test: enable force inclusion, re-enable fi e2e and add fi benchmarks

[julienrbrt]

ref: #2965 (comment)
ref: #2982 (comment)

[github-actions]

The latest Buf updates on your PR. Results from workflow CI / buf-check (pull_request).

Build	Format	Lint	Breaking	Updated (UTC)
✅ passed	⏩ skipped	✅ passed	✅ passed	Jan 28, 2026, 2:38 PM

[gemini-code-assist]

Summary of Changes

Hello @julienrbrt, I'm Gemini Code Assist¹! I'm currently reviewing this pull request and will post my feedback shortly. In the meantime, here's a summary to help you and other reviewers quickly get up to speed!

This pull request focuses on enabling and validating the 'force inclusion' functionality within the system. It removes a previous block in the configuration validation that prevented the feature from being active and subsequently re-enables the comprehensive suite of end-to-end tests designed to verify its correct operation across various EVM components.

Highlights

• Force Inclusion Feature Activation: The 'forced inclusion' feature has been activated by removing a temporary error message that previously prevented its use in pkg/config/config.go. The configuration now correctly validates the ForcedInclusionNamespace.
• E2E Tests Re-enabled: All end-to-end tests related to EVM force inclusion, including sequencer, full node, and malicious sequencer scenarios, have been re-enabled in test/e2e/evm_force_inclusion_e2e_test.go by removing t.Skip() directives.

🧠 New Feature in Public Preview: You can now enable Memory to help Gemini Code Assist learn from your team's feedback. This makes future code reviews more consistent and personalized to your project's style. Click here to enable Memory in your admin console.

Using Gemini Code Assist

The full guide for Gemini Code Assist can be found on our documentation page, here are some quick tips.

Invoking Gemini

You can request assistance from Gemini at any point by creating a comment using either /gemini <command> or @gemini-code-assist <command>. Below is a summary of the supported commands on the current page.

Feature	Command	Description
Code Review	/gemini review	Performs a code review for the current pull request in its current state.
Pull Request Summary	/gemini summary	Provides a summary of the current pull request in its current state.
Comment	@gemini-code-assist	Responds in comments when explicitly tagged, both in pull request comments and review comments.
Help	/gemini help	Displays a list of available commands.

Customization

To customize Gemini Code Assist for GitHub experience, repository maintainers can create a configuration file and/or provide a custom code review style guide (such as PEP-8 for Python) by creating and adding files to a .gemini/ folder in the base of the repository. Detailed instructions can be found here.

Limitations & Feedback

Gemini Code Assist may make mistakes. Please leave feedback on any instances where its feedback is incorrect or counter productive. You can react with 👍 and 👎 on @gemini-code-assist comments. If you're interested in giving your feedback about your experience with Gemini Code Assist for Github and other Google products, sign up here.

You can also get AI-powered code generation, chat, as well as code reviews directly in the IDE at no cost with the Gemini Code Assist IDE Extension.

Footnotes

1. Review the Privacy Notices, Generative AI Prohibited Use Policy, Terms of Service, and learn how to configure Gemini Code Assist in GitHub here. Gemini can make mistakes, so double check it and use code with caution. ↩

[claude]

Claude finished @julienrbrt's task in 2m 14s —— View job

---

Code Review Complete

I've reviewed PR #3005 which enables force inclusion functionality, re-enables E2E tests, and adds comprehensive benchmarks.

Summary of Changes

• Configuration (pkg/config/config.go): Removed temporary block preventing force inclusion
• Benchmarks (execution/evm/filter_bench_test.go): Added 297 lines of benchmark tests
• E2E Tests (test/e2e/evm_force_inclusion_e2e_test.go): Re-enabled 2 tests, kept 1 skipped pending PR feat(syncer): verify force inclusion for p2p blocks #2963
• Cleanup (block/internal/executing/executor.go): Removed unused IsSynced method (9 lines)

---

Detailed Review Findings

✅ Strengths

1. Configuration Change (pkg/config/config.go:365-369)

   • Clean activation of force inclusion feature
   • Proper namespace validation restored
   • Clear error messages maintained

2. Benchmark Coverage (execution/evm/filter_bench_test.go)

   • Comprehensive test scenarios covering the performance-critical FilterTxs method
   • Tests both optimization paths: with/without hasForceIncludedTransaction flag
   • Includes edge cases: invalid transactions, gas limits, size limits
   • Well-structured with helper functions for test data generation
   • Good use of sub-benchmarks for different transaction counts (100, 1k, 10k)

3. E2E Test Updates

   • Tests appropriately re-enabled now that the feature is active
   • Malicious sequencer test properly skipped with clear reference to blocking PR
   • P2P configuration correctly updated from rollkit flags to evnode flags (consistency improvement)

4. Code Cleanup

   • Removed dead code (IsSynced method) that was superseded by IsSyncedWithRaft
   • Clean commit history with focused changes

---

Issues & Recommendations

🔴 Critical

None identified.

