.g., GetKey(ctx,
keyID string) or add a typed selector WithKeyID(keyID string) used by existing
GetKey/GetKeys flows) and ensure single-key implementations use a fixed constant
handle; update usages/comments referencing KeyRef.Id, GetKey, and any key
creation paths to persist and consume the same handle so HD and single-key
wallets have a clear discoverable round-trip.

🪄 Autofix (Beta)

Fix all unresolved CodeRabbit comments on this PR:

• Push a commit to this branch (recommended)
• Create a new PR with the fixes

---

ℹ️ Review info

⚙️ Run configuration

Configuration used: Organization UI

Review profile: CHILL

Plan: Pro

Run ID: 7d327e5a-404a-40ba-aef8-26e82a4ad6ba

📥 Commits

Reviewing files that changed from the base of the PR and between 66363cf and 1d33066.

📒 Files selected for processing (10)

• internal/test/e2e/e2e_test.go
• pkg/client-lib/asset.go
• pkg/client-lib/batch_session.go
• pkg/client-lib/funding.go
• pkg/client-lib/send.go
• pkg/client-lib/types/types.go
• pkg/client-lib/unroll.go
• pkg/client-lib/wallet/singlekey/bitcoin_wallet.go
• pkg/client-lib/wallet/wallet.go
• pkg/client-lib/wallet/wallet_test.go

🚧 Files skipped from review as they are similar to previous changes (4)

• pkg/client-lib/batch_session.go
• pkg/client-lib/unroll.go
• pkg/client-lib/asset.go
• internal/test/e2e/e2e_test.go

[coderabbitai]

⚠️ Potential issue | 🟡 Minor

Add assertions for the key handle, not just the pubkey.

These tests would still pass if the backend returned an empty KeyRef.Id, which is exactly the regression in the current single-key implementation. Please assert that the id is non-empty and stable across GetKey, NewKey, and ListKeys.

Based on learnings, callers are expected to persist a stable key handle/path and reuse it later, so the tests should validate that part of the API too.

Also applies to: 111-118, 157-165

🤖 Prompt for AI Agents

Verify each finding against the current code and only fix it if needed.

In `@pkg/client-lib/wallet/wallet_test.go` around lines 66 - 73, The test
currently only asserts the public key matches; add assertions on the returned
key handle (KeyRef.Id) to ensure it is non-empty and stable across calls: after
walletSvc.GetKey(t.Context()) assert key.Id is not empty, then call
walletSvc.NewKey(...) and walletSvc.ListKeys(...) (or the existing test
positions around lines using GetKey/NewKey/ListKeys) and assert the same
KeyRef.Id is returned each time and is non-empty; update the assertions in the
spots referenced (GetKey, NewKey, ListKeys) so tests fail if an empty or
differing KeyRef.Id is returned.

[arkanaai]

Arkana Incremental Review — Merge Commit (168a35c)

🤖 Reviewed by Arkana

Scope: Single merge commit bringing master into the PR branch. Incorporates #999 (swept vtxo finalization tests) and #1001 (indexer admin endpoints).

Finding: Clean merge — no conflict resolutions in any PR-owned files:

• pkg/client-lib/wallet/ — unchanged
• pkg/client-lib/service.go, funding.go, send.go, batch_session.go, unroll.go, asset.go, ark_sdk.go — unchanged
• pkg/client-lib/types/types.go — unchanged
• internal/test/e2e/utils_test.go, single_batch_smoke_test.go — unchanged

All incoming changes are from already-merged master commits, not from this PR. No new concerns beyond my previous reviews.

Prior review status: My earlier feedback on KeyRef naming, deriveDefaultAddresses error propagation, and KeyID population still applies. No regressions introduced by this merge.

[arkanaai]

Arkana Incremental Review — Commit 6b8aa5f ("Fixes after review")

Focused on delta since my last review (168a35c).

Changes reviewed

1. pkg/client-lib/funding.go:309 — ✅ Critical fix applied. return onchainAddr, offchainAddr, boardingAddr, nil → return ..., err. This was the silent error-swallowing bug I flagged in my Apr 10 review. deriveDefaultAddresses failures are now correctly propagated. Good.

2. pkg/client-lib/wallet/singlekey/bitcoin_wallet.go:28 — ✅ Removes dead singleKeyID constant. Verified no remaining references in the codebase.

3. pkg/client-lib/wallet/wallet_test.go:68 — ✅ Adds require.NotNil(t, key) guard before accessing key.PubKey. Proper defensive testing.

4. internal/test/e2e/e2e_test.go — ✅ Migrates the two remaining setupArkSDKwithPublicKey test cases ("vtxo already swept", "vtxo expired but not swept") to setupClient. Verified zero remaining references to setupArkSDK/setupArkSDKwithPublicKey in e2e tests. The explorer construction removal is correct — alice.SignTransaction now handles explorer internally.

Verdict

All prior findings addressed. The funding.go error propagation fix was the most important — that was a real bug that could silently corrupt address derivation in production.

⚠️ Protocol note: This PR touches address derivation (newAddress, deriveDefaultAddresses) and transaction signing flows (SignTransaction). These are protocol-adjacent. Human reviewer should confirm the full integration path before merge.

🤖 Reviewed by Arkana

[coderabbitai]

Actionable comments posted: 1

Caution

Some comments are outside the diff and can’t be posted inline due to platform limitations.

⚠️ Outside diff range comments (1)

pkg/client-lib/funding.go (1)

67-72: ⚠️ Potential issue | 🟠 Major

Balance still assumes a single key.

