deps: upgrade to v1.10.1

[chatton]

Description

Type of Change

WIP: creating PR to build docker images

• Bug fix (non-breaking change which fixes an issue)
• New feature (non-breaking change which adds functionality)
• Breaking change (fix or feature that would cause existing functionality to not work as expected)
• Documentation update
• Performance improvement
• Refactoring

Related Issues

Fixes #(issue)

Checklist

• I have performed a self-review of my code
• I have commented my code, particularly in hard-to-understand areas
• I have made corresponding changes to the documentation
• My changes generate no new warnings
• I have added tests that prove my fix is effective or that my feature works
• New and existing unit tests pass locally with my changes
• Any dependent changes have been merged and published

Testing

Additional Notes

[claude]

Claude finished @chatton's task —— View job

---

PR Review: deps: upgrade to v1.10.1

I've completed a comprehensive review of this Reth v1.10.1 upgrade PR. Here's my detailed analysis:

Summary

This is a well-executed dependency upgrade from Reth v1.8.4 to v1.10.1 with proper code adaptations. The changes are primarily focused on API compatibility updates rather than fundamental architectural changes.

✅ Strengths

Dependency Management

• Consistent versioning: All 48+ Reth dependencies properly upgraded to v1.10.1
• Aligned ecosystem: REVM (34.0.0), Alloy (1.4.3-1.5.0), and related dependencies properly coordinated
• Clean upgrade path: No mixed versions that could cause compatibility issues

Code Quality

• Proper API adaptations: All breaking changes handled correctly:
  • crates/ev-revm/src/evm.rs: New comprehensive EVM wrapper with proper trait implementations
  • crates/ev-precompiles/src/mint.rs: Updated precompile interfaces and error handling
  • crates/node/src/validator.rs: Enhanced validator with new Engine API types
• No unsafe code: Security-conscious implementation throughout
• Maintained functionality: Core Evolve features (base fee redirect, deploy allowlist, mint precompile) preserved

Architecture Compliance

• Follows CLAUDE.md guidelines: Respects the modular workspace structure
• Preserves key innovations: Engine API transaction submission, bypassed mempool, flexible block validation
• Test coverage maintained: E2E tests updated to work with new APIs

⚠️ Areas of Concern

Testing & Verification

• No breaking change documentation: PR description lacks details about API changes addressed
• Missing test execution proof: Cannot verify all tests pass with new dependencies
• Integration risk: Major version jumps (v1.8.4 → v1.10.1) can introduce subtle behavioral changes

Performance Considerations

• REVM 34.0.0 impact: New version may have performance characteristics that need validation
• Memory usage: New Alloy/REVM versions could affect memory patterns in long-running nodes
• EVM execution changes: Enhanced EVM wrapper adds abstraction layers

Security Implications

• Dependency trust: 48+ dependency updates expand attack surface
• Engine API changes: New validation logic in validator.rs:76-87 bypasses block hash checks for Evolve
• Precompile security: Updated mint precompile maintains authorization controls but API surface changed

📋 Recommendations

Critical Actions Required

1. Run comprehensive test suite: Execute make test-all to verify compatibility
2. Performance benchmarking: Test payload building performance vs v1.8.4
3. Integration testing: Verify Engine API interactions with latest dependencies

Documentation Updates Needed

4. Update CHANGELOG: Document breaking changes and migration path
5. Version compatibility matrix: Update docs to reflect supported Reth versions
6. API migration guide: Document any client-facing changes

Monitoring Post-Merge

7. Memory profiling: Monitor for memory usage changes in production
8. Error rate monitoring: Watch for new error patterns from dependency changes
9. Performance metrics: Track block building times and EVM execution performance

🎯 Final Assessment

Overall Quality: Good ✅

• This is a solid dependency upgrade with proper code adaptations
• Core security and functionality preserved
• No obvious bugs or architectural issues

Risk Level: Medium ⚠️

• Large number of dependency changes increases surface area for issues
• Insufficient testing verification in PR

Recommendation: APPROVE with conditions

• Merge after running full test suite and performance validation
• Consider staging deployment to catch integration issues

---

Key Files Reviewed:

• Cargo.toml (48+ dependency updates)
• bin/ev-reth/src/main.rs (minor adaptations)
• crates/node/src/builder.rs (API compatibility)
• crates/ev-precompiles/src/mint.rs (78 lines changed)
• crates/ev-revm/src/evm.rs (69 new lines)
• crates/node/src/validator.rs (enhanced validation)
• Test files (API updates maintained)

[gemini-code-assist]

Summary of Changes

Hello @chatton, I'm Gemini Code Assist¹! I'm currently reviewing this pull request and will post my feedback shortly. In the meantime, here's a summary to help you and other reviewers quickly get up to speed!

This pull request focuses on a significant dependency upgrade, moving the project's core Reth framework to version v1.10.1. This update required extensive modifications across the codebase to ensure compatibility with the new Reth version, including adjustments to related revm and alloy libraries, a more configurable OTLP tracing setup, and updates to custom precompile logic. The changes also involve aligning with updated interfaces in Reth's payload builder, consensus, and EVM factory components, which helps integrate the latest features and stability improvements from the upstream project.

