feat: implement ERC20CommerceEscrowWrapper with event handling and schema updates

[rodrigopavezi]

Problem

• We need to index the new ERC20CommerceEscrowWrapper smart contracts events for the checkout features.

Changes

• Added the indexing and mapping of the events to this subgraph.

Sample

• Authorization Transaction: https://sepolia.etherscan.io/tx/0xa4afa5658f0a672c1dbf2d8478af543eda864041a15293305e07ee8da83f7a29

Summary by CodeRabbit

• New Features

  • Added ERC20 commerce escrow support: full payment lifecycle, events, on-chain escrow entities, and handlers to record state and event history.
  • Extended GraphQL schema and event indexing to track CommerceEscrow and CommerceEscrowEvent across networks.

• Chores

  • Updated subgraph startup script and bumped smart-contracts dependency.
  • Improved manifest/event filtering and manifest generation to handle escrow-specific events.

_{✏️ Tip: You can customize this high-level summary in your review settings.}

[coderabbitai]

Note

Other AI code review bot(s) detected

CodeRabbit has detected other AI code review bot(s) in this pull request and will avoid duplicating their findings in the review comments. This may lead to a less comprehensive review.

Walkthrough

Adds ERC20CommerceEscrowWrapper support: new contract ABI, subgraph datasources for Base/Sepolia, GraphQL schema/entities for commerce escrows/events, mapping handlers to track escrow lifecycle, shared utilities for IDs/events, and manifest/CLI updates including artifact registration and ignored events.

Changes

Cohort / File(s)	Change Summary
Contract ABI abis/ERC20CommerceEscrowWrapper.json	New ABI defining constructor, errors, events (CommercePaymentAuthorized, PaymentAuthorized, PaymentCaptured, PaymentCharged, PaymentReclaimed, PaymentRefunded, PaymentVoided, TransferWithReferenceAndFee), structs (AuthParams, ChargeParams, PaymentData), getters, and payment action functions (authorize, charge, capture, refund, void, reclaim).
GraphQL Schema schema.graphql	Added commerce escrow model: CommerceEscrowState enum, CommerceEscrow @entity, `CommerceEscrowEventName` enum, and `CommerceEscrowEvent `@entity (includes event metadata and amount: BigDecimal).
Mapping Handlers src/erc20CommerceEscrowWrapper.ts	New handlers: handlePaymentAuthorized, handlePaymentCaptured, handlePaymentVoided, handlePaymentCharged, handlePaymentReclaimed, handlePaymentRefunded. They create/load CommerceEscrow, update state via helper, and persist CommerceEscrowEvent records with amounts as appropriate.
Shared Utilities src/shared.ts	Added generateCommerceEscrowId, generateCommerceEscrowEventId, and createCommerceEscrowEvent(event, paymentReference, eventName, amount); exports updated to include BigDecimal and CommerceEscrowEvent. Event IDs use keccak256 hashing.
Manifest & CLI cli/lib/manifest.ts, package.json	Registered ERC20CommerceEscrowWrapper artifact in paymentNetworks; adjusted address handling typings/signatures; added contract-specific ignored events (CommercePaymentAuthorized, TransferWithReferenceAndFee) and combined into allIgnoredEvents; getManifest adds graphEntities for the wrapper. package.json script updated and @requestnetwork/smart-contracts bumped to 0.49.0.
Subgraph Datasources subgraph.sepolia.yaml, subgraph.base.yaml	Added ERC20CommerceEscrowWrapper datasource entries (Sepolia and Base) with address/ABI/startBlock, mapping to ./src/erc20CommerceEscrowWrapper.ts, event handlers for PaymentAuthorized, PaymentCaptured, PaymentCharged, PaymentReclaimed, PaymentRefunded, PaymentVoided (with receipts), and entities Payment, CommerceEscrow, CommerceEscrowEvent.

Sequence Diagram(s)

sequenceDiagram
    participant Client as Client (payer/merchant)
    participant Contract as ERC20CommerceEscrowWrapper
    participant Indexer as Subgraph Mapping
    participant Store as Graph Store

    Client->>Contract: call authorize/charge/capture/void/refund/reclaim
    Contract-->>Contract: emit event (PaymentAuthorized/Charged/Captured/Voided/Refunded/Reclaimed)
    Contract->>Indexer: node delivers on-chain event
    Indexer->>Indexer: parse event, derive paymentReference
    Indexer->>Store: load/create CommerceEscrow entity
    Indexer->>Store: update CommerceEscrow state
    Indexer->>Store: create CommerceEscrowEvent (include amount if present)

Loading

Estimated code review effort

🎯 3 (Moderate) | ⏱️ ~25 minutes

• Review mapping handlers in src/erc20CommerceEscrowWrapper.ts for correct entity creation, state transitions, null-checks, and amount handling.
• Verify generateCommerceEscrowEventId uniqueness and keccak256 usage in src/shared.ts.
• Ensure schema.graphql field names/types align with mapping code.
• Validate subgraph.sepolia.yaml / subgraph.base.yaml event names, handler function names, receipt flags, ABI paths, and referenced entities.
• Inspect cli/lib/manifest.ts changes: artifact registration, allIgnoredEvents construction, and graphEntities additions.

Pre-merge checks and finishing touches

❌ Failed checks (1 warning)

Check name	Status	Explanation	Resolution
Docstring Coverage	⚠️ Warning	Docstring coverage is 66.67% which is insufficient. The required threshold is 80.00%.	You can run @coderabbitai generate docstrings to improve docstring coverage.

✅ Passed checks (2 passed)

Check name	Status	Explanation
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.
Title check	✅ Passed	The pull request title accurately describes the main change: implementing ERC20CommerceEscrowWrapper with event handling and schema updates, which is the primary focus across all modified files.

✨ Finishing touches

• 📝 Generate docstrings

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Post copyable unit tests in a comment
• Commit unit tests in branch feat/commerce-events

---

📜 Recent review details

Configuration used: CodeRabbit UI

Review profile: CHILL

Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between 1ad5550 and ffffcbe.

📒 Files selected for processing (1)

• src/shared.ts (2 hunks)

🧰 Additional context used

📓 Path-based instructions (1)

**/*

⚙️ CodeRabbit configuration file

**/*: - Only comment on issues that would block merging — ignore minor or stylistic concerns.

• Restrict feedback to errors, security risks, or functionality-breaking problems.
• Do not post comments on code style, formatting, or non-critical improvements.
• Keep reviews short: flag only issues that make the PR unsafe to merge.
• Limit review comments to 3–5 items maximum, unless additional blockers exist.
• Group similar issues into a single comment instead of posting multiple notes.
• Skip repetition — if a pattern repeats, mention it once at a summary level only.
• Do not add general suggestions; focus strictly on merge-blocking concerns.
• If there are no critical problems, respond with minimal approval (e.g., 'Looks good'). Do not add additional review.
• Avoid line-by-line commentary unless it highlights a critical bug or security hole.
• Highlight only issues that could cause runtime errors, data loss, or severe maintainability issues.
• Ignore minor optimization opportunities — focus solely on correctness and safety.
• Provide a top-level summary of critical blockers rather than detailed per-line notes.
• Comment only when the issue must be resolved before merge — otherwise, remain silent.
• When in doubt, err on the side of fewer comments — brevity and blocking issues only.
• Avoid posting any refactoring issues

Files:

• src/shared.ts

🧠 Learnings (1)

📚 Learning: 2024-11-11T15:47:43.409Z

Learnt from: MantisClone
Repo: RequestNetwork/payments-subgraph PR: 107
File: src/singleRequestProxyFactory.ts:30-30
Timestamp: 2024-11-11T15:47:43.409Z
Learning: In `src/singleRequestProxyFactory.ts` (TypeScript), when constructing unique identifiers by concatenating strings (e.g., transaction hash and log index), prefer using string concatenation with `+` instead of template literals.

Applied to files:

• src/shared.ts

🔇 Additional comments (1)

src/shared.ts (1)

1-78: Looks good.

The previous critical issue with ID generation has been resolved. The code now correctly uses ByteArray.fromHexString(id) for hashing and adds the "commerce-" prefix after the hash.

