fix(ffi): validate account seed lengths

[thepastaclaw]

FFI account seed-length validation

Summary

• Add FFI-side seed-length validation for BLS seed derivation helpers before
  slicing or deriving.
• Add EdDSA seed-length validation at the FFI boundary to mirror the underlying
  SLIP-10 contract.
• Cover invalid BLS and EdDSA seed lengths with focused regression tests while
  leaving generic secp256k1 account seed behavior unchanged.

Validation

• cargo fmt -- key-wallet-ffi/src/account_derivation.rs \ key-wallet-ffi/src/account_derivation_tests.rs
• cargo test -p key-wallet-ffi --features eddsa,bls account_derivation -- \ --nocapture — 6 passed
• code-review dashpay/rust-dashcore upstream/v0.42-dev \ fix-ffi-seed-length-validation "Validate key-wallet FFI BLS/EdDSA account \ seed lengths before slicing/deriving while preserving secp256k1 generic \ account seed behavior" — no significant issues found; recommendation:
  ship

Notes

Draft until human review marks it ready.

Summary by CodeRabbit

• Refactor

  • Centralized seed-length validation for account derivation. BLS key generation now enforces 16–64 byte seeds, and EdDSA key generation requires minimum 16-byte seeds.

• Tests

  • Added regression tests for seed-length validation in account derivation workflows.

[coderabbitai]

Warning

Rate limit exceeded

@thepastaclaw has exceeded the limit for the number of commits that can be reviewed per hour. Please wait 54 minutes and 5 seconds before requesting another review.

You’ve run out of usage credits. Purchase more in the billing tab.

⌛ How to resolve this issue?

After the wait time has elapsed, a review can be triggered using the @coderabbitai review command as a PR comment. Alternatively, push new commits to this PR.

We recommend that you space out your commits to avoid hitting the rate limit.

🚦 How do rate limits work?

CodeRabbit enforces hourly rate limits for each developer per organization.

Our paid plans have higher rate limits than the trial, open-source and free plans. In all cases, we re-allow further reviews after a brief timeout.

Please see our FAQ for further information.

ℹ️ Review info

⚙️ Run configuration

Configuration used: Path: .coderabbit.yaml

Review profile: CHILL

Plan: Pro

Run ID: eb7ce934-380b-48d4-844c-8c2c8dca72d0

📥 Commits

Reviewing files that changed from the base of the PR and between d60981f and 0d8f959.

📒 Files selected for processing (2)

• key-wallet-ffi/src/account_derivation.rs
• key-wallet-ffi/src/account_derivation_tests.rs

📝 Walkthrough

Walkthrough

This PR refactors seed-length validation for BLS and EdDSA account derivation by centralizing checks into private helpers that enforce minimum 16-byte seeds, replacing inline validation that previously accepted 1-byte seeds. Tests are expanded with regression coverage for the tighter constraints.

Changes

Seed-Length Validation Refactoring

Layer / File(s)	Summary
Validation Helpers and Imports key-wallet-ffi/src/account_derivation.rs	Updated imports add AccountTrait and FFI pointer types. New private helpers validate_bls_seed_len (16–64 bytes) and validate_eddsa_seed_len (≥16 bytes) centralize validation logic and return FFIErrorCode::InvalidInput on failure.
BLS Derivation Update key-wallet-ffi/src/account_derivation.rs	bls_account_derive_private_key_from_seed now calls validate_bls_seed_len, enforcing minimum 16-byte seeds instead of 1-byte minimum.
EdDSA Derivation Update key-wallet-ffi/src/account_derivation.rs	eddsa_account_derive_private_key_from_seed adds early-return guard via validate_eddsa_seed_len to reject seeds shorter than 16 bytes.
Test Infrastructure and Coverage key-wallet-ffi/src/account_derivation_tests.rs	Conditional bls-feature imports added. Existing null-safety assertions reformatted to multiline calls with error-code validation. New regression tests (test_bls_seed_helper_rejects_invalid_seed_lengths, test_eddsa_seed_helper_rejects_invalid_seed_lengths) verify both helpers reject out-of-range seeds and return null with FFIErrorCode::InvalidInput.

