docs: updated confidential resource builder comments

[SolfataraEmit]

Description

Extending Confidential resource documentation.

Motivation and Context

Match style and detail of fungible

How Has This Been Tested?

What process can a PR reviewer use to test or verify this change?

Breaking Changes

• None
• Requires data directory to be deleted
• Other - Please specify

Summary by CodeRabbit

• New Features

  • Chainable, configurable builder for confidential fungible resources with access controls (mint, burn, recall, withdraw, deposit, freeze), token identity (symbol, image, metadata), view-key visibility, address allocation, divisibility (max 18), and authorization hooks.
  • Two-path build: create resource address without minting or create resource with an initial confidential supply and receive its bucket.

• Documentation

  • Clarified internal resource-creation note and expanded guidance on defaults, usage, and the initial-supply flow.

[coderabbitai]

Walkthrough

ConfidentialResourceBuilder expanded with new fields and many chainable configuration methods; introduces two build flows—build() (no mint) and initial_supply(ConfidentialOutputStatement) which mints confidential initial supply returning a Bucket. Adds view-key visibility, token symbol, divisibility, metadata, access/owner rules, authorization hooks, and optional address allocation. ResourceManager docs updated.

Changes

Cohort / File(s)	Summary
Confidential Resource Builder API expansion crates/template_lib/src/resource/builder/confidential.rs	Added fields (view_key, token_symbol, owner_rule, authorize_hook, address_allocation, divisibility) and new(). Added many chainable configuration methods (address allocation, view key, access rules: mintable/burnable/recallable/withdrawable/depositable/freezable/update_access_rules, token_symbol, metadata helpers, image URL, divisibility, authorization hook). Implemented two-phase build: build() returns ResourceAddress; initial_supply(ConfidentialOutputStatement) mints via MintArg::Confidential and returns a Bucket. Internal build_internal coordinates optional minting.
ResourceManager docs clarification crates/template_lib/src/resource/manager.rs	Added documentation note clarifying ResourceManager::create is an internal function used by builders; no signature or functional changes.

Sequence Diagram(s)

sequenceDiagram
  autonumber
  actor Dev as Developer
  participant CB as ConfidentialResourceBuilder
  participant RM as ResourceManager
  participant RA as ResourceAddress
  participant B as Bucket

  rect rgb(238,245,255)
  note right of Dev: Configure builder via chainable methods\n(e.g., with_view_key, with_token_symbol,\nwith_divisibility, access rules, auth hook, etc.)
  Dev->>CB: new() + with_*(...)
  end

  alt Build without initial mint
    Dev->>CB: build()
    CB->>RM: create(metadata, rules, owner, alloc, hook, divisibility, view_key, symbol)
    RM-->>CB: ResourceAddress
    CB-->>Dev: ResourceAddress
  else Build with initial supply
    Dev->>CB: initial_supply(ConfidentialOutputStatement)
    CB->>RM: create(..., MintArg::Confidential)
    RM-->>CB: (ResourceAddress, Bucket)
    CB-->>Dev: Bucket (initial confidential supply)
    note over B,Dev: Bucket contains minted confidential supply
  end

  note over CB,RM: Authorization hook (if set) may be referenced at runtime

Loading

Estimated code review effort

🎯 4 (Complex) | ⏱️ ~60 minutes

Poem

I thump the ground—new knobs to turn!
View keys peek, symbols bright and stern.
Divisibility hops—up to eighteen high,
Hooks that whisper when calls pass by.
Build or mint, two paths I choose—
A Bucket brims, or an address to use. 🥕🐇

✨ Finishing Touches

• 📝 Generate Docstrings

🧪 Generate unit tests

• Create PR with unit tests
• Post copyable unit tests in a comment

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

🪧 Tips

Chat

There are 3 ways to chat with CodeRabbit:

• Review comments: Directly reply to a review comment made by CodeRabbit. Example:
  • I pushed a fix in commit <commit_id>, please review it.
  • Open a follow-up GitHub issue for this discussion.
• Files and specific lines of code (under the "Files changed" tab): Tag @coderabbitai in a new review comment at the desired location with your query.
• PR comments: Tag @coderabbitai in a new PR comment to ask questions about the PR branch. For the best results, please provide a very specific query, as very limited context is provided in this mode. Examples:
  • @coderabbitai gather interesting stats about this repository and render them as a table. Additionally, render a pie chart showing the language distribution in the codebase.
  • @coderabbitai read the files in the src/scheduler package and generate a class diagram using mermaid and a README in the markdown format.

