Skip to content

Make privilege first-class across intents, CLI, and docs; add root emission intent#2910

Open
unarbos wants to merge 2 commits into
mainfrom
feat/intent-origins-root-ops
Open

Make privilege first-class across intents, CLI, and docs; add root emission intent#2910
unarbos wants to merge 2 commits into
mainfrom
feat/intent-origins-root-ops

Conversation

@unarbos

@unarbos unarbos commented Jul 14, 2026

Copy link
Copy Markdown
Contributor

Summary

  • Every intent now declares its chain origin (signed / subnet_owner / root) and an optional paired verify read, surfaced through list_tools() into the agent catalog (catalog/intents.json), the generated btcli tx help (own "Root (chain sudo)" panel, generated "Requires:" / "Verify afterwards:" footers), the pre-sign confirmation flow, and the generated docs (Origin column + Verify section per tx page).
  • First root intent: set_subnet_emission_enabled — takes --netuids 89,127, batches atomically via Utility.batch_all, wraps itself in Sudo.sudo, and replaces the raw-only escape hatch for AdminUtils.sudo_set_subnet_emission_enabled. Paired with a new subnet_emission_enabled read and a hyperparams-table entry so the flag shows next to subnet_is_active.
  • New codegen gate: every origin="root" intent must declare a verify read, and every declared verify must name a registered read — a privileged write can no longer ship without a way to check it.
  • Six owner-gated intents tagged origin="subnet_owner" (verified against the runtime): set_hyperparameter, start_call, trim_subnet, set_mechanism_count, set_subnet_identity, update_symbol.
  • Docs: hand-written hyperparameters/subnet-emission-enabled explainer and an "active vs emission-enabled" decision tree in the subnets guide, plus regenerated reference pages/catalogs.

Test plan

  • codegen.check --coverage / --names / --units / --namespaces all green (includes the new verify-integrity gate)
  • pytest: 952 passed, 1 skipped
  • ruff check / ruff format --check / ty check clean
  • generate.py --check: generated docs up to date
  • btcli tx set-subnet-emission-enabled --help renders privilege + verify footers; catalog JSON carries origin/verify

Made with Cursor

unarbos and others added 2 commits July 14, 2026 15:43
Co-authored-by: Cursor <cursoragent@cursor.com>
…ission intent.

Every intent now declares its chain origin (signed / subnet_owner / root)
and a paired verify read, surfaced in the tool catalog, btcli tx help and
pre-sign flow, and the generated docs. First root intent:
set_subnet_emission_enabled (multi-netuid batch_all under Sudo.sudo) with a
subnet_emission_enabled read and hyperparams entry, plus an
active-vs-emission-enabled decision tree in the subnets guide.

Co-authored-by: Cursor <cursoragent@cursor.com>
@vercel

vercel Bot commented Jul 14, 2026

Copy link
Copy Markdown

The latest updates on your projects. Learn more about Vercel for GitHub.

Project Deployment Actions Updated (UTC)
subtensor Ready Ready Preview, Comment Jul 14, 2026 9:46pm

Request Review

@github-actions

github-actions Bot commented Jul 14, 2026

Copy link
Copy Markdown
Contributor

🛡️ AI Review — Skeptic (security review)

VERDICT: SAFE

MEDIUM scrutiny: ~4-month-old account, mitigated by repository write access and substantial merged contribution history; no Gittensor association found. Branch targets main.

Static review found the new root intent correctly composes the administrative calls into an atomic batch and wraps that batch in Sudo.sudo. The authorization metadata changes do not weaken chain-side origin enforcement, and no trusted AI-review or Copilot instruction files were modified.

Findings

No findings.

Conclusion

No malicious behavior or security vulnerability was found in the PR.


🔍 AI Review — Auditor (domain review)

VERDICT: 👍

UNKNOWN gittensor association; newer GitHub account but substantial contribution history and repository write access. No meaningful duplicate overlap found.

The root intent is correctly wrapped through Sudo.sudo, batches multiple subnet updates atomically, rejects empty input, exposes a registered verification read, and is covered by the registry-wide intent/read tests. The PR description is substantive and matches the implementation.

Findings

Sev File Finding
MEDIUM website/apps/bittensor-website/scripts/generate.py:184 Do not imply every signed intent accepts any key inline

Conclusion

The implementation is ready after correcting the misleading generated label for ordinary signed origins. No blocking domain, runtime, migration, or spec-version issue was found.

@github-actions github-actions Bot left a comment

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

AI review — see the sticky summary comment for the verdict and the inline comments below for specific findings.


# `Intent.origin` classvar -> the human phrasing the docs show for it.
ORIGIN_LABELS = {
"signed": "any signed key",

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

[MEDIUM] Do not imply every signed intent accepts any key

origin == "signed" describes the dispatch-origin class, not authorization by an arbitrary funded account. Many such intents still require a particular owner, creator, contributor, hotkey, or proxy. Rendering this as “any signed key” gives users and agents incorrect privilege guidance; label it simply as a signed origin. The matching comment in intents/base.py should also be aligned.

Suggested change
"signed": "any signed key",
"signed": "signed",

@github-actions

Copy link
Copy Markdown
Contributor

🔄 AI review updated — Skeptic: SAFE Auditor: 👍

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant