Refine fetch externalities

[tomusdrw]

Related: #694
Closes: #880

[coderabbitai]

📝 Walkthrough

Summary by CodeRabbit

Release Notes

• Refactor
  • Streamlined work package processing by consolidating authorization and refinement data into a unified fetch data structure
  • Reorganized fetch externalities modules for improved code maintainability and clarity
  • Simplified parameter passing in authorization and refinement workflows

Walkthrough

Consolidates work-package inputs into a new WorkPackageFetchData and threads it through authorization and refinement. IsAuthorized.invoke and Refine.invoke signatures changed to accept WorkPackageFetchData; buildWorkPackageFetchData was added to precompute package view and work-item summaries. New in-core externalities implementations (IsAuthorizedFetchExternalities, RefineFetchExternalities) and companion helpers (encodeWorkItemSummary, u64ToArrayIndex) were added. Tests updated/added to exercise the new fetch-data-driven behavior. Transition externalities barrel removed legacy re-exports.

Estimated code review effort

🎯 4 (Complex) | ⏱️ ~45 minutes

Possibly related PRs

• Initial refine #859: Introduced initial refine/fetch externalities and WorkPackageFetchData shaping that this PR continues and refactors.
• Authorization checking #940: Modifies authorization/refine call paths and how WorkPackageFetchData is provided to IsAuthorized and related externalities.
• Fetch Refactor #934: Refactors fetch externalities into context-specific implementations impacting the same interfaces and callers.

Suggested reviewers

• DrEverr
• mateuszsikora

Poem

🐰 I hopped through bytes and packaged the hay,
I threaded summaries in a tidy array.
Tokens and traces tucked in a row,
Fetch-data ready — ready to go.
Hooray for clean paths, nibble-nibble, hooray!

🚥 Pre-merge checks | ✅ 4 | ❌ 1

❌ Failed checks (1 warning)

Check name	Status	Explanation	Resolution
Docstring Coverage	⚠️ Warning	Docstring coverage is 13.33% which is insufficient. The required threshold is 80.00%.	Write docstrings for the functions missing them to satisfy the coverage threshold.

✅ Passed checks (4 passed)

Check name	Status	Explanation
Title check	✅ Passed	The title 'Refine fetch externalities' is concise and directly describes the main focus of the PR, which is refactoring and implementing fetch externalities.
Description check	✅ Passed	The PR description references related issue #694 and closes issue #880, which is directly related to the fetch externalities refactoring work performed in the PR.
Linked Issues check	✅ Passed	The PR successfully implements and refactors fetch externalities to support the refine context [#880]. It restructures authorization and refinement data flow to use WorkPackageFetchData, removes placeholder implementations, and introduces proper fetch externalities classes.
Out of Scope Changes check	✅ Passed	All changes are directly related to the objective of implementing and refactoring fetch externalities [#880]. No unrelated modifications to other features or areas were introduced.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing Touches

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Commit unit tests in branch td-refine-fetch

---

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[coderabbitai]

Actionable comments posted: 4

🤖 Prompt for all review comments with AI agents

Verify each finding against the current code and only fix it if needed.

Inline comments:
In `@packages/jam/in-core/is-authorized.ts`:
- Around line 46-52: The invoke function reads
authCodeHost/authCodeHash/authConfiguration from workPackage while other code
reads authToken/authConfiguration from packageFetchData, risking divergent
inputs; update invoke in is-authorized.ts to use a single source of truth by
deriving all authorization inputs from packageFetchData (or alternatively
require workPackage as canonical) and remove mixed reads, and add a strict
fail-fast check that compares authCodeHost/authCodeHash/authConfiguration from
workPackage against the corresponding values in packageFetchData (and/or
authToken/authorizerHash) before running invoke/PVM so any mismatch throws an
error; reference the invoke method, workPackage, packageFetchData, authCodeHost,
authCodeHash, authConfiguration, authToken and authorizerHash when making the
change.

In `@packages/jam/transition/externalities/refine-fetch-externalities.test.ts`:
- Around line 179-183: The test currently only asserts the invalid work-item
selection path; add an assertion that covers the invalid segment-index branch by
invoking workItemImport with a valid work-item index (e.g., tryAsU64(0)) and an
out-of-range import index (e.g., tryAsU64(10)) and assert it returns null.
Locate the test using prepareRefineData and workItemImport and add the new
assert.strictEqual(ext.workItemImport(tryAsU64(0), tryAsU64(10)), null) to the
same it block.
- Around line 168-170: The test fixture for ImportedSegment is using unsafe
casts ("as never") which bypass the module's opaque/index typing; replace the
casts by constructing the real typed values instead: use the project's
opaque/index conversion or validation helper (e.g., the
tryAs*/ensure*/fromNumber helper for the index) to produce a properly typed
index for ImportedSegment, and pass Bytes.fromBlob(segBytes, 16) without erasing
types so the ImportedSegment.data matches its declared Bytes type; remove both
"as never" occurrences and build the object via the real helpers referenced by
ImportedSegment, asKnownSize, Bytes.fromBlob and segBytes.

In `@packages/jam/transition/externalities/refine-fetch-externalities.ts`:
- Around line 8-22: The import of ImportedSegment and PerWorkItem from
in-core/refine.ts creates a circular dependency; extract the shared types into a
neutral module (e.g., a new refine-types module) and export ImportedSegment and
PerWorkItem (and any other types both files need) from there, then update
refine-fetch-externalities.ts to import ImportedSegment and PerWorkItem from
that new neutral module and likewise update in-core/refine.ts to import those
types from the same module so both sides no longer import each other.

🪄 Autofix (Beta)

Fix all unresolved CodeRabbit comments on this PR:

• Push a commit to this branch (recommended)
• Create a new PR with the fixes

---

ℹ️ Review info

⚙️ Run configuration

Configuration used: Path: .coderabbit.yaml

Review profile: CHILL

Plan: Pro

Run ID: 2c684f58-6b9b-4375-a3fe-55c5c3fbe1fc

📥 Commits

Reviewing files that changed from the base of the PR and between 7338c21 and 1e9aa96.

⛔ Files ignored due to path filters (1)

• package-lock.json is excluded by !**/package-lock.json

📒 Files selected for processing (9)

• packages/jam/in-core/in-core.ts
• packages/jam/in-core/is-authorized.test.ts
• packages/jam/in-core/is-authorized.ts
• packages/jam/in-core/refine.ts
• packages/jam/transition/externalities/fetch-externalities.ts
• packages/jam/transition/externalities/is-authorized-fetch-externalities.test.ts
• packages/jam/transition/externalities/is-authorized-fetch-externalities.ts
• packages/jam/transition/externalities/refine-fetch-externalities.test.ts
• packages/jam/transition/externalities/refine-fetch-externalities.ts

[tomusdrw]

@coderabbitai full review

[coderabbitai]

✅ Actions performed

Full review triggered.

[coderabbitai]

Actionable comments posted: 2

🧹 Nitpick comments (3)

packages/jam/in-core/externalities/is-authorized-fetch.ts (1)

14-17: Prefer a static builder over a public constructor here.

This is part of the refactor’s new externality surface, so exposing new IsAuthorizedFetchExternalities(...) makes call sites depend on construction details. A create()/new() factory with a private constructor keeps this aligned with the repo pattern and leaves room for validation later.

Suggested shape

 export class IsAuthorizedFetchExternalities implements general.IIsAuthorizedFetch {
   readonly context = general.FetchContext.IsAuthorized;
 
-  constructor(
+  static create(chainSpec: ChainSpec, pkg: WorkPackageFetchData) {
+    return new IsAuthorizedFetchExternalities(chainSpec, pkg);
+  }
+
+  private constructor(
     private readonly chainSpec: ChainSpec,
     private readonly pkg: WorkPackageFetchData,
   ) {}

As per coding guidelines, "keep constructors private and push logic into static builder methods (avoid constructor overloading)."

🤖 Prompt for AI Agents

Verify each finding against the current code and only fix it if needed.

In `@packages/jam/in-core/externalities/is-authorized-fetch.ts` around lines 14 -
17, Make the public constructor of IsAuthorizedFetchExternalities private and
add a static factory method (e.g., create(chainSpec: ChainSpec, pkg:
WorkPackageFetchData): IsAuthorizedFetchExternalities) that constructs and
returns the instance; update call sites to use
IsAuthorizedFetchExternalities.create(...) so callers don't depend on
construction details and you can add validation later. Ensure the class name
IsAuthorizedFetchExternalities and parameter types ChainSpec and
WorkPackageFetchData are used exactly as in the diff.

packages/jam/in-core/externalities/refine-fetch.ts (2)

24-29: Prefer an opaque sized integer over number for currentWorkItemIndex.