🟡 Moderate

1. Hardcoded Private Key in Benchmark (execution/evm/filter_bench_test.go:18)

   const (
       benchPrivateKey = "cece4f25ac74deb1468965160c7185e07dff413f23fcadb611b05ca37ab0a52e"

   • Issue: While this is test code, hardcoded private keys should be clearly marked as test-only
   • Recommendation: Add a comment like // Test-only private key - DO NOT use in production
   • Severity: Low (test code only, but sets a pattern)

2. Benchmark Store Configuration (execution/evm/filter_bench_test.go:25-32)

   func createBenchClient(b *testing.B) *EngineClient {
       baseStore := dssync.MutexWrap(ds.NewMapDatastore())
       store := NewEVMStore(baseStore)
       client := &EngineClient{
           store: store,
       }
       return client
   }

   • Issue: Creates incomplete EngineClient with only store field populated
   • Impact: Works for FilterTxs but could cause panics if benchmarks evolve
   • Recommendation: Either initialize all required fields or add a comment explaining which fields are needed

3. Unused Parameter in Function Comment (execution/evm/filter_bench_test.go:90)

   // forcedRatio is the percentage of transactions that are "forced" (could include invalid ones).
   func generateMixedTransactionBatch(b *testing.B, count int, gasLimit uint64, includeInvalid bool)

   • Issue: Comment mentions forcedRatio but parameter is named includeInvalid with different semantics
   • Fix: Update comment to match actual implementation (10% invalid when includeInvalid is true)

4. Missing Test Coverage Documentation

   • Observation: PR title mentions "add fi benchmarks" but doesn't explain why these benchmarks matter
   • Context: The benchmarks measure the performance impact of the hasForceIncludedTransaction optimization path
   • Recommendation: Add a package-level comment explaining:

     // Package evm benchmarks test the performance impact of force inclusion on transaction filtering.
     // Key insight: When hasForceIncludedTransaction=true, UnmarshalBinary is called for every tx,
     // which has measurable overhead on high-throughput scenarios (10k+ txs).

🟢 Minor / Style

5. E2E Test P2P Configuration Change (test/e2e/evm_force_inclusion_e2e_test.go:357-358)

   • Change: Switched from --rollkit.p2p.* to --evnode.p2p.*
   • Note: This is a consistency improvement (as mentioned in review comments)
   • Recommendation: Consider doing this consistently across all E2E tests in a separate cleanup PR

6. Benchmark Naming Convention (execution/evm/filter_bench_test.go:109-114)

   func benchName(n int) string {
       if n >= 1000 {
           return fmt.Sprintf("%dk", n/1000)
       }
       return fmt.Sprintf("%d", n)
   }

   • Good practice: Custom naming for readability
   • Minor: Consider handling edge case where n % 1000 != 0 (e.g., 1500 → "1.5k")

---

Test Coverage Assessment

Re-enabled Tests

• ✅ TestEvmSequencerForceInclusionE2E: Tests sequencer with force inclusion server
• ✅ TestEvmFullNodeForceInclusionE2E: Tests full node syncing forced inclusion txs
• ⏸️ TestEvmSyncerMaliciousSequencerForceInclusionE2E: Skipped pending PR feat(syncer): verify force inclusion for p2p blocks #2963 (P2P block sync)

Benchmark Scenarios

1. Performance baseline: Normal txs without forced inclusion (no unmarshaling)
2. Performance with FI: All txs with forced inclusion (full unmarshaling)
3. Error handling: Mixed valid/invalid transactions (10% invalid)
4. Resource limits: Gas limit enforcement, size limit enforcement
5. Direct comparison: Side-by-side overhead measurement

Coverage Grade: Excellent - benchmarks thoroughly test the optimization path introduced for force inclusion.

---

Security Review

1. Namespace Validation: ✅ Properly validates forced inclusion namespace format
2. Test Credentials: ⚠️ Hardcoded test key should be clearly marked (see issue ABCI interface #1)
3. Error Handling: ✅ Invalid transactions properly filtered in benchmarks
4. Configuration: ✅ No security regressions from enabling the feature

---

Performance Considerations

The benchmarks specifically test the performance-critical concern with force inclusion:

• Without FI: Mempool txs are pre-validated, so FilterTxs just counts bytes/gas
• With FI: Must call UnmarshalBinary on every tx to validate DA-sourced transactions
• Impact: Expected overhead on high-throughput scenarios (measured by benchmarks)
• Justification: Security requirement - forced inclusion txs from DA must be validated

Recommendation: Run these benchmarks on CI to track performance regressions over time.

