fix: ofac logic

[Nesopie]

Summary by CodeRabbit

• New Features
  • None
• Refactor
  • Consolidated OFAC verification into a single cumulative check to reduce redundancy and improve consistency across results while preserving existing enabled/disabled behavior.
• Bug Fixes
  • Improved reliability of OFAC validation by preventing conflicting outcomes from multiple checks.
• Chores
  • Updated package version to 1.1.0-beta.4 for @selfxyz/core.

[coderabbitai]

Caution

Review failed

The pull request is closed.

Walkthrough

This PR bumps the sdk/core package version and revises OFAC validation in SelfBackendVerifier by removing per-entry checks, introducing a cumulative OR across OFAC fields, and using that single value for final validity decisions.

Changes

Cohort / File(s)	Summary
Version bump sdk/core/package.json	Version updated from 1.1.0-beta.3 to 1.1.0-beta.4; no other fields changed.
OFAC validation refactor sdk/core/src/SelfBackendVerifier.ts	Removed three per-entry OFAC disallow checks; added cumulativeOfac as OR of all outputs; replaced validations with single cumulative check when verificationConfig.ofac is true; no exported API changes.

Sequence Diagram(s)

sequenceDiagram
  autonumber
  actor Caller
  participant Verifier as SelfBackendVerifier
  participant Output as genericDiscloseOutput
  Caller->>Verifier: verify(input, verificationConfig)
  Verifier->>Output: Read OFAC booleans (multiple fields)
  Note over Verifier,Output: Compute cumulativeOfac = OR(all OFAC fields)
  alt verificationConfig.ofac === true
    Verifier->>Verifier: isOfacValid = NOT cumulativeOfac
  else verificationConfig.ofac is false/undefined
    Verifier->>Verifier: isOfacValid = true
  end
  Verifier-->>Caller: result with isOfacValid and errors (if any)

Loading

Estimated code review effort

🎯 2 (Simple) | ⏱️ ~10 minutes

Possibly related PRs

• feat: add better error handling #691 — Also modifies verification logic in SelfBackendVerifier (age-related fields and messages), overlapping area with this PR’s OFAC validation changes.

Suggested reviewers

• 0xturboblitz

Poem

A toggle flips where checks once sprawled,
OFAC now sums, a single call.
Version ticks with a quiet cheer,
Beta dot four is finally here.
Bits aligned, the guardrails clear—
Onward, clean and crystal-clear.

✨ Finishing touches

• 📝 Generate Docstrings

🧪 Generate unit tests

• Create PR with unit tests
• Post copyable unit tests in a comment
• Commit unit tests in branch fix/ofac

---

📜 Recent review details

Configuration used: Path: .coderabbit.yaml

Review profile: CHILL

Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between 85bbb02 and 923a9ce.

📒 Files selected for processing (2)

• sdk/core/package.json (1 hunks)
• sdk/core/src/SelfBackendVerifier.ts (2 hunks)

Tip

👮 Agentic pre-merge checks are now available in preview!

Pro plan users can now enable pre-merge checks in their settings to enforce checklists before merging PRs.

• Built-in checks – Quickly apply ready-made checks to enforce title conventions, require pull request descriptions that follow templates, validate linked issues for compliance, and more.
• Custom agentic checks – Define your own rules using CodeRabbit’s advanced agentic capabilities to enforce organization-specific policies and workflows. For example, you can instruct CodeRabbit’s agent to verify that API documentation is updated whenever API schema files are modified in a PR. Note: Upto 5 custom checks are currently allowed during the preview period. Pricing for this feature will be announced in a few weeks.

Please see the documentation for more information.

Example:

reviews:
  pre_merge_checks:
    custom_checks:
      - name: "Undocumented Breaking Changes"
        mode: "warning"
        instructions: |
          Pass/fail criteria: All breaking changes to public APIs, CLI flags, environment variables, configuration keys, database schemas, or HTTP/GraphQL endpoints must be documented in the "Breaking Change" section of the PR description and in CHANGELOG.md. Exclude purely internal or private changes (e.g., code not exported from package entry points or explicitly marked as internal).

Please share your feedback with us on this Discord post.

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[cursor]

This is the final PR Bugbot will review for you during this billing cycle

Your free Bugbot reviews will reset on October 17

Details

Your team is on the Bugbot Free tier. On this plan, Bugbot will review limited PRs each billing cycle for each member of your team.

To receive Bugbot reviews on all of your PRs, visit the Cursor dashboard to activate Pro and start your 14-day free trial.

[cursor]

Bug: OFAC Configuration Mismatch Handling Fails

The system no longer correctly handles OFAC configuration mismatches. If OFAC checks are disabled in the configuration but performed in the proof, the system fails to reject the proof and incorrectly reports isOfacValid: true, which poses a security and compliance risk.