Using plain number here weakens range guarantees; a U32 (or equivalent opaque bounded type) plus checked conversion would better match surrounding index-safety patterns.

As per coding guidelines, “Prefer Opaque sized-integer types (U16/U32/U64) and use tryAs* / ensure+check for conversions rather than unsafe casts.”

🤖 Prompt for AI Agents

Verify each finding against the current code and only fix it if needed.

In `@packages/jam/in-core/externalities/refine-fetch.ts` around lines 24 - 29,
RefineFetchData currently types currentWorkItemIndex as number; change it to the
opaque sized-integer type used elsewhere (e.g. U32) and import that type, then
update all places that construct RefineFetchData to convert/validate with the
project’s checked conversion helpers (e.g. tryAsU32 or ensure+check) instead of
casting, and adjust any downstream consumers to accept U32 (or call .toNumber()
only where a plain number is explicitly required). Ensure the symbol
RefineFetchData and field currentWorkItemIndex are updated, and that conversion
calls reference the existing checked conversion utilities used across
WorkPackageFetchData handling.

---

40-43: Use a private constructor with a static builder for this refactor.

Please align this class construction pattern with the repo rule for this refactor.

Suggested shape

 export class RefineFetchExternalities implements general.IRefineFetch {
@@
-  constructor(
+  private constructor(
     private readonly chainSpec: ChainSpec,
     private readonly data: RefineFetchData,
   ) {}
+
+  static create(chainSpec: ChainSpec, data: RefineFetchData): RefineFetchExternalities {
+    return new RefineFetchExternalities(chainSpec, data);
+  }

As per coding guidelines, “keep constructors private and push logic into static builder methods (avoid constructor overloading).”

🤖 Prompt for AI Agents

Verify each finding against the current code and only fix it if needed.

In `@packages/jam/in-core/externalities/refine-fetch.ts` around lines 40 - 43,
Make the constructor of the RefineFetch class private and add a static builder
method (e.g., static create(chainSpec: ChainSpec, data: RefineFetchData):
RefineFetch) that calls the private constructor; move any construction logic out
of the constructor into that static method and update all call sites to use
RefineFetch.create(...) instead of new RefineFetch(...). Ensure the new static
method preserves types and visibility, and keep the original constructor
signature but change its modifier to private so instantiation only happens via
the builder.

🤖 Prompt for all review comments with AI agents

Verify each finding against the current code and only fix it if needed.

Inline comments:
In `@packages/jam/in-core/externalities/refine-fetch.ts`:
- Around line 62-89: Both workItemExtrinsic and workItemImport use
this.data.currentWorkItemIndex directly when workItem === null, which can index
out-of-range and cause a crash; change the ternary so that when workItem ===
null you convert and guard the currentWorkItemIndex via
u64ToArrayIndex(this.data.currentWorkItemIndex, this.data.extrinsics.length) in
workItemExtrinsic and u64ToArrayIndex(this.data.currentWorkItemIndex,
this.data.imports.length) in workItemImport, then return null if that conversion
yields null before accessing perItem or perItem.length.

In `@packages/jam/in-core/refine.ts`:
- Around line 72-80: The invoke() implementation mixes two sources for the
“current” work item (the explicit parameter item versus the entry in
packageFetchData/currentWorkItemIndex), which can cause the VM to operate on one
item while fetch-based summaries/payloads come from another; fix by deriving the
current item consistently from packageFetchData using idx (e.g. let currentItem
= packageFetchData.items[idx]) when preparing code lookup, gas, payload hash,
PVM args and when wiring fetch host calls, or if you prefer a minimal change add
a strict fail-fast check in invoke() (and the similar logic around lines
119–126) that compares the passed-in item to packageFetchData[idx] and
immediately return/error if they differ before creating externalities. Ensure
all uses (code lookup, gas, payload hash, PVM args, fetch wiring) reference the
single canonical currentItem.

---

Nitpick comments:
In `@packages/jam/in-core/externalities/is-authorized-fetch.ts`:
- Around line 14-17: Make the public constructor of
IsAuthorizedFetchExternalities private and add a static factory method (e.g.,
create(chainSpec: ChainSpec, pkg: WorkPackageFetchData):
IsAuthorizedFetchExternalities) that constructs and returns the instance; update
call sites to use IsAuthorizedFetchExternalities.create(...) so callers don't
depend on construction details and you can add validation later. Ensure the
class name IsAuthorizedFetchExternalities and parameter types ChainSpec and
WorkPackageFetchData are used exactly as in the diff.

In `@packages/jam/in-core/externalities/refine-fetch.ts`:
- Around line 24-29: RefineFetchData currently types currentWorkItemIndex as
number; change it to the opaque sized-integer type used elsewhere (e.g. U32) and
import that type, then update all places that construct RefineFetchData to
convert/validate with the project’s checked conversion helpers (e.g. tryAsU32 or
ensure+check) instead of casting, and adjust any downstream consumers to accept
U32 (or call .toNumber() only where a plain number is explicitly required).
Ensure the symbol RefineFetchData and field currentWorkItemIndex are updated,
and that conversion calls reference the existing checked conversion utilities
used across WorkPackageFetchData handling.
- Around line 40-43: Make the constructor of the RefineFetch class private and
add a static builder method (e.g., static create(chainSpec: ChainSpec, data:
RefineFetchData): RefineFetch) that calls the private constructor; move any
construction logic out of the constructor into that static method and update all
call sites to use RefineFetch.create(...) instead of new RefineFetch(...).
Ensure the new static method preserves types and visibility, and keep the
original constructor signature but change its modifier to private so
instantiation only happens via the builder.

🪄 Autofix (Beta)

Fix all unresolved CodeRabbit comments on this PR:

• Push a commit to this branch (recommended)
• Create a new PR with the fixes

---

ℹ️ Review info

⚙️ Run configuration

Configuration used: Path: .coderabbit.yaml

Review profile: CHILL

Plan: Pro

Run ID: 789b610f-80e0-498e-aa8e-ad6b03b58434

📥 Commits

Reviewing files that changed from the base of the PR and between 10b197e and f5d0e71.

⛔ Files ignored due to path filters (1)

• package-lock.json is excluded by !**/package-lock.json

📒 Files selected for processing (14)

• packages/jam/in-core/externalities/index.ts
• packages/jam/in-core/externalities/is-authorized-fetch.test.ts
• packages/jam/in-core/externalities/is-authorized-fetch.ts
• packages/jam/in-core/externalities/refine-fetch.test.ts
• packages/jam/in-core/externalities/refine-fetch.ts
• packages/jam/in-core/in-core.ts
• packages/jam/in-core/is-authorized.test.ts
• packages/jam/in-core/is-authorized.ts
• packages/jam/in-core/refine.ts
• packages/jam/transition/externalities/fetch-externalities.ts
• packages/jam/transition/externalities/index.ts
• packages/jam/transition/externalities/is-authorized-fetch-externalities.ts
• packages/jam/transition/externalities/refine-fetch-externalities.test.ts
• packages/jam/transition/externalities/refine-fetch-externalities.ts

💤 Files with no reviewable changes (4)

• packages/jam/transition/externalities/index.ts
• packages/jam/transition/externalities/refine-fetch-externalities.test.ts
• packages/jam/transition/externalities/is-authorized-fetch-externalities.ts
• packages/jam/transition/externalities/refine-fetch-externalities.ts

[github-actions]

