Enable strict null checks

[coreyar]

This PR enables strict null checks in the typescript config.

Many changes were straightforward like explicitly declaring null or undefined types or enforcing a final type from logical operators using typecasting or ternaries.

Less straightforward changes include handling a missing wallet (it could be set to null when logged out). In these cases, I wrapped logic required the existence of a value in a conditional statement. I also added a function for type narrowing to check if the transaction plan result is a success or error and added an error case for if the transaction plan wasn't executed because of a missing wallet.

[refi93]

I would rather keep this as HexString | null and modify the upstream code to pass such values instead of undefined, so it's clear where such potentially undefined values enter our logic and that we handle them properly, reducing the risk of bugs due to accidentally omitting some parameter only for it to end up as undefined without us noticing

[refi93]

I would rather extract this apparently repeated logic into a getWalletOrThrow() helper function which would be guaranteed to return the wallet object, making the places where we invoke it less cluttered with checks that shouldn't really trigger at runtime unless there's a bug in which case we want to notice it asap

[refi93]

the wallet object shouldn't be undefined/null here, otherwise it could lead to inonsistent behavior down the line. The original code would just fail so I wouldn't be worried to throw instead of trying to handle it "gracefully".

As suggested in another comment, I'd rather introduce a getWalletOrThrow() method which would assert that the wallet is properly loaded, de-cluttering the downstream logic from having to handle a case that shouldn't happen unless there's a bug in which case getting an error as early as possible seems beneficial

[refi93]

This overriding of potentially undefined values with empty ones seems fragile and I'd have a hard time reasoning about the possible consequences of it. I think it can be rewritten more sensibly like this:

    const selectedPool = state.shelleyDelegation?.selectedPool
    const poolInfo = (!selectedPool?.name && selectedPool?.url) ?
      (await getWallet()?.getPoolInfo(selectedPool?.url))
      : null

    if (hasPoolIdentifiersChanged(state)) {
      return
    }
    const newState = getState()
    setState({
      shelleyDelegation: {
        ...state.shelleyDelegation,
        selectedPool: selectedPool ? {
          ...selectedPool,
          ...poolInfo,
        } : null,

@PeterBenc please check if I'm not missing anything by any chance as I think you were originally working on this

[PeterBenc]

Yeah I agree, we shouldn't overide the values, that handled in stakePoolInfo.tsx file, What @refi93 proposes should imho work as expected so I am curious what was the reason to change the previous behavior, the difference being only doing ...null instead of ...{} which should be the same.

[coreyar]

The problem was that type for Stakepool doesn't have any optional properties. As it was written if the poolInfo or selectedPool can't be fetched or doesn't exist then you end up with an empty object. I was thinking it would be better to have defaults than to type all the properties as optional.

I am updating with the solution proposed by @refi93 because it does make more sense

[refi93]

Thanks a lot @coreyar for your PR and sorry for the late feedback, we were quite busy last week. I left a few comments/suggestions which I believe should simplify the solution

[refi93]

I would rather replace the one-line helper with its explicit implementation as it doesn't really simplify the logic, but it arguably adds one more layer of indirection to whoever wants to understand what this check does. Also it seems a bit weird for a function that seems to expect a tx plan to also allow null/undefined and hide it in its signature, possibly misleading someone casually checking this code that the tx plan must be defined

[refi93]

auxiliaryDataSupplement shouldn't really be undefined here, by the contract of the function called it should exist (check docs https://github.com/trezor/connect/blob/develop/docs/methods/cardanoSignTransaction.md#catalyst-voting-key-registration), so I'd rather add here a runtime assertion on auxiliaryDataSupplement being defined (!= null) and pass auxiliaryDataSupplement.auxiliaryDataHash

[coreyar]

I am seeing in the docs that it can be undefined https://github.com/trezor/connect/blob/2955b5ef92a3c77ccf3b1353f74f37fa4a2ff337/docs/methods/cardanoSignTransaction.md#flowtype-1

I can still replace it with a runtime assertion

[refi93]

yes, indeed the docs aren't very clear on that now that I checked it deeper, sorry for the confusion, but it's supposed to be defined anyway for catalyst registrations and if not, this code wouldn't work as we need these data in such case. So a runtime assertion makes sense

[refi93]

same as in trezor crypto provider, related ledgerjs docs: https://vacuumlabs.github.io/ledgerjs-cardano-shelley/4.0.0/index.html#txauxiliarydata

[refi93]

I see in the upstream logic you relaxed the type of the signatureHex parameter, but it actually should always be defined

[coreyar]

I allowed for this to be undefined because it is called with auxiliaryDataSupplement.catalystSignature as the value for signatureHex which can be undefined

https://github.com/trezor/connect/blob/2955b5ef92a3c77ccf3b1353f74f37fa4a2ff337/src/ts/types/networks/cardano.d.ts#L201

I can keep this type as defined and add a runtime check for where it is called with the undefined value