Support

Need help? Create a ticket on our support page for assistance with any issues or questions.

CodeRabbit Commands (Invoked using PR/Issue comments)

Type @coderabbitai help to get the list of available commands.

Other keywords and placeholders

• Add @coderabbitai ignore or @coderabbit ignore anywhere in the PR description to prevent this PR from being reviewed.
• Add @coderabbitai summary to generate the high-level summary at a specific location in the PR description.
• Add @coderabbitai anywhere in the PR title to generate the title automatically.

CodeRabbit Configuration File (.coderabbit.yaml)

• You can programmatically configure CodeRabbit by adding a .coderabbit.yaml file to the root of your repository.
• Please see the configuration documentation for more information.
• If your editor has YAML language server enabled, you can add the path at the top of this file to enable auto-completion and validation: # yaml-language-server: $schema=https://coderabbit.ai/integrations/schema.v2.json

Status, Documentation and Community

• Visit our Status Page to check the current availability of CodeRabbit.
• Visit our Documentation for detailed information on how to use CodeRabbit.
• Join our Discord Community to get help, request features, and share feedback.
• Follow us on X/Twitter for updates and announcements.

[coderabbitai]

Actionable comments posted: 1

Caution

Some comments are outside the diff and can’t be posted inline due to platform limitations.

⚠️ Outside diff range comments (2)

crates/template_lib/src/resource/manager.rs (2)

268-276: Doc correctness: wrong resource type and misleading example in mint_stealth

• The panic condition mentions ResourceType::Confidential, but this API is for stealth resources.
• The example assigns the return to bucket, but the function returns ().

These are doc correctness issues that can mislead users.

Apply this diff:

-    /// - The resource is not of type [`ResourceType::Confidential`]
+    /// - The resource is not of type [`ResourceType::Stealth`]

-    /// let bucket = resource_manager.mint_stealth(statement);
+    /// resource_manager.mint_stealth(statement);

---

669-672: Example uses engine instead of resource_manager

The example under recall_confidential references a non-existent engine variable. Use resource_manager for consistency with other examples.

Apply this diff:

-    /// let bucket = engine.recall_confidential(vault_id, commitments, revealed_amount);
+    /// let bucket = resource_manager.recall_confidential(vault_id, commitments, revealed_amount);

🧹 Nitpick comments (7)

crates/template_lib/src/resource/manager.rs (2)

133-136: Fix typos in Note and clarify internal visibility

Minor grammar and spelling issues in the new Note. Also clarify that it’s not publicly callable due to pub(crate) visibility.

Apply this diff:

-    /// # Note
-    /// 
-    /// This in an internal function that is used by the `ResourceBuilder` to create resources. You cannot publically call it.
-    /// 
+    /// # Note
+    ///
+    /// This is an internal function used by the `ResourceBuilder` to create resources. It is not publicly callable.

---

741-744: Error message nit: decoding Option type

The error string in total_supply_opt suggests decoding an Amount, but the type is Option<Amount>. Adjust the message for accuracy.

Apply this diff:

-        resp.decode().expect("[total_supply] Failed to decode Amount")
+        resp.decode().expect("[total_supply_opt] Failed to decode Option<Amount>")

crates/template_lib/src/resource/builder/confidential.rs (5)

14-58: Polish top-level builder docs: fix bracket typo and clarify Note

• Fix a stray closing ] in ConfidentialOutputStatement.
• Slightly improve phrasing for clarity.

Apply this diff:

-/// The `ConfidentialResourceBuilder` requires you to provide a [`ConfidentialOutputStatement`] if you wish to set an initial supply. 
-/// Additional supply can be minted later using the `mintable` access rule via another provided [`ConfidentialOutputStatement`]. Generation
-/// of the `ConfidentialOutputStatement`] is non-trivial; examples of creation of the statement can be found in the test cases for the
-/// `ConfidentialResourceBuilder`.
+/// The `ConfidentialResourceBuilder` requires you to provide a [`ConfidentialOutputStatement`] if you wish to set an initial supply.
+/// Additional supply can be minted later using the `mintable` access rule via another [`ConfidentialOutputStatement`].
+/// Generating a [`ConfidentialOutputStatement`] is non-trivial; examples of constructing the statement can be found
+/// in the test cases for the `ConfidentialResourceBuilder`.

---

129-137: Rustdoc header casing: “# Examples”

Use the conventional “# Examples” header in Rustdoc.

Apply this diff:

-    /// #Examples
+    /// # Examples

---

149-156: Rustdoc header casing: “# Examples”

Same header nit in the burnable section.

Apply this diff:

-    /// #Examples
+    /// # Examples

---

330-333: Grammar: “This method will panic if”

Minor grammar fix for the Panics section.

Apply this diff:

-    /// # Panics
-    /// method will panic if:
+    /// # Panics
+    /// This method will panic if:

---

111-118: Clarify immutability of the view key

Slight rephrase to make the immutability constraint explicit.

Apply this diff:

-    /// # Note
-    /// It is not currently possible to change the view key after the resource is created.
+    /// # Note
+    /// The view key is immutable; it cannot be changed after the resource is created.

📜 Review details

Configuration used: CodeRabbit UI
Review profile: CHILL
Plan: Pro

💡 Knowledge Base configuration:

• MCP integration is disabled by default for public repositories
• Jira integration is disabled by default for public repositories
• Linear integration is disabled by default for public repositories

You can enable these sources in your CodeRabbit configuration.

📥 Commits

Reviewing files that changed from the base of the PR and between e943ac1 and 1b2aa02.

📒 Files selected for processing (2)

• crates/template_lib/src/resource/builder/confidential.rs (5 hunks)
• crates/template_lib/src/resource/manager.rs (1 hunks)

🧰 Additional context used

🧬 Code Graph Analysis (1)

crates/template_lib/src/resource/builder/confidential.rs (4)

crates/template_lib/src/resource/builder/fungible.rs (11)

• with_owner_rule (80-83)
• mintable (116-119)
• burnable (135-138)
• withdrawable (183-186)
• depositable (203-206)
• update_access_rules (224-227)
• with_token_symbol (238-241)
• add_metadata (260-263)
• with_metadata (281-284)
• with_image_url (298-300)
• build (377-380)

crates/engine_types/src/resource.rs (2)

• view_key (106-108)
• metadata (183-185)

bindings/src/types/RistrettoPublicKeyBytes.ts (1)

• RistrettoPublicKeyBytes (6-6)

crates/template_lib/src/auth/access_rules.rs (5)

• mintable (272-275)
• burnable (278-281)
• withdrawable (297-300)
• depositable (303-306)
• update_access_rules (309-312)

🔇 Additional comments (2)

crates/template_lib/src/resource/builder/confidential.rs (2)

378-385: LGTM: build flow clearly described

The build path doc is clear and matches the internal helper flow. No issues.

---

387-398: LGTM: initial_supply docs are actionable

Good detail on what the ConfidentialOutputStatement must include and how to mint revealed-only outputs.

[sdbondi]

Nice thanks! Just some minor nits

[github-actions]

Test Results (CI)

0 tests  ±0   0 ✅ ±0   0s ⏱️ ±0s
0 suites ±0   0 💤 ±0 
0 files   ±0   0 ❌ ±0 

Results for commit 1fb10bd. ± Comparison against base commit 7d9e79a.

♻️ This comment has been updated with latest results.

[coderabbitai]

Actionable comments posted: 1

♻️ Duplicate comments (3)

crates/template_lib/src/resource/builder/confidential.rs (3)

41-46: Nice: example now uses ResourceBuilder::confidential().

Resolves past confusion with fungible().

---

111-118: Tighten the view-key sentence.

Minor grammar polish.

-/// The view key is [`RistrettoPublicKeyBytes`] type, that is, the compressed public key representation of the secret view key.
+/// The view key is of type [`RistrettoPublicKeyBytes`], i.e., the compressed public key representation of the secret view key.

---

162-179: Good clarification on recall semantics.

The “ALL tokens” wording removes ambiguity.

🧹 Nitpick comments (10)

crates/template_lib/src/resource/builder/confidential.rs (10)

31-34: Fix broken Markdown link and sentence flow.

Close the stray bracket and reflow the paragraph.