View all

File	Benchmark	Ops
bytes/hex-from.ts[0]	parse hex using Number with NaN checking	49982.34 ±5.64%	86.82% slower
bytes/hex-from.ts[1]	parse hex from char codes	379319.09 ±3.45%	fastest ✅
bytes/hex-from.ts[2]	parse hex from string nibbles	214347.36 ±3.7%	43.49% slower
bytes/hex-to.ts[0]	number toString + padding	78954.41 ±3.66%	fastest ✅
bytes/hex-to.ts[1]	manual	6873.31 ±2.3%	91.29% slower
codec/bigint.compare.ts[0]	compare custom	77306251.67 ±8.4%	fastest ✅
codec/bigint.compare.ts[1]	compare bigint	77187795.78 ±6.33%	0.15% slower
codec/bigint.decode.ts[0]	decode custom	65782705.99 ±4.28%	27.14% slower
codec/bigint.decode.ts[1]	decode bigint	90285898.76 ±4.85%	fastest ✅
codec/decoding.ts[0]	manual decode	8647546.42 ±4.44%	87.55% slower
codec/decoding.ts[1]	int32array decode	69440752.53 ±3.15%	fastest ✅
codec/decoding.ts[2]	dataview decode	59256456.51 ±5.04%	14.67% slower
codec/encoding.ts[0]	manual encode	931193.16 ±3.94%	19.38% slower
codec/encoding.ts[1]	int32array encode	1155052.2 ±2.4%	fastest ✅
codec/encoding.ts[2]	dataview encode	1128349.78 ±2.27%	2.31% slower
collections/map-set.ts[0]	2 gets + conditional set	60230.3 ±2.98%	fastest ✅
collections/map-set.ts[1]	1 get 1 set	41930.62 ±2.09%	30.38% slower
logger/index.ts[0]	console.log with string concat	5458533.66 ±18.86%	fastest ✅
logger/index.ts[1]	console.log with args	1256229.41 ±59.39%	76.99% slower
math/add_one_overflow.ts[0]	add and take modulus	1120350.62 ±36.75%	98.42% slower
math/add_one_overflow.ts[1]	condition before calculation	70838214.61 ±7.26%	fastest ✅
math/count-bits-u32.ts[0]	standard method	44365039.22 ±2.71%	47.95% slower
math/count-bits-u32.ts[1]	magic	85238197.47 ±4.46%	fastest ✅
math/count-bits-u64.ts[0]	standard method	3916534.44 ±3.64%	83.52% slower
math/count-bits-u64.ts[1]	magic	23767275.62 ±2.97%	fastest ✅
math/mul_overflow.ts[0]	multiply and bring back to u32	90313221.59 ±6.15%	1.19% slower
math/mul_overflow.ts[1]	multiply and take modulus	91405464.91 ±5.66%	fastest ✅
math/switch.ts[0]	switch	88605561.69 ±7.29%	fastest ✅
math/switch.ts[1]	if	78227863.5 ±9.23%	11.71% slower
hash/index.ts[0]	hash with numeric representation	57.11 ±4.62%	23.43% slower
hash/index.ts[1]	hash with string representation	37.5 ±4.1%	49.73% slower
hash/index.ts[2]	hash with symbol representation	45.6 ±7.79%	38.87% slower
hash/index.ts[3]	hash with uint8 representation	66.94 ±4.16%	10.26% slower
hash/index.ts[4]	hash with packed representation	74.59 ±7.24%	fastest ✅
hash/index.ts[5]	hash with bigint representation	63.76 ±3.22%	14.52% slower
hash/index.ts[6]	hash with uint32 representation	72.43 ±7.08%	2.9% slower
bytes/bytes-to-number.ts[0]	Conversion with bitops	2935.14 ±5.32%	fastest ✅
bytes/bytes-to-number.ts[1]	Conversion without bitops	1985.86 ±5.1%	32.34% slower
bytes/compare.ts[0]	Comparing Uint32 bytes	9124.98 ±3.13%	fastest ✅
bytes/compare.ts[1]	Comparing raw bytes	8166.23 ±4.61%	10.51% slower
codec/view_vs_collection.ts[0]	Get first element from Decoded	11229.46 ±4.93%	56.16% slower
codec/view_vs_collection.ts[1]	Get first element from View	25612.23 ±6.09%	fastest ✅
codec/view_vs_collection.ts[2]	Get 50th element from Decoded	9441.22 ±4.27%	63.14% slower
codec/view_vs_collection.ts[3]	Get 50th element from View	13180.52 ±4.77%	48.54% slower
