add AN compatibility for v0.44.14 - restrict only EOAs

[j1010001]

adding AN compatibility on top of: #8272, commit: c3c07a7

Summary by CodeRabbit

• New Features

  • Added account restriction mechanism to prevent restricted accounts from executing transactions.
  • Introduced restricted EOA detection for EVM transactions.
  • Added service account authorization overrides for enhanced security control.
  • Implemented SetCodeAuthorization support for EIP-7702 compatibility.

• Bug Fixes

  • Improved transaction error handling with standardized error conversion.
  • Enhanced balance validation and withdrawal mechanics for EVM.
  • Updated authorization verification and signature processing.

• Updates

  • Updated version to v2.7.1 and core dependencies.
  • Expanded test coverage for error scenarios and edge cases.

_{✏️ Tip: You can customize this high-level summary in your review settings.}

[coderabbitai]

Caution

Review failed

Failed to post review comments

📝 Walkthrough

Walkthrough

This PR introduces account and EOA restriction mechanisms for the Flow network, adds a computation metering framework with remaining capacity tracking, updates EVM withdrawal validation logic, refactors transaction verification with service account override support, and bumps multiple dependencies. It also updates linter tooling and expands test coverage significantly.

Changes

Cohort / File(s)	Summary
Linter & CI Configuration .custom-gcl.yml, .github/workflows/ci.yml, .golangci.yml	Updated golangci-lint-action from v6 to v9 with new version pinning (v2.7.1), refactored linter config to enable selective linters (gosec, staticcheck, structwrite) with explicit rules, added formatters section for goimports/gci, and reorganized exclusions.
Computation Meter Framework fvm/meter/computation_meter.go, fvm/environment/meter.go, fvm/environment/mock/meter.go, fvm/evm/testutils/backend.go, fvm/storage/state/execution_state.go, fvm/storage/state/transaction_state.go, cmd/util/ledger/util/nop_meter.go	Added new ComputationRemaining(kind) method across Meter interface and implementations, returning remaining computation capacity; delegates to txnState or returns MaxUint64 when unmetered.
Account Restriction System fvm/blueprints/contracts.go, fvm/environment/contract_updater.go, fvm/environment/contract_updater_test.go, fvm/environment/env.go, fvm/environment/mock/contract_updater.go, fvm/environment/mock/contract_updater_stubs.go, fvm/environment/mock/environment.go, fvm/transactionInvoker.go, fvm/transactionStorageLimiter.go, fvm/transactionStorageLimiter_test.go, module/trace/constants.go	Introduced GetRestrictedAccounts() interface method on ContractUpdater and Environment, implemented retrieval from service account storage, added storage limit checks to reject transactions from restricted accounts (except when payer is service account), and added tracing spans.
Account Restriction Error Handling fvm/errors/codes.go, fvm/errors/execution.go	Added ErrCodeAccountIsRestrictedError (1119) and NewAccountRestrictedError() constructor for account restriction violations.
EVM Restricted EOAs fvm/evm/emulator/emulator.go, fvm/evm/emulator/emulator_test.go, fvm/evm/emulator/restricted_eoa_test.go	Introduced restrictedEOAs list and enforcement in transaction processing; rejects transactions from restricted EOAs in RunTransaction and BatchRunTransactions; refactored value conversion from convertAndCheckValue to checkAndConvertValue with new return signature.
EVM Withdrawal & Balance Validation fvm/evm/types/balance.go, fvm/evm/types/errors.go, fvm/evm/impl/impl.go, fvm/evm/stdlib/contract.cdc, fvm/evm/stdlib/contract_test.go, fvm/evm/handler/handler.go, fvm/evm/handler/handler_test.go	Added AttoFlowBalanceIsValidForFlowVault() validation function, updated minimum balance threshold from 10nF to 1e10 attoFlow, replaced balance rounding error messages, integrated overflow checking via uint256.FromBig, changed withdrawal amount validation logic, and incremented per-transaction gas checks instead of batch-wide accumulation.
EVM SetCodeAuthorizations (EIP-7702) fvm/evm/types/call.go, fvm/evm/offchain/query/view.go, fvm/evm/offchain/query/view_test.go	Added setCodeAuthorizations field to DirectCall, implemented SetCodeAuthorizations() setter, extended DryCall signature to accept authList parameter and propagate to Message.
EVM Environment Integration fvm/evm/backends/wrappedEnv.go	Added ComputationRemaining(kind) delegation to wrapped environment.
EVM State & Collections fvm/evm/emulator/state/collection.go	Updated ByteStringValue.Storable() to accept maxInlineSize as uint32 instead of uint64, removed redundant cast.
Result Type Updates fvm/evm/types/result.go	Refactored NewInvalidResult() signature from (tx *gethTypes.Transaction, err) to (txType uint8, txHash gethCommon.Hash, err), requiring callers to supply explicit transaction identity.
Transaction Verification & Service Account Override fvm/transactionVerifier.go	Added chain parameter to CheckAuthorization() and verifyTransaction(), implemented serviceAccountOverride conditional path that filters signatures to service account only when first authorizer equals service address and payer/proposer equal service address, bypassing per-authorizer weight checks for non-service accounts in override scenario.
Transaction Info Processing fvm/environment/transaction_info.go	Refactored authorizer address conversion from MustBytesToAddress() to direct common.Address() cast, changed isServiceAccountAuthorizer initialization placement.
Version Control engine/common/version/version_control.go	Added new version entries (0.37.11, 0.42.3, 0.44.0, 0.44.1, 0.44.7, 0.44.10, 0.44.14) to defaultCompatibilityOverrides.
Execution Node Transaction Provider engine/access/rpc/backend/transactions/provider/execution_node.go	Added three public methods: TransactionsByBlockID(), TransactionResultsByBlockID(), and ScheduledTransactionsByBlockID(); standardized error handling via rpc.ConvertError.
Transaction Provider Tests engine/access/rpc/backend/transactions/transactions_functional_test.go	Added error path tests for EN failures (TestTransactionResultByIndex_ExecutionNode_Errors, TestTransactionsByBlockID_ExecutionNode_Errors, TestScheduledTransactionsByBlockID_ExecutionNode_Errors); introduced helper methods setupExecutionGetEventsRequest(Failed).
State Synchronization module/state_synchronization/indexer/indexer_core.go, module/state_synchronization/indexer/indexer_core_test.go	Added ErrAlreadyExists handling during block/protocol data commit to support reindexing paths; expanded mock setup with MatchLock matchers and new reindexing test scenario.
Machine Account Validation module/epochs/machine_account.go, module/epochs/machine_account_test.go	Removed SoftMinBalance fields from MachineAccountValidatorConfig, unified balance checks to single minimum threshold, updated error messages with specific refill amounts using cdcRecommendedMinBalance values.
System Collection & Versioning model/access/systemcollection/system_collection.go, model/access/systemcollection/system_collection_test.go	Added Mainnet height-based version mapping (height 0 → Version0, height 133408444 → Version1); updated Testnet height and test structure.
Execution Bootstrap Tests engine/execution/state/bootstrap/bootstrap_test.go	Updated expected state commitment values for TestBootstrapLedger_ZeroTokenSupply and TestBootstrapLedger_EmptyTransaction.
FVM Tests fvm/fvm_blockcontext_test.go, fvm/fvm_test.go, fvm/evm/evm_test.go	Added TestServiceAccountOverrides for authorizer override behavior; added TestAccountRestricting for account restriction enforcement; expanded TestCadenceOwnedAccountFunctionalities with comprehensive withdrawal scenarios (rounding, minimum, boundary, overflow); added EVM gas overflow batch test.
Utility & Test Fixtures utils/unittest/execution_state.go, utils/unittest/fixtures.go, utils/unittest/mocks/matchers.go	Updated GenesisStateCommitmentHex and genesisCommitHexByChainID values; changed MachineAccountFixture balance from 0.5 to 5.0 FLOW; added MatchLock(lock) matcher function for lock-based mock assertions.
Dependency Updates go.mod, insecure/go.mod, integration/go.mod	Bumped multiple dependencies: cbor/v2 to v2.9.1, atree to v0.12.0, cadence to v1.8.10, otel packages to v1.38.0, golang.org/x/{crypto,sync,sys,text,tools} to newer versions; added golang.org/x/telemetry as indirect.

