feat(bond): align AntiAbuseBondSettings with spec — slash split, claim window, drop unused dispute flag

[grunch]

Summary

Three changes to `[anti_abuse_bond]` so the runtime config matches
the `docs/ANTI_ABUSE_BOND.md` spec:

• Add `slash_node_share_pct: f64` (default `0.5`). Fraction of
  a slashed bond the node retains; the rest goes to the winning
  counterparty. Funds solver compensation for dispute work without
  introducing a new payment rail. `0.0` keeps the legacy
  winner-takes-all semantics; `1.0` makes the bond a pure sybil
  cost.

• Add `payout_claim_window_days: u32` (default `15`). Long-stop
  forfeiture: if the wronged counterparty never submits a payout
  invoice within this window, the bond closes as `forfeited` and
  the node retains the counterparty share too.

• Remove `slash_on_lost_dispute: bool`. The spec drops it
  explicitly in §3 — dispute slashes are expressed by the solver
  per-resolution via the `BondResolution` payload (Phase 2). The
  flag was opt-in dead code with no runtime behaviour, so removal
  does not change behaviour. A toml file with
  `slash_on_lost_dispute = true` from before this lands continues
  to parse (serde ignores unknown fields on this struct), so no
  operator action is needed at upgrade time.

Doc comments on `slash_on_waiting_timeout` and `payout_max_retries`
gain context: the former notes the `BondResolution` design for
disputes; the latter clarifies it counts only `send_payment` retries
against an already-received invoice (independent from the claim
window).

`settings.tpl.toml` updated to match.

No behaviour change in Phase 0/1 — the new fields are read by Phase
3+ scheduler logic that has not landed yet.

Test plan

• `cargo build`
• `cargo test config::` — 24/24 green (incl. new
  `toml_slash_node_share_pct_and_claim_window_override`)
• `cargo test bond::` — 32/32 green (no regression)
• `cargo clippy --all-targets` — clean

🤖 Generated with Claude Code

Summary by CodeRabbit

• Chores
  • Updated anti-abuse bond configuration settings: removed the slash_on_lost_dispute flag and added slash_node_share_pct and payout_claim_window_days parameters for enhanced control over bond payouts and dispute slashing mechanisms.

[coderabbitai]

Warning

Rate limit exceeded

@grunch has exceeded the limit for the number of commits that can be reviewed per hour. Please wait 40 minutes and 9 seconds before requesting another review.

You’ve run out of usage credits. Purchase more in the billing tab.

⌛ How to resolve this issue?

After the wait time has elapsed, a review can be triggered using the @coderabbitai review command as a PR comment. Alternatively, push new commits to this PR.

We recommend that you space out your commits to avoid hitting the rate limit.

🚦 How do rate limits work?

CodeRabbit enforces hourly rate limits for each developer per organization.

Our paid plans have higher rate limits than the trial, open-source and free plans. In all cases, we re-allow further reviews after a brief timeout.

Please see our FAQ for further information.

ℹ️ Review info

⚙️ Run configuration

Configuration used: Organization UI

Review profile: CHILL

Plan: Pro

Run ID: aaf05f68-e02c-443e-8f21-901e5dd96068

📥 Commits

Reviewing files that changed from the base of the PR and between fc99b50 and 350b0af.

📒 Files selected for processing (1)

• src/config/types.rs

Walkthrough

The PR refactors AntiAbuseBondSettings to remove the slash_on_lost_dispute flag (now handled via Phase 2 BondResolution payload) and adds two new payout configuration fields: slash_node_share_pct and payout_claim_window_days. Configuration template and test coverage are updated accordingly.

Changes

AntiAbuseBondSettings Configuration Refactoring

Layer / File(s)	Summary
Configuration Structure and Defaults src/config/types.rs	AntiAbuseBondSettings removes slash_on_lost_dispute field, adds slash_node_share_pct: f64 (default 0.5) and payout_claim_window_days: u32 (default 15) with serde defaults and helper functions.
Configuration Template Documentation settings.tpl.toml	Comments clarify that slash_on_lost_dispute no longer exists (Phase 2 solver-directed via BondResolution), document new payout parameters (slash_node_share_pct, payout_claim_window_days).
Configuration Tests src/config/types.rs	Defaults test updated for new fields; TOML parse tests verify slash_on_waiting_timeout behavior and new parameter overrides; new test added for slash_node_share_pct and payout_claim_window_days TOML parsing.

Estimated code review effort

🎯 2 (Simple) | ⏱️ ~12 minutes

Possibly related PRs

• MostroP2P/mostro#712: Introduces AntiAbuseBondSettings configuration struct that this PR extends with new fields.
• MostroP2P/mostro#725: Makes parallel config-level changes to remove slash_on_lost_dispute and introduce bond payout/split fields.

Poem

🐰 A bond config hops along with grace,
Old flags removed without a trace,
New payouts bloom—node share takes place,
Claims window opens, tests embrace,
Phase 2's here, dispute in space!

🚥 Pre-merge checks | ✅ 4 | ❌ 1

❌ Failed checks (1 warning)

Check name	Status	Explanation	Resolution
Docstring Coverage	⚠️ Warning	Docstring coverage is 37.50% which is insufficient. The required threshold is 80.00%.	Write docstrings for the functions missing them to satisfy the coverage threshold.

✅ Passed checks (4 passed)

Check name	Status	Explanation
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.
Title check	✅ Passed	The title accurately and specifically describes the main changes: adding slash_node_share_pct and payout_claim_window_days fields, and removing the unused slash_on_lost_dispute flag to align with the specification.
Linked Issues check	✅ Passed	Check skipped because no linked issues were found for this pull request.
Out of Scope Changes check	✅ Passed	Check skipped because no linked issues were found for this pull request.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing Touches

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Commit unit tests in branch feat/bond-settings-align-spec

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[grunch]

@coderabbitai review

[coderabbitai]

✅ Actions performed

Review triggered.

Note: CodeRabbit is an incremental review system and does not re-review already reviewed commits. This command is applicable only when automatic reviews are paused.

[coderabbitai]

Actionable comments posted: 1

🧹 Nitpick comments (1)

src/config/types.rs (1)

458-473: ⚡ Quick win

Add a backward-compat parse test for removed slash_on_lost_dispute.

The PR states legacy TOML remains operator-safe, but tests don’t yet assert that explicitly. Adding one test fixture with slash_on_lost_dispute = true would lock this guarantee and prevent accidental regressions.

Proposed test addition

+    #[test]
+    fn toml_legacy_removed_flag_is_ignored() {
+        #[derive(serde::Deserialize)]
+        struct Stub {
+            anti_abuse_bond: AntiAbuseBondSettings,
+        }
+        let parsed: Stub = toml::from_str(
+            r#"[anti_abuse_bond]
+enabled = true
+slash_on_lost_dispute = true"#,
+        )
+        .expect("legacy unknown field should be ignored");
+
+        assert!(parsed.anti_abuse_bond.enabled);
+        assert_eq!(parsed.anti_abuse_bond.slash_node_share_pct, 0.5);
+        assert_eq!(parsed.anti_abuse_bond.payout_claim_window_days, 15);
+    }

🤖 Prompt for AI Agents

Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

In `@src/config/types.rs` around lines 458 - 473, Add a backward-compatibility
unit test to ensure legacy TOML containing the removed field parses into
AntiAbuseBondSettings: create a test similar to
toml_slash_node_share_pct_and_claim_window_override (e.g.,
toml_legacy_slash_on_lost_dispute_parses) that defines the same Stub wrapper,
provides TOML including slash_on_lost_dispute = true along with any other
fields, deserializes via toml::from_str into Stub, and asserts that parsing
succeeds (and optionally that other fields like
slash_node_share_pct/payout_claim_window_days are preserved); locate the test
near toml_slash_node_share_pct_and_claim_window_override and reuse
AntiAbuseBondSettings as the target type.

🤖 Prompt for all review comments with AI agents

Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

Inline comments:
In `@src/config/types.rs`:
- Around line 72-73: The config currently allows any f64 for the field
slash_node_share_pct (with default default_slash_node_share_pct); add validation
during config deserialization or a post-parse validation step that rejects
values outside 0.0..=1.0 by returning a descriptive error (e.g., Err or
serde::de::Error) when slash_node_share_pct < 0.0 or > 1.0, update
default_slash_node_share_pct if needed to remain in range, and add unit tests
that parse the config to assert failure for values <0 and >1 and success for
valid boundary values 0.0 and 1.0 to cover parse/validation behavior.

---

Nitpick comments:
In `@src/config/types.rs`:
- Around line 458-473: Add a backward-compatibility unit test to ensure legacy
TOML containing the removed field parses into AntiAbuseBondSettings: create a
test similar to toml_slash_node_share_pct_and_claim_window_override (e.g.,
toml_legacy_slash_on_lost_dispute_parses) that defines the same Stub wrapper,
provides TOML including slash_on_lost_dispute = true along with any other
fields, deserializes via toml::from_str into Stub, and asserts that parsing
succeeds (and optionally that other fields like
slash_node_share_pct/payout_claim_window_days are preserved); locate the test
near toml_slash_node_share_pct_and_claim_window_override and reuse
AntiAbuseBondSettings as the target type.

🪄 Autofix (Beta)

Fix all unresolved CodeRabbit comments on this PR:

• Push a commit to this branch (recommended)
• Create a new PR with the fixes

---

ℹ️ Review info

⚙️ Run configuration

Configuration used: Organization UI

Review profile: CHILL

Plan: Pro

Run ID: 2f0207e7-a52f-4ae0-97e0-0e28c7f49fca

📥 Commits

Reviewing files that changed from the base of the PR and between cda9612 and fc99b50.

📒 Files selected for processing (2)

• settings.tpl.toml
• src/config/types.rs