---

Code Quality

• ✅ Idiomatic Go: All code follows Go conventions
• ✅ Error Handling: Consistent error wrapping and logging
• ✅ Testing: Comprehensive benchmark coverage
• ✅ Documentation: Test comments explain scenarios well
• ⚠️ Minor issues: See recommendations above

---

Conclusion

This is a well-executed PR that:

1. ✅ Properly enables a previously blocked feature
2. ✅ Adds excellent benchmark coverage for performance-critical code paths
3. ✅ Re-enables appropriate E2E tests with proper skip reasons
4. ✅ Includes necessary cleanup of dead code

Recommendation: Approve with minor suggestions

The identified issues are all minor (documentation, comments) and don't block merging. Consider addressing them in a follow-up if preferred.

Action Items (Optional)

• Add clarifying comment to hardcoded test private key
• Fix generateMixedTransactionBatch comment to match implementation
• Add package-level doc explaining benchmark purpose
• Consider running benchmarks on CI for regression tracking

---

[gemini-code-assist]

Code Review

This pull request enables the force inclusion feature. The changes in pkg/config/config.go correctly re-enable the validation logic for the forced inclusion namespace, and the changes in test/e2e/evm_force_inclusion_e2e_test.go re-enable the end-to-end tests for this feature by removing t.Skip() calls. The changes are straightforward and effectively achieve the goal of activating the force inclusion functionality and its associated tests. The pull request title also mentions the addition of force inclusion benchmarks, but no new benchmark files were found in the changes; this might be planned for a subsequent pull request.

[codecov]

Codecov Report

❌ Patch coverage is 0% with 2 lines in your changes missing coverage. Please review.
✅ Project coverage is 55.56%. Comparing base (1b69313) to head (aafa4e8).
⚠️ Report is 6 commits behind head on main.

Files with missing lines	Patch %	Lines
pkg/config/config.go	0.00%	2 Missing ⚠️

Additional details and impacted files

@@            Coverage Diff             @@
##             main    #3005      +/-   ##
==========================================
- Coverage   55.57%   55.56%   -0.01%     
==========================================
  Files         116      116              
  Lines       11477    11473       -4     
==========================================
- Hits         6378     6375       -3     
+ Misses       4400     4399       -1     
  Partials      699      699              

Flag	Coverage Δ
combined	55.56% <0.00%> (-0.01%)	⬇️

Flags with carried forward coverage won't be shown. Click here to find out more.

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:

• ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.

[julienrbrt]

@chatton, I don't seem to manage to make them connect. Am I missing something obvious?

[chatton]

the setupMaliciousSequencer is returning the sequencer jwt token, not the full node one, inside it discards the fullnode jwt

jwtSecret, _, genesisHash, endpoints := setupCommonEVMTest(t, sut, true)

[chatton]

diff --git a/test/e2e/evm_force_inclusion_e2e_test.go b/test/e2e/evm_force_inclusion_e2e_test.go
index 40592848..1c8722be 100644
--- a/test/e2e/evm_force_inclusion_e2e_test.go
+++ b/test/e2e/evm_force_inclusion_e2e_test.go
@@ -284,7 +284,7 @@ func setupMaliciousSequencer(t *testing.T, sut *SystemUnderTest, nodeHome string
        t.Helper()

        // Use common setup with full node support
-       jwtSecret, _, genesisHash, endpoints := setupCommonEVMTest(t, sut, true)
+       jwtSecret, fullNodeJwtSecret, genesisHash, endpoints := setupCommonEVMTest(t, sut, true)

        passphraseFile := createPassphraseFile(t, nodeHome)
        jwtSecretFile := createJWTSecretFile(t, nodeHome, jwtSecret)
@@ -321,7 +321,7 @@ func setupMaliciousSequencer(t *testing.T, sut *SystemUnderTest, nodeHome string
        sut.ExecCmd(evmSingleBinaryPath, seqArgs...)
        sut.AwaitNodeUp(t, endpoints.GetRollkitRPCAddress(), NodeStartupTimeout)

-       return genesisHash, jwtSecret, endpoints
+       return genesisHash, fullNodeJwtSecret, endpoints
 }

[julienrbrt]

Thanks <3

[julienrbrt]

The malicious test passing is blocked on #2963, as we get blocks from P2P.