---

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[greptile-apps]

Greptile Overview

Greptile Summary

Adds support for tracking ERC20 commerce escrow payments through a new subgraph datasource. The implementation introduces CommerceEscrow and CommerceEscrowEvent entities to track the full lifecycle of commerce payments (authorized, captured, voided, charged, reclaimed, refunded).

Key changes:

• New GraphQL schema entities for commerce escrow tracking with proper state management
• Event handlers for all 6 payment lifecycle events
• Shared utility functions for ID generation and event creation following existing patterns
• Manifest configuration filtering redundant events (CommercePaymentAuthorized, TransferWithReferenceAndFee)
• Smart contracts package upgraded to v0.48.0

Issues found:

• handlePaymentCharged can overwrite existing escrow data if called after PaymentAuthorized for the same payment reference, causing loss of original creation metadata and state history

Confidence Score: 3/5

• This PR is mostly safe but contains a state management bug that could cause data loss
• The implementation follows existing patterns and adds comprehensive event handling, but the handlePaymentCharged function has a critical logic error where it creates a new escrow entity instead of updating an existing one, potentially overwriting important historical data
• Pay close attention to src/erc20CommerceEscrowWrapper.ts - specifically the handlePaymentCharged function needs to be fixed to avoid overwriting existing escrow data

Important Files Changed

File Analysis

Filename	Score	Overview
src/erc20CommerceEscrowWrapper.ts	3/5	Implements event handlers for commerce escrow lifecycle; has potential state override issue when PaymentCharged creates new escrow
src/shared.ts	5/5	Adds helper functions for commerce escrow ID generation and event creation; implementation is solid
schema.graphql	5/5	Adds CommerceEscrow and CommerceEscrowEvent entities with proper enums and relationships
cli/lib/manifest.ts	5/5	Adds ERC20CommerceEscrowWrapper to payment networks and filters redundant events correctly

Sequence Diagram

sequenceDiagram
    participant User as Payer/Merchant
    participant Contract as ERC20CommerceEscrowWrapper
    participant Subgraph as Subgraph Indexer
    participant Graph as The Graph

    Note over User,Graph: Payment Authorization Flow
    User->>Contract: authorizePayment()
    Contract->>Contract: Emit PaymentAuthorized
    Contract-->>Subgraph: PaymentAuthorized event
    Subgraph->>Graph: Create CommerceEscrow entity
    Subgraph->>Graph: Create CommerceEscrowEvent (authorized)
    
    Note over User,Graph: Payment Capture Flow
    User->>Contract: capturePayment()
    Contract->>Contract: Emit PaymentCaptured
    Contract-->>Subgraph: PaymentCaptured event
    Subgraph->>Graph: Update escrowState to "captured"
    Subgraph->>Graph: Create CommerceEscrowEvent (captured)
    
    Note over User,Graph: Payment Void Flow
    User->>Contract: voidPayment()
    Contract->>Contract: Emit PaymentVoided
    Contract-->>Subgraph: PaymentVoided event
    Subgraph->>Graph: Update escrowState to "voided"
    Subgraph->>Graph: Create CommerceEscrowEvent (voided)
    
    Note over User,Graph: Direct Charge Flow (No Prior Authorization)
    User->>Contract: chargePayment()
    Contract->>Contract: Emit PaymentCharged
    Contract-->>Subgraph: PaymentCharged event
    Subgraph->>Graph: Create CommerceEscrow entity
    Subgraph->>Graph: Create CommerceEscrowEvent (charged)
    
    Note over User,Graph: Payment Reclaim Flow
    User->>Contract: reclaimPayment()
    Contract->>Contract: Emit PaymentReclaimed
    Contract-->>Subgraph: PaymentReclaimed event
    Subgraph->>Graph: Update escrowState to "reclaimed"
    Subgraph->>Graph: Create CommerceEscrowEvent (reclaimed)
    
    Note over User,Graph: Payment Refund Flow
    User->>Contract: refundPayment()
    Contract->>Contract: Emit PaymentRefunded
    Contract-->>Subgraph: PaymentRefunded event
    Subgraph->>Graph: Update escrowState to "refunded"
    Subgraph->>Graph: Create CommerceEscrowEvent (refunded)

Loading

[greptile-apps]

_{7 files reviewed, 1 comment}

_{Edit Code Review Agent Settings | Greptile}

[coderabbitai]

Actionable comments posted: 1

📜 Review details

Configuration used: CodeRabbit UI

Review profile: CHILL

Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between 13cff0e and 758c5bf.