After switching to a.getAddresses(ctx), the slices here can contain one entry per wallet key, but the aggregation below still runs getOffchainBalance and the full onchain sweep once per key and then stops after only nbWorkers results. With more than one key, that will ignore later addresses and/or double-count shared totals.

🤖 Prompt for AI Agents

Verify each finding against the current code and only fix it if needed.

In `@pkg/client-lib/funding.go` around lines 67 - 72, The Balance method currently
assumes a single key and only processes up to nbWorkers results, which causes
later addresses from getAddresses(ctx) (onchainAddrs, offchainAddrs,
boardingAddrs, redeemAddrs) to be ignored or double-counted; modify Balance to
iterate over each address in those slices and aggregate totals across all
addresses: call getOffchainBalance for each offchain address and sum the
returned balances, perform the onchain sweep across all onchainAddrs (or run
per-address and sum) rather than once-per-key then stopping early, and update
the concurrency/worker logic so it schedules work for the full address lists and
collects all results (do not short-circuit after nbWorkers). Ensure you update
references inside Balance to correctly handle slices from getAddresses and to
merge per-address results into the final Balance struct without duplication.

♻️ Duplicate comments (1)

pkg/client-lib/wallet/wallet_test.go (1)

63-75: ⚠️ Potential issue | 🟡 Minor

Still missing assertions on KeyRef.Id.

These tests only prove pubkey equality, so the current regression where the single-key backend returns an empty handle would still pass. Please assert that Id is non-empty and stable across GetKey, NewKey, and ListKeys.

Based on learnings, callers are expected to persist a stable key handle/path and reuse it later.

Also applies to: 109-120, 154-167

🤖 Prompt for AI Agents

Verify each finding against the current code and only fix it if needed.

In `@pkg/client-lib/wallet/wallet_test.go` around lines 63 - 75, Update the tests
(e.g., TestGetKey and the other test blocks around 109-120 and 154-167) to
assert KeyRef.Id is non-empty and stable: after calling
walletSvc.GetKey(t.Context()) capture key.Id and require it is not empty, then
call walletSvc.NewKey / walletSvc.ListKeys (or call GetKey again) and assert the
returned KeyRef.Id equals the previously captured id to ensure the single-key
backend returns a persistent handle; locate the assertions near
newUnlockedTestWallet, GetKey, NewKey, and ListKeys invocations and add checks
for KeyRef.Id non-empty and equality across calls.

🤖 Prompt for all review comments with AI agents

Verify each finding against the current code and only fix it if needed.

Inline comments:
In `@pkg/client-lib/wallet/singlekey/bitcoin_wallet.go`:
- Around line 44-66: The NewKey and GetKey (and ListKeys) on bitcoinWallet
currently return KeyRef with only PubKey, leaving KeyRef.Id empty; add a stable
non-empty constant identifier (e.g. a package-level const like singleKeyID) and
populate KeyRef.Id with that value in bitcoinWallet.NewKey, bitcoinWallet.GetKey
and bitcoinWallet.ListKeys so the single-key wallet always returns the same
fixed handle/path that callers can persist and reuse (ensure the same constant
is referenced in all three methods).

---

Outside diff comments:
In `@pkg/client-lib/funding.go`:
- Around line 67-72: The Balance method currently assumes a single key and only
processes up to nbWorkers results, which causes later addresses from
getAddresses(ctx) (onchainAddrs, offchainAddrs, boardingAddrs, redeemAddrs) to
be ignored or double-counted; modify Balance to iterate over each address in
those slices and aggregate totals across all addresses: call getOffchainBalance
for each offchain address and sum the returned balances, perform the onchain
sweep across all onchainAddrs (or run per-address and sum) rather than
once-per-key then stopping early, and update the concurrency/worker logic so it
schedules work for the full address lists and collects all results (do not
short-circuit after nbWorkers). Ensure you update references inside Balance to
correctly handle slices from getAddresses and to merge per-address results into
the final Balance struct without duplication.

---

Duplicate comments:
In `@pkg/client-lib/wallet/wallet_test.go`:
- Around line 63-75: Update the tests (e.g., TestGetKey and the other test
blocks around 109-120 and 154-167) to assert KeyRef.Id is non-empty and stable:
after calling walletSvc.GetKey(t.Context()) capture key.Id and require it is not
empty, then call walletSvc.NewKey / walletSvc.ListKeys (or call GetKey again)
and assert the returned KeyRef.Id equals the previously captured id to ensure
the single-key backend returns a persistent handle; locate the assertions near
newUnlockedTestWallet, GetKey, NewKey, and ListKeys invocations and add checks
for KeyRef.Id non-empty and equality across calls.

🪄 Autofix (Beta)

Fix all unresolved CodeRabbit comments on this PR:

• Push a commit to this branch (recommended)
• Create a new PR with the fixes

---

ℹ️ Review info

⚙️ Run configuration

Configuration used: Organization UI

Review profile: CHILL

Plan: Pro

Run ID: da620916-c88f-4287-a59c-b98d81f028d0

📥 Commits

Reviewing files that changed from the base of the PR and between 168a35c and 6b8aa5f.

📒 Files selected for processing (4)

• internal/test/e2e/e2e_test.go
• pkg/client-lib/funding.go
• pkg/client-lib/wallet/singlekey/bitcoin_wallet.go
• pkg/client-lib/wallet/wallet_test.go

🚧 Files skipped from review as they are similar to previous changes (1)

• internal/test/e2e/e2e_test.go