runtime: multi-module supervisor + block/log event loop#9
Draft
brunota20 wants to merge 13 commits into
Draft
Conversation
Adds the dependencies the 0.2 host backends need: - cowprotocol (1.0.0-alpha) for the cow-api submission path (OrderBookApi, OrderCreation, OrderUid, Chain). - alloy-provider / -rpc-client / -transport-ws / -primitives (1.5) for the chain JSON-RPC dispatch. The reqwest feature on alloy-provider engages connect_http; the pubsub/ws features back eth_subscribe-class methods. - redb (2) for local-store. Same crate cowprotocol's own watch-tower picked, so the dep tree does not bifurcate when both are used in the same workspace. - reqwest (0.12, rustls-tls) — direct, so the import survives any future cowprotocol feature rearrangement. - tracing + tracing-subscriber (env-filter + fmt) — replaces the 0.1 eprintln! debug log so the engine can drop into a structured log pipeline without re-instrumenting every host call. - thiserror (2) — typed error enums in each backend. - tempfile + wiremock as dev-deps for the host backend tests. Adds engine.example.toml documenting the [engine] state_dir + per- chain RPC URLs the chain backend reads at boot; data/ is now ignored so a local run does not leave the redb file in tree.
Replaces the 0.2 Unsupported stubs with working backends. Each
capability lives in its own host submodule so the trait impls in
main.rs stay thin (dispatch + project the backend's typed error
onto HostError).
cow_api::submit_order
- Parses the guest's bytes as JSON cowprotocol::OrderCreation.
- Dispatches via cowprotocol::OrderBookApi::post_order.
- Returns the assigned OrderUid as a 0x-prefixed hex string.
cow_api::request
- REST passthrough. The base URL is whichever URL the pool's
OrderBookApi client carries — so OrderBookApi::new_with_base_url
overrides (staging, wiremock) flow through transparently.
- Method/path validated host-side; orderbook 4xx/5xx bodies are
surfaced verbatim so the guest can decode {errorType,description}.
chain::request
- Raw JSON-RPC dispatch over an alloy DynProvider opened from
engine.toml at boot. WebSocket URLs engage pubsub (eth_subscribe);
HTTP URLs use the HTTP transport. Params are passed as
serde_json::RawValue so alloy does not re-encode.
- request-batch falls back to per-call dispatch (same shape as the
earlier stub but now backed by real RPC).
local_store
- redb file under engine_config.engine.state_dir.
- Single shared table. Per-module namespacing is enforced
host-side via [len:u8][module_name][raw_key] prefix on every
key. list_keys strips the prefix before returning to the guest.
logging
- Routes through tracing::event! tagged with module=<namespace>.
- Engine boot installs an EnvFilter-based subscriber; RUST_LOG
overrides the engine.toml log_level.
identity / remote-store / messaging / http stay at Unsupported per
the 0.2 roadmap (keystore / Swarm / Waku land in 0.3).
Tests (14, all green):
- cow_orderbook: pool default chains, unknown-chain typing, REST
GET passthrough, relative-path resolution, unknown-method
rejection, submit_order round-trip — last three under wiremock
so the full HTTP path is exercised without hitting api.cow.fi.
- provider_pool: empty pool surfaces UnknownChain.
- local_store: roundtrip, namespace isolation, delete, list_keys
prefix-stripping, empty-namespace rejection.
End-to-end against modules/example: example.wasm loads under the
new wiring, logs init + on_event through the tracing pipeline.
… death (BLEU-813-817)
…er-pool, supervisor (BLEU-821)
…interfaces (BLEU-819)
…ed_crate_dependencies, drop redundant map_err)
lgahdl
reviewed
Jun 11, 2026
…abs#8 fixes) PR nullislabs#9 specific: - main: warn + return when block/log streams end (WebSocket dropped) - supervisor: simplify dispatch_block by extracting chain_id before move - supervisor: temp_local_store returns (TempDir, LocalStore) instead of leaking - README: correct engine.toml chain syntax to [chains.<id>] with rpc_url Rebased from PR nullislabs#8: - local_store_redb: table.range() instead of iter() for O(matching) keys - provider_pool: dedupe method clone on the success path - main: hex_encode writes into the pre-allocated buffer - cow_orderbook: drop blank line nit - manifest: collapse nested if and use ? operator (clippy) - alloy_rpc_client / alloy_transport(_ws) imports as _ to satisfy unused_crate_dependencies.
Move the manifest.rs monolith into a directory module with four focused submodules (types, load, capabilities, error). Includes the Subscription enum and the four PR nullislabs#9 tests for subscription parsing. Behaviour unchanged - pure code motion.
main.rs went from 739 lines of mixed bootstrap + 8 Host trait impls +
CLI parser + event loop to ~125 lines of pure orchestration. New
layout:
- bindings.rs: wasmtime::component::bindgen!() moved out so other
modules can name the generated types.