codec/view_vs_collection.ts[4]	Get last element from Decoded	10141 ±4.57%	60.41% slower
codec/view_vs_collection.ts[5]	Get last element from View	9005.78 ±3.71%	64.84% slower
codec/view_vs_object.ts[0]	Get the first field from Decoded	138931.84 ±4.42%	18.33% slower
codec/view_vs_object.ts[1]	Get the first field from View	37873.8 ±4.74%	77.74% slower
codec/view_vs_object.ts[2]	Get the first field as view from View	41110.97 ±4.08%	75.83% slower
codec/view_vs_object.ts[3]	Get two fields from Decoded	170120.28 ±3.61%	fastest ✅
codec/view_vs_object.ts[4]	Get two fields from View	33428.97 ±4.34%	80.35% slower
codec/view_vs_object.ts[5]	Get two fields from materialized from View	68291.29 ±4.09%	59.86% slower
codec/view_vs_object.ts[6]	Get two fields as views from View	29773.32 ±5.52%	82.5% slower
codec/view_vs_object.ts[7]	Get only third field from Decoded	159778.34 ±4.78%	6.08% slower
codec/view_vs_object.ts[8]	Get only third field from View	42053.18 ±4.18%	75.28% slower
codec/view_vs_object.ts[9]	Get only third field as view from View	38568.78 ±4.66%	77.33% slower
collections/map_vs_sorted.ts[0]	Map	123897.95 ±0.45%	fastest ✅
collections/map_vs_sorted.ts[1]	Map-array	45174.22 ±0.42%	63.54% slower
collections/map_vs_sorted.ts[2]	Array	45323.96 ±0.59%	63.42% slower
collections/map_vs_sorted.ts[3]	SortedArray	80880.36 ±0.24%	34.72% slower
collections/hash-dict-vs-blob-dict_delete.ts[0]	StringHashDictionary	2635.4 ±0.54%	fastest ✅
collections/hash-dict-vs-blob-dict_delete.ts[1]	BlobDictionary(1)	1399.53 ±90.79%	46.89% slower
collections/hash-dict-vs-blob-dict_delete.ts[2]	BlobDictionary(2)	2398.98 ±4.55%	8.97% slower
collections/hash-dict-vs-blob-dict_delete.ts[3]	BlobDictionary(3)	2579.03 ±0.94%	2.14% slower
collections/hash-dict-vs-blob-dict_delete.ts[4]	BlobDictionary(4)	2383.7 ±3.56%	9.55% slower
collections/hash-dict-vs-blob-dict_delete.ts[5]	BlobDictionary(5)	2571.31 ±0.66%	2.43% slower
collections/hash-dict-vs-blob-dict_get.ts[0]	StringHashDictionary	2534.55 ±3.74%	5.97% slower
collections/hash-dict-vs-blob-dict_get.ts[1]	BlobDictionary(1)	2695.59 ±3.44%	fastest ✅
collections/hash-dict-vs-blob-dict_get.ts[2]	BlobDictionary(2)	2470.3 ±2.62%	8.36% slower
collections/hash-dict-vs-blob-dict_get.ts[3]	BlobDictionary(3)	2291.75 ±2.77%	14.98% slower
collections/hash-dict-vs-blob-dict_get.ts[4]	BlobDictionary(4)	2321.77 ±2.9%	13.87% slower
collections/hash-dict-vs-blob-dict_get.ts[5]	BlobDictionary(5)	2311.64 ±3.11%	14.24% slower
collections/hash-dict-vs-blob-dict_set.ts[0]	StringHashDictionary	2253.36 ±2.34%	0.65% slower
collections/hash-dict-vs-blob-dict_set.ts[1]	BlobDictionary(1)	2097.17 ±2.2%	7.53% slower
collections/hash-dict-vs-blob-dict_set.ts[2]	BlobDictionary(2)	2268.04 ±1.27%	fastest ✅
collections/hash-dict-vs-blob-dict_set.ts[3]	BlobDictionary(3)	2253.44 ±0.73%	0.64% slower
collections/hash-dict-vs-blob-dict_set.ts[4]	BlobDictionary(4)	2190.06 ±1.83%	3.44% slower
collections/hash-dict-vs-blob-dict_set.ts[5]	BlobDictionary(5)	2198.06 ±0.6%	3.09% slower
hash/blake2b.ts[0]	our hasher	0.98 ±5.6%	fastest ✅
hash/blake2b.ts[1]	blake2b js	0.03 ±3.22%	96.94% slower
crypto/ed25519.ts[0]	native crypto	5.77 ±0.91%	fastest ✅
crypto/ed25519.ts[1]	wasm lib	2.28 ±0.24%	60.49% slower
crypto/ed25519.ts[2]	wasm lib batch	2.26 ±0.2%	60.83% slower

Benchmarks summary: 83/83 OK ✅