refactor(pulse-scheduler): improve SubscriptionParams validation (#2594)

* feat: add permanent subscriptions, clean up tests

* refactor: extract out subscription parameter validation and improve error handling

* test(pulse-scheduler): add gas benchmark (#2596)

* test(pulse-scheduler): add gas benchmark, refactor common helpers into util

* doc: test comment

* fix: import

* fix: overflow, DRY

* doc: comment

* fix: remove unused constants

* fix: merge

Author: tejasbadadare

target_chains/ethereum/contracts/contracts/pulse/scheduler/Scheduler.sol

@@ -23,35 +23,8 @@ abstract contract Scheduler is IScheduler, SchedulerState {
     function createSubscription(
         SubscriptionParams memory subscriptionParams
     ) external payable override returns (uint256 subscriptionId) {
-        if (
-            subscriptionParams.priceIds.length > MAX_PRICE_IDS_PER_SUBSCRIPTION
-        ) {
-            revert TooManyPriceIds(
-                subscriptionParams.priceIds.length,
-                MAX_PRICE_IDS_PER_SUBSCRIPTION
-            );
-        }
-
-        // Validate update criteria
-        if (
-            !subscriptionParams.updateCriteria.updateOnHeartbeat &&
-            !subscriptionParams.updateCriteria.updateOnDeviation
-        ) {
-            revert InvalidUpdateCriteria();
-        }
-
-        // If gas config is unset, set it to the default (100x multipliers)
-        if (
-            subscriptionParams.gasConfig.maxBaseFeeMultiplierCapPct == 0 ||
-            subscriptionParams.gasConfig.maxPriorityFeeMultiplierCapPct == 0
-        ) {
-            subscriptionParams
-                .gasConfig
-                .maxPriorityFeeMultiplierCapPct = DEFAULT_MAX_PRIORITY_FEE_MULTIPLIER_CAP_PCT;
-            subscriptionParams
-                .gasConfig
-                .maxBaseFeeMultiplierCapPct = DEFAULT_MAX_BASE_FEE_MULTIPLIER_CAP_PCT;
-        }
+        // Validate params and set default gas config
+        _validateAndPrepareSubscriptionParams(subscriptionParams);
 
         // Calculate minimum balance required for this subscription
         uint256 minimumBalance = this.getMinimumBalance(
@@ -111,34 +84,8 @@ abstract contract Scheduler is IScheduler, SchedulerState {
             return;
         }
 
-        // Validate parameters for active or to-be-activated subscriptions
-        if (newParams.priceIds.length > MAX_PRICE_IDS_PER_SUBSCRIPTION) {
-            revert TooManyPriceIds(
-                newParams.priceIds.length,
-                MAX_PRICE_IDS_PER_SUBSCRIPTION
-            );
-        }
-
-        // Validate update criteria
-        if (
-            !newParams.updateCriteria.updateOnHeartbeat &&
-            !newParams.updateCriteria.updateOnDeviation
-        ) {
-            revert InvalidUpdateCriteria();
-        }
-
-        // If gas config is unset, set it to the default (100x multipliers)
-        if (
-            newParams.gasConfig.maxBaseFeeMultiplierCapPct == 0 ||
-            newParams.gasConfig.maxPriorityFeeMultiplierCapPct == 0
-        ) {
-            newParams
-                .gasConfig
-                .maxPriorityFeeMultiplierCapPct = DEFAULT_MAX_PRIORITY_FEE_MULTIPLIER_CAP_PCT;
-            newParams
-                .gasConfig
-                .maxBaseFeeMultiplierCapPct = DEFAULT_MAX_BASE_FEE_MULTIPLIER_CAP_PCT;
-        }
+        // Validate the new parameters, including setting default gas config
+        _validateAndPrepareSubscriptionParams(newParams);
 
         // Handle activation/deactivation
         if (!wasActive && willBeActive) {
@@ -173,6 +120,83 @@ abstract contract Scheduler is IScheduler, SchedulerState {
         emit SubscriptionUpdated(subscriptionId);
     }
 