- cli.rs: Cli struct + manual parser.
- host/state.rs: HostState + WasiView impl.
- host/error.rs: unimplemented / internal_error / hex_encode helpers.
- host/impls/{chain,cow_api,identity,local_store,remote_store,messaging,
logging,clock,random,http,types}.rs: one Host trait impl per file.
- runtime/limits.rs: DEFAULT_FUEL_PER_EVENT + DEFAULT_MEMORY_LIMIT.
- runtime/event_loop.rs: open_block_streams, open_log_streams, run,
wait_for_shutdown_signal, TaggedBlockStream, TaggedLogStream.
Adding a new capability is now a single new file under host/impls/
rather than a 60-80 line diff in main.rs.
local_store_redb.rs was 89% tests, cow_orderbook.rs was 60%, and supervisor.rs was 32% (205 lines absolute). Promote each to a directory module with the test suite living in a sibling tests.rs so impl-side diffs stop competing with test churn for attention.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Draft, stacked on top of #8 — the diff includes that PR's commits until #8 lands.
This is the next layer: turns `main` from a single-module bootstrap that fires one test event into a multi-module supervisor that drives the engine off live `eth_subscribe` streams.
Schema additions
`engine.toml` grows `[[modules]]` entries:
```toml
[[modules]]
path = "./modules/twap/twap.wasm"
manifest = "./modules/twap/nexum.toml" # optional; defaults to sibling
```
`nexum.toml` grows `[[subscription]]` entries (tagged enum, matches the schema in `docs/02-modules-events-packaging.md`):
```toml
[[subscription]]
kind = "block"
chain_id = 11155111
[[subscription]]
kind = "log"
chain_id = 11155111
address = "0xfdaFc9d1902f4e0b84f65F49f244b32b31013b74"
event_signature = "0x..."
[[subscription]]
kind = "cron"
schedule = "*/5 * * * *" # parsed + warned; dispatch lands in 0.3
```
Unknown `kind` values surface at load time so a typo does not silently disable an event source. Cron is parsed and logged with a "declared but inert in 0.2" warning per the docs/02 lifecycle.
Multi-module loading
`supervisor::Supervisor::boot` iterates `engine_cfg.modules`, compiles each `.wasm` into its own wasmtime `Store`, runs `_init` with the manifest's `[config]`, and surfaces the subscriptions the event loop will wire. One `Engine` + `Linker` is shared across modules; `cow_pool` / `provider_pool` / `local_store` are cloned into each `HostState`; the per-module namespace comes from `manifest.module.name`.
A positional CLI `` still works for the single-module `just run` path — the supervisor synthesises a one-module config in that case, so backwards compat is preserved.
Event loop
`ProviderPool` gains `subscribe_blocks` + `subscribe_logs` returning boxed alloy streams typed `Result<Header, ProviderError>` and `Result<Log, ProviderError>`.
`main` opens:
tags each stream with `chain_id` / `module_name`, and merges via `select_all`. Block events go to every subscribed module; log events go only to the owning module. `on_event` failures surface as `tracing::warn!` (host-error returned by guest) or `tracing::error!` (wasm trap).
SIGINT / SIGTERM (Unix) or ctrl-c (else) exits the loop cleanly.
Out of scope (deliberate, per the 0.3 roadmap)
Test surface
`cargo test -p nexum-engine --bins`: 15 passed (one new — empty supervisor returns empty subscription sets). Existing `cow_orderbook` + `provider_pool` + `local_store` tests untouched.
```
cargo fmt --all --check # clean
RUSTFLAGS=-D warnings cargo clippy --all-targets # clean
just run # example.wasm boots through the supervisor,
# exits cleanly with "no [[subscription]]"
```
Open questions
CLI surface. I went with `--engine-config ` + positional ` ` for backwards-compat. If you'd rather drop the positional shortcut and require `engine.toml` in production, easy to strip.
Block dispatch chains-per-stream. Today one block subscription per chain serves every module subscribed to that chain (shared subscription, per the docs/01 "shared subscriptions" line). If you'd rather one subscription per (module, chain) for clearer attribution, the structure carries through — `open_block_streams` is the only change.
Log filter granularity. `[[subscription]] kind="log"` currently accepts `address` (single) + `event_signature` (topic-0). Schema could grow `addresses` (list) and `topics` (full topic-0..3 array) — I kept it small to match the example in docs/02. Happy to extend.
Boundary between supervisor and main. Event-loop logic is in main.rs today (`open_block_streams` / `open_log_streams` / `run_event_loop`). It would fit in `supervisor.rs` for symmetry; left in main to keep the supervisor module focused on per-module concerns. Easy to move.