⛔ Files ignored due to path filters (1)

• yarn.lock is excluded by !**/yarn.lock, !**/*.lock

📒 Files selected for processing (7)

• abis/ERC20CommerceEscrowWrapper.json (1 hunks)
• cli/lib/manifest.ts (6 hunks)
• package.json (1 hunks)
• schema.graphql (1 hunks)
• src/erc20CommerceEscrowWrapper.ts (1 hunks)
• src/shared.ts (2 hunks)
• subgraph.sepolia.yaml (1 hunks)

🧰 Additional context used

📓 Path-based instructions (1)

**/*

⚙️ CodeRabbit configuration file

**/*: - Only comment on issues that would block merging — ignore minor or stylistic concerns.

• Restrict feedback to errors, security risks, or functionality-breaking problems.
• Do not post comments on code style, formatting, or non-critical improvements.
• Keep reviews short: flag only issues that make the PR unsafe to merge.
• Limit review comments to 3–5 items maximum, unless additional blockers exist.
• Group similar issues into a single comment instead of posting multiple notes.
• Skip repetition — if a pattern repeats, mention it once at a summary level only.
• Do not add general suggestions; focus strictly on merge-blocking concerns.
• If there are no critical problems, respond with minimal approval (e.g., 'Looks good'). Do not add additional review.
• Avoid line-by-line commentary unless it highlights a critical bug or security hole.
• Highlight only issues that could cause runtime errors, data loss, or severe maintainability issues.
• Ignore minor optimization opportunities — focus solely on correctness and safety.
• Provide a top-level summary of critical blockers rather than detailed per-line notes.
• Comment only when the issue must be resolved before merge — otherwise, remain silent.
• When in doubt, err on the side of fewer comments — brevity and blocking issues only.
• Avoid posting any refactoring issues

Files:

• subgraph.sepolia.yaml
• package.json
• src/erc20CommerceEscrowWrapper.ts
• src/shared.ts
• schema.graphql
• cli/lib/manifest.ts
• abis/ERC20CommerceEscrowWrapper.json

🧠 Learnings (8)

📓 Common learnings

Learnt from: MantisClone
Repo: RequestNetwork/payments-subgraph PR: 104
File: abis/SingleRequestProxyFactory.json:23-123
Timestamp: 2024-11-05T04:48:47.738Z
Learning: In the 'payments-subgraph' project, when changing smart contracts is not within the scope of a PR, avoid commenting on ABI files suggesting changes to the smart contracts.

Learnt from: MantisClone
Repo: RequestNetwork/payments-subgraph PR: 104
File: src/singleRequestProxyFactory.ts:1-38
Timestamp: 2024-11-05T04:48:44.308Z
Learning: In the `payments-subgraph` project, within `src/singleRequestProxyFactory.ts`, it is acceptable to assume that event handling functions do not require additional error handling or failed transaction handling, as errors in event handling are uncommon in this context.

📚 Learning: 2024-11-05T04:48:47.738Z

Learnt from: MantisClone
Repo: RequestNetwork/payments-subgraph PR: 104
File: abis/SingleRequestProxyFactory.json:23-123
Timestamp: 2024-11-05T04:48:47.738Z
Learning: In the 'payments-subgraph' project, when changing smart contracts is not within the scope of a PR, avoid commenting on ABI files suggesting changes to the smart contracts.

Applied to files:

• subgraph.sepolia.yaml
• package.json
• abis/ERC20CommerceEscrowWrapper.json

📚 Learning: 2024-11-11T15:47:45.143Z

Learnt from: MantisClone
Repo: RequestNetwork/payments-subgraph PR: 107
File: subgraph.bsc.yaml:156-179
Timestamp: 2024-11-11T15:47:45.143Z
Learning: For the event handlers `handleERC20SingleRequestProxyCreated` and `handleEthereumSingleRequestProxyCreated` in `src/singleRequestProxyFactory.ts`, duplicates are acceptable, and event replay protection is not required.