Estimated code review effort

🎯 2 (Simple) | ⏱️ ~12 minutes

Poem

🐰 Seeds now measured with care,
Sixteen bytes, no despair,
BLS and EdDSA bound,
Validation helpers found,
Tests confirm the guard is fair! 🌱

🚥 Pre-merge checks | ✅ 5

✅ Passed checks (5 passed)

Check name	Status	Explanation
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.
Title check	✅ Passed	The title directly and clearly describes the main change: adding validation for account seed lengths in the FFI layer.
Docstring Coverage	✅ Passed	Docstring coverage is 100.00% which is sufficient. The required threshold is 80.00%.
Linked Issues check	✅ Passed	Check skipped because no linked issues were found for this pull request.
Out of Scope Changes check	✅ Passed	Check skipped because no linked issues were found for this pull request.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing Touches

🧪 Generate unit tests (beta)

• Create PR with unit tests

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[thepastaclaw]

@coderabbitai review

[coderabbitai]

✅ Actions performed

Review triggered.

Note: CodeRabbit is an incremental review system and does not re-review already reviewed commits. This command is applicable only when automatic reviews are paused.

[coderabbitai]

Actionable comments posted: 1

🤖 Prompt for all review comments with AI agents

Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

Inline comments:
In `@key-wallet-ffi/src/account_derivation_tests.rs`:
- Around line 282-292: The second negative test reuses the prior FFIError
(error) so a stale error.code can mask a missing error from
bls_account_derive_private_key_from_seed; before calling
bls_account_derive_private_key_from_seed for the long_seed test,
reinitialize/reset error (e.g., create a fresh FFIError/default or zeroed
instance) so the function must set it for the assert to be valid—ensure you
reset the same variable named error used with ffi_account and too_long prior to
the call and then assert error.code == FFIErrorCode::InvalidInput.

🪄 Autofix (Beta)

Fix all unresolved CodeRabbit comments on this PR:

• Push a commit to this branch (recommended)
• Create a new PR with the fixes

---

ℹ️ Review info

⚙️ Run configuration

Configuration used: Path: .coderabbit.yaml

Review profile: CHILL

Plan: Pro

Run ID: 1d48f1d3-d750-4723-91a4-211dd0735532

📥 Commits

Reviewing files that changed from the base of the PR and between dca03ce and d60981f.

📒 Files selected for processing (2)

• key-wallet-ffi/src/account_derivation.rs
• key-wallet-ffi/src/account_derivation_tests.rs

[thepastaclaw]

@coderabbitai review

[coderabbitai]

✅ Actions performed

Review triggered.

Note: CodeRabbit is an incremental review system and does not re-review already reviewed commits. This command is applicable only when automatic reviews are paused.

[codecov]

Codecov Report

❌ Patch coverage is 72.72727% with 6 lines in your changes missing coverage. Please review.
✅ Project coverage is 72.11%. Comparing base (dca03ce) to head (0d8f959).

Files with missing lines	Patch %	Lines
key-wallet-ffi/src/account_derivation.rs	72.72%	6 Missing ⚠️

Additional details and impacted files

@@              Coverage Diff              @@
##           v0.42-dev     #752      +/-   ##
=============================================
- Coverage      72.22%   72.11%   -0.12%     
=============================================
  Files            320      320              
  Lines          69631    69651      +20     
=============================================
- Hits           50294    50231      -63     
- Misses         19337    19420      +83     

Flag	Coverage Δ
core	76.30% <ø> (ø)
ffi	44.97% <72.72%> (-0.31%)	⬇️
rpc	20.00% <ø> (ø)
spv	89.53% <ø> (-0.29%)	⬇️
wallet	71.22% <ø> (ø)

Files with missing lines	Coverage Δ
key-wallet-ffi/src/account_derivation.rs	11.65% <72.72%> (-10.51%)	⬇️

... and 8 files with indirect coverage changes