+    /**
+     * @notice Validates subscription parameters and sets default gas config if needed.
+     * @dev This function modifies the passed-in params struct in place for gas config defaults.
+     * @param params The subscription parameters to validate and prepare.
+     */
+    function _validateAndPrepareSubscriptionParams(
+        SubscriptionParams memory params
+    ) internal pure {
+        // No zero‐feed subscriptions
+        if (params.priceIds.length == 0) {
+            revert EmptyPriceIds();
+        }
+
+        // Price ID limits and uniqueness
+        if (params.priceIds.length > MAX_PRICE_IDS_PER_SUBSCRIPTION) {
+            revert TooManyPriceIds(
+                params.priceIds.length,
+                MAX_PRICE_IDS_PER_SUBSCRIPTION
+            );
+        }
+        for (uint i = 0; i < params.priceIds.length; i++) {
+            for (uint j = i + 1; j < params.priceIds.length; j++) {
+                if (params.priceIds[i] == params.priceIds[j]) {
+                    revert DuplicatePriceId(params.priceIds[i]);
+                }
+            }
+        }
+
+        // Whitelist size limit and uniqueness
+        if (params.readerWhitelist.length > MAX_READER_WHITELIST_SIZE) {
+            revert TooManyWhitelistedReaders(
+                params.readerWhitelist.length,
+                MAX_READER_WHITELIST_SIZE
+            );
+        }
+        for (uint i = 0; i < params.readerWhitelist.length; i++) {
+            for (uint j = i + 1; j < params.readerWhitelist.length; j++) {
+                if (params.readerWhitelist[i] == params.readerWhitelist[j]) {
+                    revert DuplicateWhitelistAddress(params.readerWhitelist[i]);
+                }
+            }
+        }
+
+        // Validate update criteria
+        if (
+            !params.updateCriteria.updateOnHeartbeat &&
+            !params.updateCriteria.updateOnDeviation
+        ) {
+            revert InvalidUpdateCriteria();
+        }
+        if (
+            params.updateCriteria.updateOnHeartbeat &&
+            params.updateCriteria.heartbeatSeconds == 0
+        ) {
+            revert InvalidUpdateCriteria();
+        }
+        if (
+            params.updateCriteria.updateOnDeviation &&
+            params.updateCriteria.deviationThresholdBps == 0
+        ) {
+            revert InvalidUpdateCriteria();
+        }
+
+        // If gas config is unset, set it to the default (100x multipliers)
+        if (
+            params.gasConfig.maxBaseFeeMultiplierCapPct == 0 ||
+            params.gasConfig.maxPriorityFeeMultiplierCapPct == 0
+        ) {
+            params
+                .gasConfig
+                .maxPriorityFeeMultiplierCapPct = DEFAULT_MAX_PRIORITY_FEE_MULTIPLIER_CAP_PCT;
+            params
+                .gasConfig
+                .maxBaseFeeMultiplierCapPct = DEFAULT_MAX_BASE_FEE_MULTIPLIER_CAP_PCT;
+        }
+    }
+
     /**
      * @notice Internal helper to clear stored PriceFeed data for price IDs removed from a subscription.
      * @param subscriptionId The ID of the subscription being updated.
@@ -243,10 +267,11 @@ abstract contract Scheduler is IScheduler, SchedulerState {
 
         // Parse price feed updates with an expected timestamp range of [-10s, now]
         // We will validate the trigger conditions and timestamps ourselves
-        // using the returned PriceFeeds.
         uint64 curTime = SafeCast.toUint64(block.timestamp);
         uint64 maxPublishTime = curTime + FUTURE_TIMESTAMP_MAX_VALIDITY_PERIOD;
-        uint64 minPublishTime = curTime - PAST_TIMESTAMP_MAX_VALIDITY_PERIOD;
+        uint64 minPublishTime = curTime > PAST_TIMESTAMP_MAX_VALIDITY_PERIOD
+            ? curTime - PAST_TIMESTAMP_MAX_VALIDITY_PERIOD
+            : 0;
         PythStructs.PriceFeed[] memory priceFeeds;
         uint64[] memory slots;
         (priceFeeds, slots) = pyth.parsePriceFeedUpdatesWithSlots{
@@ -721,8 +746,9 @@ abstract contract Scheduler is IScheduler, SchedulerState {
     function getMinimumBalance(
         uint8 numPriceFeeds
     ) external pure override returns (uint256 minimumBalanceInWei) {
-        // Simple implementation - minimum balance is 0.01 ETH per price feed
-        return numPriceFeeds * 0.01 ether;
+        // Placeholder implementation
+        // TODO: make this governable
+        return uint256(numPriceFeeds) * 0.01 ether;
     }
 
     // ACCESS CONTROL MODIFIERS

target_chains/ethereum/contracts/contracts/pulse/scheduler/SchedulerErrors.sol

@@ -2,18 +2,31 @@
 
 pragma solidity ^0.8.0;
 
+// Authorization errors
+error Unauthorized();
+
+// Subscription state errors
 error InactiveSubscription();
 error InsufficientBalance();
-error Unauthorized();
+error IllegalPermanentSubscriptionModification();
+
+// Price feed errors
 error InvalidPriceId(bytes32 providedPriceId, bytes32 expectedPriceId);
 error InvalidPriceIdsLength(bytes32 providedLength, bytes32 expectedLength);
+error EmptyPriceIds();
+error TooManyPriceIds(uint256 provided, uint256 maximum);
+error DuplicatePriceId(bytes32 priceId);
+error PriceSlotMismatch();
+
+// Update criteria errors
 error InvalidUpdateCriteria();
 error InvalidGasConfig();
-error PriceSlotMismatch();
-error TooManyPriceIds(uint256 provided, uint256 maximum);
 error UpdateConditionsNotMet();
-error IllegalPermanentSubscriptionModification();
 error TimestampOlderThanLastUpdate(
     uint256 providedUpdateTimestamp,
     uint256 lastUpdatedAt
 );
+
+// Whitelist errors
+error TooManyWhitelistedReaders(uint256 provided, uint256 maximum);
+error DuplicateWhitelistAddress(address addr);

target_chains/ethereum/contracts/contracts/pulse/scheduler/SchedulerState.sol

@@ -7,6 +7,8 @@ import "@pythnetwork/pyth-sdk-solidity/PythStructs.sol";
 contract SchedulerState {
     /// Maximum number of price feeds per subscription
     uint8 public constant MAX_PRICE_IDS_PER_SUBSCRIPTION = 255;
+    /// Maximum number of addresses in the reader whitelist
+    uint8 public constant MAX_READER_WHITELIST_SIZE = 255;
     /// Default max gas multiplier
     uint32 public constant DEFAULT_MAX_BASE_FEE_MULTIPLIER_CAP_PCT = 10_000;
     /// Default max fee multiplier