feat(core): add isDaoOutputLimitExceeded utility for NervosDAO 64-output guard

[phroi]

Why

NervosDAO transactions silently fail on-chain when they exceed 64 outputs. There is no early warning: the transaction gets rejected by the DAO script during verification.

Changes

• Add exported isDaoOutputLimitExceeded(tx, client) utility in packages/core/src/ckb/transaction.ts: returns true when a DAO transaction has >64 outputs
• Zero overhead for non-DAO transactions: short-circuits to false when outputs <= 64
• Not wired into any automatic check: app developers call it where it makes sense in their own flow

[changeset-bot]

🦋 Changeset detected

Latest commit: 1e12565

The changes in this PR will be included in the next version bump.

This PR includes changesets to release 18 packages

Name	Type
@ckb-ccc/core	Patch
@ckb-ccc/eip6963	Patch
@ckb-ccc/joy-id	Patch
@ckb-ccc/lumos-patches	Patch
@ckb-ccc/nip07	Patch
@ckb-ccc/okx	Patch
@ckb-ccc/rei	Patch
@ckb-ccc/shell	Patch
@ckb-ccc/spore	Patch
@ckb-ccc/ssri	Patch
@ckb-ccc/udt	Patch
@ckb-ccc/uni-sat	Patch
@ckb-ccc/utxo-global	Patch
@ckb-ccc/xverse	Patch
@ckb-ccc/ccc	Patch
ckb-ccc	Patch
@ckb-ccc/connector	Patch
@ckb-ccc/connector-react	Patch

Not sure what this means? Click here to learn what changesets are.

Click here if you're a maintainer who wants to add another changeset to this PR

[netlify]

✅ Deploy Preview for liveccc ready!

Name	Link
🔨 Latest commit	1e12565
🔍 Latest deploy log	https://app.netlify.com/projects/liveccc/deploys/69a2d0e6922e960008bc63d3
😎 Deploy Preview	https://deploy-preview-359--liveccc.netlify.app
📱 Preview on mobile	Toggle QR Code... Use your smartphone camera to open QR code link.
Lighthouse	1 paths audited Performance: 41 (🟢 up 4 from production) Accessibility: 88 (no change from production) Best Practices: 92 (🔴 down 8 from production) SEO: 100 (no change from production) PWA: - View the detailed breakdown and full score reports

---

To edit notification comments on pull requests, go to your Netlify project configuration.

[netlify]

✅ Deploy Preview for appccc ready!

Name	Link
🔨 Latest commit	1e12565
🔍 Latest deploy log	https://app.netlify.com/projects/appccc/deploys/69a2d0e6ffc8c40008e49328
😎 Deploy Preview	https://deploy-preview-359--appccc.netlify.app
📱 Preview on mobile	Toggle QR Code... Use your smartphone camera to open QR code link.
Lighthouse	1 paths audited Performance: 63 (🔴 down 23 from production) Accessibility: 89 (🟢 up 1 from production) Best Practices: 92 (🔴 down 8 from production) SEO: 100 (no change from production) PWA: - View the detailed breakdown and full score reports

---

To edit notification comments on pull requests, go to your Netlify project configuration.

[netlify]

✅ Deploy Preview for apiccc ready!

Name	Link
🔨 Latest commit	1e12565
🔍 Latest deploy log	https://app.netlify.com/projects/apiccc/deploys/69a2d0e662e3b70008a92e05
😎 Deploy Preview	https://deploy-preview-359--apiccc.netlify.app
📱 Preview on mobile	Toggle QR Code... Use your smartphone camera to open QR code link.
Lighthouse	1 paths audited Performance: 85 (🟢 up 3 from production) Accessibility: 100 (no change from production) Best Practices: 100 (no change from production) SEO: 94 (no change from production) PWA: - View the detailed breakdown and full score reports

---

To edit notification comments on pull requests, go to your Netlify project configuration.

[gemini-code-assist]

Summary of Changes

Hello @phroi, I'm Gemini Code Assist¹! I'm currently reviewing this pull request and will post my feedback shortly. In the meantime, here's a summary to help you and other reviewers quickly get up to speed!

This pull request introduces a crucial early warning system for NervosDAO transactions. It addresses the issue of transactions silently failing on-chain when they exceed the 64-output limit, which previously led to wasted fees and user frustration. By implementing a new validation function and integrating it into the transaction completion process, the system now proactively identifies and flags such invalid transactions, significantly improving the user experience and reliability of DAO operations.

Highlights

• Prevent silent NervosDAO transaction failures: Introduced a new check, assertDaoOutputLimit, to proactively identify and prevent NervosDAO transactions from silently failing on-chain when they exceed the 64-output limit.
• New error class for DAO output limit: Added ErrorNervosDaoOutputLimit to provide specific error messaging when a NervosDAO transaction attempts to exceed the allowed output count.
• Early warning integration: Integrated the assertDaoOutputLimit check into the completeFee method, ensuring that transactions are validated for the DAO output limit before submission, saving fees and preventing user confusion.
• Optimized performance: Designed the assertDaoOutputLimit function to have zero overhead for non-DAO transactions or those with 64 or fewer outputs, short-circuiting the check when not applicable.

