fix activity webhook returning 200 before chain work finishes

[mooncitydev]

hey, noticed the alchemy address activity hook was firing Promise.allSettled for deploy/poke work but never awaited it, then returned 200 right away. so the caller thought everything succeeded while txs could still fail in the background and only hit sentry.

now we await that pipeline and return 500 when any account pipeline rejects so alchemy (or whatever sits in front) can retry instead of silently losing the run.

also dropped status 200 on the valibot validator hook for bad payloads so invalid json/signature cases go through the default 400 from validatorHook instead of pretending success.

cheers

---

Summary by CodeRabbit

• Bug Fixes
  • Enhanced error handling in activity processing operations to improve system reliability.
  • Improved error tracking and response messages for better troubleshooting when activities fail.

[changeset-bot]

⚠️ No Changeset found

Latest commit: 113b92f

Merging this PR will not cause a version bump for any packages. If these changes should not result in a new version, you're good to go. If these changes should result in a version bump, you need to add a changeset.

This PR includes no changesets

When changesets are added to this PR, you'll see the packages that this PR includes changesets for and the associated semver types

Click here to learn what changesets are, and how to add one.

Click here if you're a maintainer who wants to add a changeset to this PR

[coderabbitai]

Walkthrough

Refactors the activity hook's error handling and control flow in server/hooks/activity.ts. Replaces promise chaining with await Promise.allSettled within try/catch blocks, explicitly tracks rejected activities, sets Sentry span status based on overall fulfillment, and introduces separate HTTP 500 error responses for activity failures and uncaught exceptions.

Changes

Cohort / File(s)	Summary
Activity Hook Error Handling server/hooks/activity.ts	Refactors main activity-processing control flow from .then/.catch chaining to await Promise.allSettled with explicit rejection counting. Removes HTTP status from alchemy validation error hook. Adds top-level exception handler returning { code: "activityError" } response. Sets Sentry span status based on activity fulfillment and returns HTTP 500 on any activity rejection.

Estimated code review effort

🎯 3 (Moderate) | ⏱️ ~20 minutes

Possibly related PRs

• ✅ server: fix activity hook flake #818 — Updates activity hook tests to align with the refactored control flow and error handling behavior introduced in this PR.
• ✨ server: support multi-chain account creation in activity webhook #965 — Modifies the same server/hooks/activity.ts file's activity-processing control flow and error/validation handling patterns.

Suggested reviewers

• nfmelendez

🚥 Pre-merge checks | ✅ 4

✅ Passed checks (4 passed)

Check name	Status	Explanation
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.
Title check	✅ Passed	The title directly and accurately describes the main fix: the activity webhook was returning HTTP 200 before awaiting critical chain work, and this PR corrects that behavior.
Linked Issues check	✅ Passed	Check skipped because no linked issues were found for this pull request.
Out of Scope Changes check	✅ Passed	Check skipped because no linked issues were found for this pull request.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing Touches

🧪 Generate unit tests (beta)

• Create PR with unit tests

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Review rate limit: 0/1 reviews remaining, refill in 60 minutes.}

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[devin-ai-integration]

Devin Review found 2 potential issues.

View 2 additional findings in Devin Review.

[devin-ai-integration]

🔴 Removed status: 200 from webhook validatorHook causes Alchemy to retry on validation failures

The status: 200 parameter was removed from the validatorHook call, so it now defaults to status: 400 (server/utils/validatorHook.ts:17). When Alchemy sends a webhook payload that fails validation, the endpoint now returns 400 instead of 200. Alchemy retries webhooks on non-200 responses, so malformed payloads will be retried repeatedly until the retry limit is exhausted — wasting resources and generating duplicate Sentry errors.

Every other webhook hook in the codebase explicitly passes status: 200 to acknowledge the webhook even when validation fails:

• server/hooks/bridge.ts:92 — status: 200
• server/hooks/block.ts:108 — status: 200
• server/hooks/manteca.ts:147 — status: 200
• server/hooks/persona.ts:207 — status: 200

Suggested change

	validatorHook({ code: "bad alchemy", debug }),
	validatorHook({ code: "bad alchemy", status: 200, debug }),

---

Was this helpful? React with 👍 or 👎 to provide feedback.