Highlights

• Dependency Upgrades: Upgraded Reth dependencies from v1.8.4 to v1.10.1, along with compatible updates for revm (to 34.0.0) and alloy (to 1.4.3) and its related libraries.
• OTLP Tracing Refactor: Refactored OTLP tracing initialization to dynamically configure endpoint and protocol via environment variables (OTEL_EXPORTER_OTLP_ENDPOINT, OTEL_EXPORTER_OTLP_PROTOCOL), improving flexibility and deployment options.
• MintPrecompile Logic Updates: Adjusted MintPrecompile to align with revm changes, specifically modifying how account balances are incremented/decremented and ensuring proper error handling and account state management (e.g., set_code, load_account_mut, touch_account).
• Reth Interface Adaptations: Updated various Reth-related interfaces, including EvmFactory, Evm traits, Consensus implementation, and PayloadValidator, to match the new signatures and types introduced in Reth v1.10.1.
• Payload Builder Enhancements: Modified the payload builder to calculate block timestamps based on the parent header and current system time, and added extra_data field initialization.
• E2E Test Adjustments: Updated EthApiClient calls in end-to-end tests to include the Bytes type parameter, reflecting changes in the RPC client API.

🧠 New Feature in Public Preview: You can now enable Memory to help Gemini Code Assist learn from your team's feedback. This makes future code reviews more consistent and personalized to your project's style. Click here to enable Memory in your admin console.

Using Gemini Code Assist

The full guide for Gemini Code Assist can be found on our documentation page, here are some quick tips.

Invoking Gemini

You can request assistance from Gemini at any point by creating a comment using either /gemini <command> or @gemini-code-assist <command>. Below is a summary of the supported commands on the current page.

Feature	Command	Description
Code Review	/gemini review	Performs a code review for the current pull request in its current state.
Pull Request Summary	/gemini summary	Provides a summary of the current pull request in its current state.
Comment	@gemini-code-assist	Responds in comments when explicitly tagged, both in pull request comments and review comments.
Help	/gemini help	Displays a list of available commands.

Customization

To customize Gemini Code Assist for GitHub experience, repository maintainers can create a configuration file and/or provide a custom code review style guide (such as PEP-8 for Python) by creating and adding files to a .gemini/ folder in the base of the repository. Detailed instructions can be found here.

Limitations & Feedback

Gemini Code Assist may make mistakes. Please leave feedback on any instances where its feedback is incorrect or counter productive. You can react with 👍 and 👎 on @gemini-code-assist comments. If you're interested in giving your feedback about your experience with Gemini Code Assist for Github and other Google products, sign up here.

You can also get AI-powered code generation, chat, as well as code reviews directly in the IDE at no cost with the Gemini Code Assist IDE Extension.

Footnotes

1. Review the Privacy Notices, Generative AI Prohibited Use Policy, Terms of Service, and learn how to configure Gemini Code Assist in GitHub here. Gemini can make mistakes, so double check it and use code with caution. ↩

[gemini-code-assist]

Code Review

This pull request upgrades several key dependencies, most notably reth from v1.8.4 to v1.10.1, along with revm and alloy. The majority of the code changes are adaptations to the new APIs of these upgraded dependencies. The OTLP tracing initialization has also been refactored to be more robust and configurable via environment variables.

My review focuses on the new tracing logic and general maintainability. I've identified a couple of issues in the tracing initialization: one that could prevent tracing from being enabled at all, and another related to non-compliance with the OpenTelemetry specification for disabling the SDK. I've also pointed out an outdated comment in Cargo.toml that should be updated to reflect the new dependency version. The rest of the changes appear to be correct adaptations to the upstream API changes.

[gemini-code-assist]

The init_tracing() function is only called if OTEL_SDK_DISABLED is explicitly set to "false". If the environment variable is not set, no tracing will be initialized at all, which is likely not the intended behavior. The init_tracing function itself correctly handles whether to enable OTLP based on environment variables. Therefore, the conditional check in main is redundant and can lead to no tracing being configured. init_tracing() should be called unconditionally.

    init_tracing();

[gemini-code-assist]

The comment indicates that reth v1.8.4 is being used, but the dependencies have been upgraded to v1.10.1. Please update the comment to reflect the new version for better maintainability.

Suggested change

	# Reth dependencies - Using v1.8.4 stable
	# Reth dependencies - Using v1.10.1 stable

[gemini-code-assist]

The current implementation for checking OTEL_SDK_DISABLED is not fully compliant with the OpenTelemetry specification. The spec states that the SDK should be disabled only if OTEL_SDK_DISABLED is set to true (case-insensitive), and any other value should be ignored (meaning the SDK is not disabled). The current logic disables the SDK for any value other than "false". This should be corrected to only disable for "true".

Suggested change

	// disabled if OTEL_SDK_DISABLED is set to anything other than "false"
	if std::env::var("OTEL_SDK_DISABLED").is_ok_and(|v| v != "false") {
	return None;
	}
	// disabled if OTEL_SDK_DISABLED is set to "true" (case-insensitive)
	if std::env::var("OTEL_SDK_DISABLED").map_or(false, |v| v.eq_ignore_ascii_case("true")) {
	return None;
	}