Applied to files:

• subgraph.sepolia.yaml
• src/erc20CommerceEscrowWrapper.ts
• cli/lib/manifest.ts

📚 Learning: 2024-11-05T04:48:44.308Z

Learnt from: MantisClone
Repo: RequestNetwork/payments-subgraph PR: 104
File: src/singleRequestProxyFactory.ts:1-38
Timestamp: 2024-11-05T04:48:44.308Z
Learning: In the `payments-subgraph` project, within `src/singleRequestProxyFactory.ts`, it is acceptable to assume that event handling functions do not require additional error handling or failed transaction handling, as errors in event handling are uncommon in this context.

Applied to files:

• subgraph.sepolia.yaml
• src/erc20CommerceEscrowWrapper.ts
• cli/lib/manifest.ts

📚 Learning: 2024-11-11T15:47:40.531Z

Learnt from: MantisClone
Repo: RequestNetwork/payments-subgraph PR: 107
File: subgraph.mantle.yaml:89-95
Timestamp: 2024-11-11T15:47:40.531Z
Learning: In the Mantle configuration file `subgraph.mantle.yaml`, the start block for the `SingleRequestProxyFactory` contract is `71485828`, and this is correct even though it is significantly higher than other start blocks in the same network.

Applied to files:

• subgraph.sepolia.yaml

📚 Learning: 2024-11-11T15:47:43.409Z

Learnt from: MantisClone
Repo: RequestNetwork/payments-subgraph PR: 107
File: src/singleRequestProxyFactory.ts:30-30
Timestamp: 2024-11-11T15:47:43.409Z
Learning: In `src/singleRequestProxyFactory.ts` (TypeScript), when constructing unique identifiers by concatenating strings (e.g., transaction hash and log index), prefer using string concatenation with `+` instead of template literals.

Applied to files:

• src/shared.ts

📚 Learning: 2024-11-05T04:48:58.313Z

Learnt from: MantisClone
Repo: RequestNetwork/payments-subgraph PR: 104
File: schema.graphql:72-82
Timestamp: 2024-11-05T04:48:58.313Z
Learning: In the `schema.graphql` file of the `payments-subgraph` project, we should not add a `created_at` field to entities when a `timestamp` field is already present, as `timestamp` provides precise chronological ordering.

Applied to files:

• schema.graphql

📚 Learning: 2024-11-05T04:48:58.313Z

Learnt from: MantisClone
Repo: RequestNetwork/payments-subgraph PR: 104
File: schema.graphql:72-82
Timestamp: 2024-11-05T04:48:58.313Z
Learning: In the payments-subgraph, it's unnecessary to include a `network` field in entities because each subgraph is chain-specific.

Applied to files:

• cli/lib/manifest.ts

🧬 Code graph analysis (1)

src/erc20CommerceEscrowWrapper.ts (1)

src/shared.ts (2)

• generateCommerceEscrowId (45-47)
• createCommerceEscrowEvent (58-79)

[coderabbitai]

Actionable comments posted: 1

📜 Review details

Configuration used: CodeRabbit UI

Review profile: CHILL

Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between 758c5bf and 3545f34.

📒 Files selected for processing (1)

• src/erc20CommerceEscrowWrapper.ts (1 hunks)

🧰 Additional context used

📓 Path-based instructions (1)

**/*

⚙️ CodeRabbit configuration file

**/*: - Only comment on issues that would block merging — ignore minor or stylistic concerns.

• Restrict feedback to errors, security risks, or functionality-breaking problems.
• Do not post comments on code style, formatting, or non-critical improvements.
• Keep reviews short: flag only issues that make the PR unsafe to merge.
• Limit review comments to 3–5 items maximum, unless additional blockers exist.
• Group similar issues into a single comment instead of posting multiple notes.
• Skip repetition — if a pattern repeats, mention it once at a summary level only.
• Do not add general suggestions; focus strictly on merge-blocking concerns.
• If there are no critical problems, respond with minimal approval (e.g., 'Looks good'). Do not add additional review.
• Avoid line-by-line commentary unless it highlights a critical bug or security hole.
• Highlight only issues that could cause runtime errors, data loss, or severe maintainability issues.
• Ignore minor optimization opportunities — focus solely on correctness and safety.
• Provide a top-level summary of critical blockers rather than detailed per-line notes.
• Comment only when the issue must be resolved before merge — otherwise, remain silent.
• When in doubt, err on the side of fewer comments — brevity and blocking issues only.
• Avoid posting any refactoring issues