-/// The `ConfidentialResourceBuilder` requires you to provide a [`ConfidentialOutputStatement`] if you wish to set an initial supply. 
-/// Additional supply can be minted later using the `mintable` access rule via another provided [`ConfidentialOutputStatement`]. Generation
-/// of the `ConfidentialOutputStatement`] is non-trivial; examples of creation of the statement can be found in the test cases for the
-/// `ConfidentialResourceBuilder`.
+/// The `ConfidentialResourceBuilder` requires a [`ConfidentialOutputStatement`] if you wish to set an initial supply.
+/// Additional supply can be minted later using the `mintable` access rule via another [`ConfidentialOutputStatement`].
+/// Generation of the [`ConfidentialOutputStatement`] is non-trivial; examples can be found in the test cases for
+/// the `ConfidentialResourceBuilder`.

---

39-46: Use a safer default than allow_all in the basic example.

Recommend require_owner() to avoid copy-pasting permissive rules.

-/// use tari_template_lib::resource::builder::ResourceBuilder;
+/// use tari_template_lib::resource::builder::ResourceBuilder;
+/// use tari_template_lib::auth::AccessRule;
@@
-///     .mintable(rule!(allow_all))
+///     .mintable(AccessRule::require_owner())

---

129-137: Consistent heading + safer rule in example.

-/// #Examples
+/// # Examples
@@
-///     .mintable(rule!(allow_all))
+///     .mintable(AccessRule::require_owner())

---

148-156: Consistent heading + safer rule in example.

-/// #Examples
+/// # Examples
@@
-///     .burnable(rule!(allow_all))
+///     .burnable(AccessRule::require_owner())

---

190-204: Avoid implying amount-specificity for confidential flows.

Remove the parenthetical to prevent confusion.

-/// Allows you to pass an [`AccessRule`] that defines who can withdraw tokens (via a specified amount) from a vault.
+/// Allows you to pass an [`AccessRule`] that defines who can withdraw tokens from a vault.

---

210-224: Same here: drop amount phrasing for deposit.

-/// Allows you to pass an [`AccessRule`] that defines who can deposit tokens (via a specified amount) into a vault.
+/// Allows you to pass an [`AccessRule`] that defines who can deposit tokens into a vault.

---

199-204: Examples mix rule!(...) macro and AccessRule::... variants.

Pick one style across docs for consistency (prefer the explicit AccessRule::... APIs or the macro, but not both).

---

324-346: Polish the panic docs and heading.

-/// # Panics
-/// method will panic if:
-/// * The divisibility is greater than 18.
+/// # Panics
+/// This method will panic if the divisibility is greater than 18.

---

378-382: Grammar fix and stronger intra-doc link.

-/// Build the resource, with no initial supply and returns the `ResourceAddress` of the created resource.
+/// Builds the resource with no initial supply and returns the `ResourceAddress` of the created resource.
@@
-/// To create a resource with an initial supply, see [ResourceBuilder::initial_supply].
+/// To create a resource with an initial supply, see [`Self::initial_supply`].

---

391-397: Tighten wording; avoid “proof proving” and format range.

-/// - A valid range proof proving the output values are in range [minimum_value_promise, 2^64)
+/// - A valid range proof demonstrating the output values are in range `[minimum_value_promise, 2^64)`
@@
-/// Use [`ConfidentialOutputStatement::mint_revealed()`] to mint **revealed funds only** (no commitments). 
+/// Use [`ConfidentialOutputStatement::mint_revealed()`] to mint **revealed funds only** (no commitments).

Please confirm the method name mint_revealed() and its path are correct.

📜 Review details

Configuration used: CodeRabbit UI

Review profile: CHILL

Plan: Pro

💡 Knowledge Base configuration:

• MCP integration is disabled by default for public repositories
• Jira integration is disabled by default for public repositories
• Linear integration is disabled by default for public repositories

You can enable these sources in your CodeRabbit configuration.

📥 Commits

Reviewing files that changed from the base of the PR and between 1b2aa02 and 643571b.

📒 Files selected for processing (1)

• crates/template_lib/src/resource/builder/confidential.rs (5 hunks)

🧰 Additional context used

🧬 Code graph analysis (1)

crates/template_lib/src/resource/builder/confidential.rs (3)

crates/template_lib/src/resource/builder/fungible.rs (11)

• with_owner_rule (80-83)
• mintable (116-119)
• burnable (135-138)
• withdrawable (183-186)
• depositable (203-206)
• update_access_rules (224-227)
• with_token_symbol (238-241)
• add_metadata (260-263)
• with_metadata (281-284)
• with_image_url (298-300)
• build (377-380)

crates/engine_types/src/resource.rs (2)

• view_key (106-108)
• metadata (183-185)

crates/template_lib/src/auth/access_rules.rs (5)

• mintable (272-275)
• burnable (278-281)
• withdrawable (297-300)
• depositable (303-306)
• update_access_rules (309-312)

🔇 Additional comments (1)

crates/template_lib/src/resource/builder/confidential.rs (1)

14-28: Good docs expansion and structure.

