refactor: read banned-accounts list from Edge Config

[jobotics]

Summary

• Move the banned-accounts list out of the build-time NEXT_PUBLIC_BANNED_ACCOUNT_IDS env var and into Vercel Edge Config (key: bannedAccountIds), so it can be updated from the dashboard without a redeploy.
• New isAccountBanned() service fails closed — any read or schema-parse failure returns true, so an Edge Config outage cannot silently let banned accounts through.
• Ports defuse-protocol/defuse-near#464.

Deploy notes

• Set the EDGE_CONFIG connection string in each deployment environment.
• Seed the bannedAccountIds key in the Vercel Edge Config dashboard as a JSON array of strings (intent user IDs), e.g. ["banned.near", "0xabc"]. If unset, the service logs a warn and treats the list as empty.
• NEXT_PUBLIC_BANNED_ACCOUNT_IDS is no longer read and can be removed from every environment.

Follow-up (not in this PR)

.env.local.example still contains the now-unused NEXT_PUBLIC_BANNED_ACCOUNT_IDS= line (lines 29-30). My local tooling blocks edits under that path, so it needs a manual one-line removal before merge — happy to do it in a follow-up commit if preferred.

Test plan

• pnpm vitest run src/services/bannedAccounts.test.ts — 5/5 pass (includes fail-closed cases for thrown errors, wrong shape, and non-string entries).
• pnpm typecheck — clean.
• pnpm check (biome) on touched files — clean.
• rg BANNED_ACCOUNT_IDS — no remaining references in source (only the .env.local.example line called out above).
• Manual: with EDGE_CONFIG unset, GET /api/account/validate-banned?address=…&chainType=near returns isBanned: false and emits a warn log.
• Manual: with a bogus EDGE_CONFIG value, the same request returns isBanned: true (fail-closed) and emits an error log.

🤖 Generated with Claude Code

[claude]

Claude Code Review

This repository is configured for manual code reviews. Comment @claude review to trigger a review and subscribe this PR to future pushes, or @claude review once for a one-time review.

_{Tip: disable this comment in your organization's Code Review settings.}

[vercel]

The latest updates on your projects. Learn more about Vercel for GitHub.

Project	Deployment	Actions	Updated (UTC)
defuse-widget	Ready	Preview, Comment	May 15, 2026 4:33pm

[supabase]

Updates to Preview Branch (refactor/banned-addresses) ↗︎

Deployments	Status	Updated
Database	✅	Fri, 15 May 2026 16:33:07 UTC
Services	✅	Fri, 15 May 2026 16:33:07 UTC
APIs	✅	Fri, 15 May 2026 16:33:07 UTC

Tasks are run on every commit but only new migration files are pushed.
Close and reopen this PR if you want to apply changes from existing seed or migration files.

Tasks	Status	Updated
Configurations	✅	Fri, 15 May 2026 16:33:16 UTC
Migrations	✅	Fri, 15 May 2026 16:33:21 UTC
Seeding	✅	Fri, 15 May 2026 16:33:22 UTC
Edge Functions	✅	Fri, 15 May 2026 16:33:22 UTC

---

View logs for this Workflow Run ↗︎.
Learn more about Supabase for Git ↗︎.

[coderabbitai]

No actionable comments were generated in the recent review. 🎉

ℹ️ Recent review info

⚙️ Run configuration

Configuration used: Organization UI

Review profile: CHILL

Plan: Pro

Run ID: 0620d972-0c83-4601-8c65-0718c6cb11d1

📥 Commits

Reviewing files that changed from the base of the PR and between 6294c5a and 555e75d.

📒 Files selected for processing (4)

• src/app/api/account/validate-banned/route.ts
• src/services/bannedAccounts.test.ts
• src/services/bannedAccounts.ts
• src/utils/environment.ts

💤 Files with no reviewable changes (1)

• src/utils/environment.ts

---

Walkthrough

This PR migrates banned account validation from an environment-variable list to a Vercel Edge Config-backed service. A new isAccountBanned() service validates account IDs against the Edge Config bannedAccountIds list, failing safely by returning true on errors. The validate-banned API endpoint now calls the async service. Tests cover membership checks, Edge Config key states, and error scenarios. Legacy BANNED_ACCOUNT_IDS is removed and a new APP_NETWORK_OUTAGE_NOTIFICATION constant is added.

Changes

Banned Account Validation Migration

Layer / File(s)	Summary
Banned accounts service with Edge Config integration and validation tests src/services/bannedAccounts.ts, src/services/bannedAccounts.test.ts	New service loads and validates the banned account ID list from Vercel Edge Config using valibot schema validation, warns when the key is unset, and returns true on any load/parse error (fail-closed pattern). Test suite validates membership checks, Edge Config key presence, and error conditions including throws, invalid types, and non-string array entries.
API endpoint integration with async banned account check src/app/api/account/validate-banned/route.ts	Updated endpoint to replace synchronous BANNED_ACCOUNT_IDS.includes() with an async isAccountBanned(accountId) call while maintaining address-to-account-ID derivation. Updated imports and endpoint JSDoc to reference Edge Config sourcing.
Environment variable migration and notification constant src/utils/environment.ts	Removed legacy BANNED_ACCOUNT_IDS environment constant and added new APP_NETWORK_OUTAGE_NOTIFICATION optional string constant parsed via valibot from NEXT_PUBLIC_APP_NETWORK_OUTAGE_NOTIFICATION.

Estimated code review effort

🎯 3 (Moderate) | ⏱️ ~20 minutes

Possibly related PRs

• defuse-protocol/defuse-frontend#794: Prior PR that implemented the banned-account validation endpoint and BANNED_ACCOUNT_IDS configuration; this PR supersedes that approach by moving to Edge Config-backed validation.

Poem

🐰 A service hops into the config,
Dancing with Edge and a valibot lock,
When bans are uncertain, it closes the door—
Forbidden accounts banned forevermore! 🚫

🚥 Pre-merge checks | ✅ 4 | ❌ 1

❌ Failed checks (1 warning)

Check name	Status	Explanation	Resolution
Docstring Coverage	⚠️ Warning	Docstring coverage is 33.33% which is insufficient. The required threshold is 80.00%.	Write docstrings for the functions missing them to satisfy the coverage threshold.

✅ Passed checks (4 passed)

Check name	Status	Explanation
Title check	✅ Passed	The title 'refactor: read banned-accounts list from Edge Config' accurately and concisely summarizes the main change: migrating banned-accounts storage from environment variables to Vercel Edge Config.
Description check	✅ Passed	The description is comprehensive and directly related to the changeset, covering the motivation, implementation details (fail-closed behavior), deploy notes, and testing approach.
Linked Issues check	✅ Passed	Check skipped because no linked issues were found for this pull request.
Out of Scope Changes check	✅ Passed	Check skipped because no linked issues were found for this pull request.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing Touches

📝 Generate docstrings

• Create stacked PR
• Commit on current branch

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Commit unit tests in branch refactor/banned-addresses

Warning

There were issues while running some tools. Please review the errors and either fix the tool's configuration or disable the tool if it's a critical failure.

🔧 ESLint

If the error stems from missing dependencies, add them to the package.json file. For unrecoverable errors (e.g., due to private dependencies), disable the tool in the CodeRabbit configuration.

ESLint skipped: no ESLint configuration detected in root package.json. To enable, add eslint to devDependencies.

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}