[refi93]

as explained in #1192 (comment) let's add a runtime check 👍

[refi93]

this code should not deal with any other ledger transport type than the ones handled here (webhid, u2f, webusb) and should throw in such case, so it should either throw or return a proper Transport. The "default" option matters really just for the UI. I would propose refactoring it, even within this PR as it shouldn't be much work and would be less confusing than relaxing the type signature of this function. Here is how I' approach it:

1. Introduce a LedgerTransportChoice type which would be equivalent to the current LedgerTransportType and rename all existing instances in the code to LedgerTransportChoice
2. introduce type LedgerTransportType = Exclude<LedgerTransportChoice, LedgerTransportChoice.DEFAULT> and migrate from LedgerTransportChoice to LedgerTransportType in getLedgerTransport() output type and getDefaultLedgerTransportType() function and anything that is impacted by that
3. getLedgerTransport() now can be refactored to return assertUnreachable in the default branch of the switch statement

[coreyar]

@refi93 Thank you for the feedback. I have updated the PR with your feedback and left comments where clarification was needed.

[refi93]

getWalletOrThrow() should ensure that the wallet is defined

Suggested change

	? await wallet?.getAccountsInfo(state.validStakepoolDataProvider)
	? await wallet.getAccountsInfo(state.validStakepoolDataProvider)

[refi93]

I see that getWallet() is not used anymore anywhere else (sorry I originally thought we legitimately check somewhere whether the wallet is loaded or not, but apparently not), so I'd rather rename getWalletOrThrow() to getWallet() and get rid of the old getWallet() function that wasn't checking whether the wallet is ready as the OrThrow suffix is arguably just exposing a lower-level concern than the callers would care about most of the time

[refi93]

getSourceAccountInfo() should throw if there's no source account, the original code would fail anyway if the source account isn't defined, so I'd add the assertion right in the declaration of getSourceAccountInfo() rather than relaxing the type of tokenBalance and adding an arguably redundant fallback to zero below

[refi93]

The AccountInfo.shelleyBalances type can be updated to have its properties non-optional as the places where it's set is set to a number always anyway, making this type broadening to accept undefined redunant

[refi93]

I'd rather keep the interface of this function oblivious to the fact screenType might be undefined and move the concern of handling that to the caller as they should have the context to determine if that's a valid case or not and handle that more cleanly

[coreyar]

This could also be handled by setting a default value for the state managed by the useViewport hook. Which would be similar to setting a fallback when the caller checks if the value is undefined or not.

[refi93]

rather than nesting the logic under this condition, I'd put here a runtime assertion that stakingAddress must not be null as the original logic apparently relied on that and I don't see it working properly without that assumption being fulfilled and it doesn't really make sense to delegate without the staking address being set

[coreyar]

Since this logic will be repeated in four places does it make sense to throw this error in prepareTxPlan and relax the stakingAddress type in the signature?

[refi93]

I looked deeper into that and the only place where we set the stakingKey to null is the initial state of the app where we set an initial value to the accountsInfo property, but that doesn't really make sense. Let's just set accountsInfo there to an empty array and then we should be good to enforce that stakingAddress must be always defined

I mean here:

adalite/app/frontend/state.ts

Line 223 in 3119857

accountsInfo: [

Do you see some reason @PeterBenc why we would have to set some default "null" account in the initial state of the app, or is that actually just legacy from the times when we had a single account in the state?

[PeterBenc]

Agreed, I dont see any reason why accountInfos cant be initially []. Its not used until the wallet is loaded and then just assigned.

BUT, I think I remember that setting account info to [] was actually a problem when logging out. I think that after logging out, some components still (for a brief moment I guess) "used" accountInfos[state.activeAccount] and accessed its keys so errors like cant... something of undefined popped up and the page crashed. Surely that probably points to an issue on its own.

So that was probably the reason for keeping it the way it is now, but I just tried setting it to [] and it works as expected. So I guess I either remember it wrong the issue causing it got fixed.

Anyway, just something to consider but a bit unrelated to this, having the initial accountsInfo as [] seem to work and makes sense.

[refi93]

same as https://github.com/vacuumlabs/adalite/pull/1192/files#r741304487

[refi93]

same as https://github.com/vacuumlabs/adalite/pull/1192/files#r741304487

[refi93]

same as https://github.com/vacuumlabs/adalite/pull/1192/files#r741304487

[refi93]

Overriding the value to an empty string seems really fragile. I checked the TxStakepoolOwner type and it doesn't really make sense for it to have one optional property and nothing else, and changing it to :

export type TxStakepoolOwner = {
  stakingKeyHashHex: string
}

worked, removing the need to handle its undefinedness. The parseStakepoolOwners function where these owners come from apparently always returns them, so the original TxStakepoolOwner type was apparently just too broad, probably as legacy from some earlier state when there were multiple optional properties in the object