Clear overview, defaults, and two-path build flow are well explained.

[coderabbitai]

💡 Verification agent

🧩 Analysis chain

Docs contradict earlier statement about who may update access rules.

Above (Lines 85–90) says only the owner can update after creation; here it says default is denied for all. Please align.

Suggested wording if owner is allowed by default:

-/// By default, the ability to update access rules is denied for all users. If you want to allow the owner to update
-/// the access rules, you can use `.update_access_rules(AccessRule::require_owner())`
+/// By default, only the owner may update the access rules. This function lets you override that behavior, e.g.:
+/// `.update_access_rules(AccessRule::require_owner())`

If instead default is deny-all, update the earlier owner text accordingly. To verify defaults, please run:

---

🏁 Script executed:

#!/usr/bin/env bash
set -euo pipefail
# Show DEFAULT_DIVISIBILITY value
rg -nP 'const\s+DEFAULT_DIVISIBILITY\s*:\s*u8\s*=\s*\d+' -n crates

# Inspect ResourceAccessRules::new() defaults
rg -nP 'impl\s+ResourceAccessRules\b' -n crates -C3
rg -nP 'pub\s+fn\s+new\s*\(' -n crates -C6 | sed -n '1,200p'

Length of output: 15512

---

To inspect the actual defaults in ResourceAccessRules::new(), run:

---

🏁 Script executed:

#!/usr/bin/env bash
set -euo pipefail

# Print the implementation of ResourceAccessRules::new to see default rules
sed -n '220,300p' crates/template_lib/src/auth/access_rules.rs

Length of output: 2923

---

🏁 Script executed:

#!/usr/bin/env bash
set -euo pipefail
sed -n '1,200p' crates/template_lib/src/resource/builder/confidential.rs

Length of output: 7568

---

🏁 Script executed:

#!/usr/bin/env bash
set -euo pipefail

# Show the remainder of the confidential builder to inspect update_access_rules docs
sed -n '200,360p' crates/template_lib/src/resource/builder/confidential.rs

Length of output: 6062

---

🏁 Script executed:

#!/usr/bin/env bash
set -euo pipefail

# Locate the build method in the confidential resource builder
grep -R "pub fn build" -n crates/template_lib/src/resource/builder/confidential.rs

# Print the build implementation to see how owner_rule and access_rules are applied
sed -n '360,440p' crates/template_lib/src/resource/builder/confidential.rs

Length of output: 2942

---

Align update_access_rules docs with the owner-only default

The current comment implies owners must opt in to update rules, but by default the OwnerRule already grants them access. Update the docs to reflect that only the owner may update unless overridden. For example:

-/// Sets up who can update the access rules of the resource.
-///
-/// Allows you to pass an [`AccessRule`] that defines who can update the access rules of the resource.
-///
-/// By default, the ability to update access rules is denied for all users. If you want to allow the owner to update
-/// the access rules, you can use `.update_access_rules(AccessRule::require_owner())`
+/// Sets up who can update the access rules of the resource.
+///
+/// Allows you to pass an [`AccessRule`] that defines who else (in addition to the owner) may update the rules.
+///
+/// By default, only the resource owner (per [`with_owner_rule`]) may update the access rules.
/// To grant broader permissions, for example:
+/// ```ignore
+/// ResourceBuilder::confidential()
+///     .update_access_rules(AccessRule::allow_all())
+///     .build();
+/// ```

🤖 Prompt for AI Agents

crates/template_lib/src/resource/builder/confidential.rs around lines 230 to
246: the doc comment for update_access_rules incorrectly implies owners must opt
in to update rules; change the wording to state that by default the OwnerRule
grants the owner permission to update access rules and that update_access_rules
lets callers override that (e.g., show an example calling
update_access_rules(AccessRule::allow_all()) to allow everyone), and update the
explanatory text and example accordingly so it reflects the owner-only default
rather than owner opt-in.