Sequence Diagram(s)

Not applicable. While the changes introduce new features (account restrictions, service account override, computation metering), the modifications are primarily interface additions, validation checks, and logic adjustments scattered across multiple files rather than cohesive multi-component flows. The control flow changes are localized and don't form a clear sequence requiring visualization.

Estimated code review effort

🎯 4 (Complex) | ⏱️ ~75 minutes

Possibly related PRs

• [Access] Add compatibility override for v0.44.7 #8281: Overlapping changes including identical .custom-gcl.yml version bump, same golangci-lint action update, and numerous matching method additions across fvm/meter and environment files indicate coordinated tooling and metering updates.
• [Access] Add endpoints to get transaction and results by block #8240: Introduces REST endpoints and backend handlers for fetching transactions/results by block, directly complementing this PR's addition of TransactionsByBlockID(), TransactionResultsByBlockID(), and ScheduledTransactionsByBlockID() provider methods.

Suggested reviewers

• illia-malachyn
• peterargue
• vishalchangrani

---

🐰 Hops excitedly through the code gardens

New restrictions bloom where accounts once roamed free,
Computation meters measure what shall be—
Service accounts now hold override decree,
While withdrawal validations guarantee stability! ✨
Adjusts whiskers with mathematical precision

Pre-merge checks and finishing touches

❌ Failed checks (1 warning)

Check name	Status	Explanation	Resolution
Docstring Coverage	⚠️ Warning	Docstring coverage is 30.00% which is insufficient. The required threshold is 80.00%.	You can run @coderabbitai generate docstrings to improve docstring coverage.

✅ Passed checks (2 passed)

Check name	Status	Explanation
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.
Title check	✅ Passed	The title clearly summarizes the main change: adding compatibility for v0.44.14 with a restriction mechanism for EOAs (externally owned accounts) on the access network.

✨ Finishing touches

• 📝 Generate docstrings

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}