Files:

• src/erc20CommerceEscrowWrapper.ts

🧠 Learnings (2)

📚 Learning: 2024-11-05T04:48:44.308Z

Learnt from: MantisClone
Repo: RequestNetwork/payments-subgraph PR: 104
File: src/singleRequestProxyFactory.ts:1-38
Timestamp: 2024-11-05T04:48:44.308Z
Learning: In the `payments-subgraph` project, within `src/singleRequestProxyFactory.ts`, it is acceptable to assume that event handling functions do not require additional error handling or failed transaction handling, as errors in event handling are uncommon in this context.

Applied to files:

• src/erc20CommerceEscrowWrapper.ts

📚 Learning: 2024-11-11T15:47:45.143Z

Learnt from: MantisClone
Repo: RequestNetwork/payments-subgraph PR: 107
File: subgraph.bsc.yaml:156-179
Timestamp: 2024-11-11T15:47:45.143Z
Learning: For the event handlers `handleERC20SingleRequestProxyCreated` and `handleEthereumSingleRequestProxyCreated` in `src/singleRequestProxyFactory.ts`, duplicates are acceptable, and event replay protection is not required.

Applied to files:

• src/erc20CommerceEscrowWrapper.ts

🧬 Code graph analysis (1)

src/erc20CommerceEscrowWrapper.ts (1)

src/shared.ts (2)

• generateCommerceEscrowId (45-47)
• createCommerceEscrowEvent (58-79)

🪛 Biome (2.1.2)

src/erc20CommerceEscrowWrapper.ts

[error] 107-107: Shouldn't redeclare 'escrow'. Consider to delete it or rename it.

'escrow' is defined here:

(lint/suspicious/noRedeclare)

[coderabbitai]

Actionable comments posted: 1

📜 Review details

Configuration used: CodeRabbit UI

Review profile: CHILL

Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between 10d21dc and 1ad5550.

📒 Files selected for processing (1)

• src/shared.ts (2 hunks)

🧰 Additional context used

📓 Path-based instructions (1)

**/*

⚙️ CodeRabbit configuration file

**/*: - Only comment on issues that would block merging — ignore minor or stylistic concerns.

• Restrict feedback to errors, security risks, or functionality-breaking problems.
• Do not post comments on code style, formatting, or non-critical improvements.
• Keep reviews short: flag only issues that make the PR unsafe to merge.
• Limit review comments to 3–5 items maximum, unless additional blockers exist.
• Group similar issues into a single comment instead of posting multiple notes.
• Skip repetition — if a pattern repeats, mention it once at a summary level only.
• Do not add general suggestions; focus strictly on merge-blocking concerns.
• If there are no critical problems, respond with minimal approval (e.g., 'Looks good'). Do not add additional review.
• Avoid line-by-line commentary unless it highlights a critical bug or security hole.
• Highlight only issues that could cause runtime errors, data loss, or severe maintainability issues.
• Ignore minor optimization opportunities — focus solely on correctness and safety.
• Provide a top-level summary of critical blockers rather than detailed per-line notes.
• Comment only when the issue must be resolved before merge — otherwise, remain silent.
• When in doubt, err on the side of fewer comments — brevity and blocking issues only.
• Avoid posting any refactoring issues

Files:

• src/shared.ts

🧠 Learnings (1)

📚 Learning: 2024-11-11T15:47:43.409Z

Learnt from: MantisClone
Repo: RequestNetwork/payments-subgraph PR: 107
File: src/singleRequestProxyFactory.ts:30-30
Timestamp: 2024-11-11T15:47:43.409Z
Learning: In `src/singleRequestProxyFactory.ts` (TypeScript), when constructing unique identifiers by concatenating strings (e.g., transaction hash and log index), prefer using string concatenation with `+` instead of template literals.

Applied to files:

• src/shared.ts