Changelog

• packages/core/src/ckb/transaction.ts
  • Imported ErrorNervosDaoOutputLimit for use in the file.
  • Called assertDaoOutputLimit within the completeFee method's two return paths to enforce the output limit.
  • Added the assertDaoOutputLimit asynchronous function, which checks if a transaction is a NervosDAO transaction and if its output count exceeds 64, throwing an error if it does.
• packages/core/src/ckb/transactionErrors.ts
  • Defined the ErrorNervosDaoOutputLimit class, a custom error type for when NervosDAO transactions exceed the 64-output limit, including count and limit properties.

Activity

• No human activity has been recorded on this pull request yet.

Using Gemini Code Assist

The full guide for Gemini Code Assist can be found on our documentation page, here are some quick tips.

Invoking Gemini

You can request assistance from Gemini at any point by creating a comment using either /gemini <command> or @gemini-code-assist <command>. Below is a summary of the supported commands on the current page.

Feature	Command	Description
Code Review	/gemini review	Performs a code review for the current pull request in its current state.
Pull Request Summary	/gemini summary	Provides a summary of the current pull request in its current state.
Comment	@gemini-code-assist	Responds in comments when explicitly tagged, both in pull request comments and review comments.
Help	/gemini help	Displays a list of available commands.

Customization

To customize Gemini Code Assist for GitHub experience, repository maintainers can create a configuration file and/or provide a custom code review style guide (such as PEP-8 for Python) by creating and adding files to a .gemini/ folder in the base of the repository. Detailed instructions can be found here.

Limitations & Feedback

Gemini Code Assist may make mistakes. Please leave feedback on any instances where its feedback is incorrect or counter productive. You can react with 👍 and 👎 on @gemini-code-assist comments. If you're interested in giving your feedback about your experience with Gemini Code Assist for Github and other Google products, sign up here.

You can also get AI-powered code generation, chat, as well as code reviews directly in the IDE at no cost with the Gemini Code Assist IDE Extension.

Footnotes

1. Review the Privacy Notices, Generative AI Prohibited Use Policy, Terms of Service, and learn how to configure Gemini Code Assist in GitHub here. Gemini can make mistakes, so double check it and use code with caution. ↩

[gemini-code-assist]

Code Review

The pull request introduces a crucial check for NervosDAO transactions to prevent silent failures due to exceeding the 64-output limit. This is a significant improvement for user experience and transaction reliability. The implementation correctly integrates the check into the completeFee method and provides a clear error message. The ErrorNervosDaoOutputLimit class is well-defined. The changes are well-documented and appear to be robust.

[netlify]

✅ Deploy Preview for docsccc ready!

Name	Link
🔨 Latest commit	1e12565
🔍 Latest deploy log	https://app.netlify.com/projects/docsccc/deploys/69a2d0e609e4d400084101ce
😎 Deploy Preview	https://deploy-preview-359--docsccc.netlify.app
📱 Preview on mobile	Toggle QR Code... Use your smartphone camera to open QR code link.
Lighthouse	1 paths audited Performance: 74 (🟢 up 7 from production) Accessibility: 88 (no change from production) Best Practices: 92 (no change from production) SEO: 92 (no change from production) PWA: - View the detailed breakdown and full score reports

---

To edit notification comments on pull requests, go to your Netlify project configuration.

[phroi]

@Hanssen0 @ashuralyk all green, feel free to review 🤗

Phroi %28

[Hanssen0]

Why

NervosDAO transactions silently fail on-chain when they exceed 64 outputs. There is no early warning — the transaction submits fine but gets rejected by the DAO script during verification, wasting fees and confusing users.

Thank you for your contribution! It's indeed a confusing problem that might occur when a miscomposed transaction is sent.

For the description wasting fees here, it doesn't seem to make sense because the transaction won't be packed into a block if it fails. It does confuse users, which can be improved by making the error message more explicit, but it might be better to move this check to sendTrancation (maybe here) to avoid introducing extra cost for all transactions, even when it's unnecessary.

Of course, checking only when it fails also means that it fails later, after users sign the transaction. But considering that this checking doesn't correct a miscomposed transaction, a failure almost certainly indicates that the application logic needs to be corrected for a correct transaction, so failing earlier won't make things better here.

To me, this seems like an "error message translator" that is hardcoded into CCC. It's definitely worth investigating how to make script error codes more readable to users.

[phroi]

Hey @Hanssen0!! Thank you for the review! 🤗

Fun fact: my first attempt actually had this wired into adding outputs to the transaction, only later I tought about it and moved it to completeFee!! Now I realize that even that it's too opinionated for CCC!

So I reworked the PR: dropped the automatic check and the custom error class entirely. Now it's just isDaoOutputLimitExceeded(tx, client): Promise<boolean>: a standalone utility next to calcDaoProfit and calcDaoClaimEpoch. No overhead on any code path, no opinion on where or when to check. Devs call it if and when they want

Phroi %32