[refi93]

same as https://github.com/vacuumlabs/adalite/pull/1192/files#r741308487

[refi93]

same as https://github.com/vacuumlabs/adalite/pull/1192/files#r741308487

[refi93]

this fallback to empty string seems very fragile and should no longer be needed

[refi93]

this fallback to empty string shouldn't be needed

[refi93]

byron witnesses should have a chain code, so this fallback to empty string is really fragile. A runtime asserttion would be more sensible

[refi93]

rather than fallback to empty string which if triggered would break the code unpredictably, please put here a runtime assertion

[refi93]

I'd rather put here a runtime assertion that this xpubHex exists - if it wouldn't, this code would break unpredictably

[refi93]

this fallback to empty string should no longer be needed

[refi93]

Suggested change

	(acc, elem) => acc + parseInt(elem?.caBalance.getCoin || '', 10),
	(acc, elem) => acc + parseInt(elem?.caBalance.getCoin || '0', 10),

[refi93]

I would rather make this function accept only a defined votingKey and let the upstream logic handle the case when it isn't (if it can actually happen at all)

[refi93]

this fallback to empty string seems really fragile as it is apparently a required property as per the type signature. A runtime assertion on the property being defined would be more sensible, same below

[refi93]

same as https://github.com/vacuumlabs/adalite/pull/1192/files#r741308487

[refi93]

same as https://github.com/vacuumlabs/adalite/pull/1192/files#r741308487

[refi93]

non-null policyId doesn't make sense for ADA asse. The type of DropdownAssetItem should rather be fixed to have policyId as null for this case and as not-null for the case when the type is AssetFamily.TOKEN, leveraging possibly type union

[refi93]

@coreyar I tried running the wallet with yarn dev and I got a wallet is not loaded error in the console and a white screen, so it seems that the assertion doesn't work everywhere it was put, here's the stacktrace:

Uncaught Error: Wallet is not loaded
    getWalletOrThrow wallet.ts:41
    default wallet.ts:54
    default reloadWallet.ts:10
    default transaction.ts:32
    default delegate.ts:24
    default accounts.ts:15
    default actions.ts:18
    mapActions util.js:9
    Preact 20
    reload walletApp.js:98
    js walletApp.js:105
    Webpack 6

[coreyar]

@coreyar I tried running the wallet with yarn dev and I got a wallet is not loaded error in the console and a white screen, so it seems that the assertion doesn't work everywhere it was put, here's the stacktrace:

Uncaught Error: Wallet is not loaded
    getWalletOrThrow wallet.ts:41
    default wallet.ts:54
    default reloadWallet.ts:10
    default transaction.ts:32
    default delegate.ts:24
    default accounts.ts:15
    default actions.ts:18
    mapActions util.js:9
    Preact 20
    reload walletApp.js:98
    js walletApp.js:105
    Webpack 6

Ok, I am not seeing any webpack errors building right now but let me investigate. I've pushed updates to the comments left so far

[coreyar]

@refi93 I found the error. The wallet was being loaded in an outer scope but used in the scope of inner functions. I solved this by fetching the wallet inside the functions where it is used so that it isn't prematurely loaded

Update: I'm testing to see how this update affects other parts of the application

[coreyar]

I left the null checks in loadWallet because if cryptoProvider isn't fetched then the wallet won't be created so it could be null. Another option would be to wrap all the subsequent logic in the cryptoProvider conditional block or wrap it in another block checking for the wallet.

It isn't absolutely necessary because it is wrapped in a try block with the catch setting an error that the wallet couldn't be loaded.

[refi93]

for these runtime errors I would rather use a standard assert(condition) statement - these shouldn't really happen at runtime and should rather be "technical" assertions and are more concise than "if ... then ... throw".

We have an assert() function in our codebase which was used in tests so far but should be usable here as well

[refi93]

ok let's do it like this - this PR should already be close enough to what we want but needs further refinements and testing to tackle edge-cases that may not be as obvious and it would be more efficient for us to finish that, so I'd merge this to a enable-strict-null-checks branch in adalite repo and make he refinements there and then merge it to our develop branch

[coreyar]

@refi93 Sounds good. I've got time to pickup another issue if that would be helpful

[refi93]

Thanks a lot @coreyar for your contribution, here's the follow up PR #1206 where we'd refactor it/fix it a bit more so it can be merged

[refi93]

@coreyar great! - one issue that has been limiting us for a while is this one: #867 - currently the amounts are ordinary JS numbers which breaks as soon as you work with values bigger than max safe integer in JS which can happen especially with cardano tokens

Another, smaller issue that comes to my mind is this one: #1086

[refi93]

The biginit migration would be pretty big, it probably makes sense to do so in several "layers", going from the innermost logic to the outermost one (or vice versa), if you choose to do it, so it can be split into multiple smaller PRs

[refi93]

@coreyar another small issue worth doing can be this one: #1056