[devin-ai-integration]

🚩 Behavioral shift: webhook now blocks on processing and returns 500 on failure

The old code was fire-and-forget: Promise.allSettled(...) was not awaited, the handler immediately returned c.json({}) with a 200 status, and processing happened in the background. The new code awaits Promise.allSettled and returns 500 if any account processing fails (server/hooks/activity.ts:318-319). This means:

1. The HTTP response is delayed until all account creation, poke retries (up to 5 retries × 2s delay each), and error handling complete.
2. Alchemy receives 500 on processing failures and will retry the entire webhook, potentially re-triggering account creation and poke operations for accounts that already succeeded.

This may be intentional (the commit message says "await alchemy activity hook work before returning 200"), but the retry implications are worth considering — especially since Promise.allSettled collects both fulfilled and rejected results, so partial failures (e.g., 3/5 accounts succeed, 2 fail) will return 500 and Alchemy will retry all 5.

---

Was this helpful? React with 👍 or 👎 to provide feedback.

[gemini-code-assist]

Code Review

This pull request refactors the activity hook to use async/await for improved error handling and response management. The logic now explicitly awaits the results of account activities and returns a 500 status code if any operations fail. Feedback was provided regarding an unawaited promise chain in the autoCredit logic, which could lead to race conditions, and a suggestion to throw errors when expected database records are missing to better reflect data integrity issues.

[gemini-code-assist]

The autoCredit promise chain is not awaited, which means the parent function can resolve before the logic finishes. Additionally, when an expected database record (like a card) is not found, the code should throw an error rather than returning silently. This indicates a system or data integrity issue, making a 5xx-level error more appropriate.

                  await autoCredit(account)
                    .then(async (auto) => {
                      span.setAttribute("exa.autoCredit", auto);
                      if (!auto) return;
                      const credential = await database.query.credentials.findFirst({
                        where: eq(credentials.account, account),
                        columns: {},
                        with: {
                          cards: {
                            columns: { id: true, mode: true },
                            where: inArray(cards.status, ["ACTIVE", "FROZEN"]),
                          },
                        },
                      });
                      if (!credential || credential.cards.length === 0) {
                        throw new Error("Expected card record not found for account");
                      }
                      const card = credential.cards[0];
                      span.setAttribute("exa.card", card.id);
                      if (card.mode !== 0) return;
                      await database.update(cards).set({ mode: 1 }).where(eq(cards.id, card.id));
                      span.setAttribute("exa.mode", 1);
                      sendPushNotification({
                        userId: account,
                        headings: t("Card mode changed"),
                        contents: t("Credit mode activated"),
                      }).catch((error: unknown) => captureException(error));
                    })
                    .catch((error: unknown) => captureException(error));

References

1. Throw an error when an expected database record (like a card) is not found. This indicates a system or data integrity issue, not a client-side error that can be fixed by the user, so a 5xx-level error is more appropriate than a 4xx.

[coderabbitai]

Caution

Some comments are outside the diff and can’t be posted inline due to platform limitations.

⚠️ Outside diff range comments (1)

server/hooks/activity.ts (1)

141-159: ⚠️ Potential issue | 🔴 Critical

Add idempotency guards before enabling full-payload retries

Line [318] now returns 500 for any rejected account, which will make upstream retry the entire webhook payload. Because side effects happen earlier (Line [141] push notification, Line [200] analytics tracking), successful accounts can receive duplicate side effects on retry. This is a non-idempotent retry hazard and should be guarded (e.g., durable dedupe key per activity/account before side effects).

Also applies to: 200-200, 318-320

---

ℹ️ Review info

⚙️ Run configuration

Configuration used: Organization UI

Review profile: ASSERTIVE

Plan: Pro

Run ID: ee86c277-4d49-45a9-9d65-aa8ccff47679

📥 Commits

Reviewing files that changed from the base of the PR and between dfbd4de and 113b92f.

📒 Files selected for processing (1)

• server/hooks/activity.ts

[chatgpt-codex-connector]

💡 Codex Review

Here are some automated review suggestions for this pull request.

Reviewed commit: 113b92f208

ℹ️ About Codex in GitHub

Codex has been enabled to automatically review pull requests in this repo. Reviews are triggered when you

• Open a pull request for review
• Mark a draft as ready
• Comment "@codex review".

If Codex has suggestions, it will comment; otherwise it will react with 👍.

When you sign up for Codex through ChatGPT, Codex can also answer questions or update the PR, like "@codex address that feedback".

[chatgpt-codex-connector]

Avoid retrying whole activity batch after partial success

Returning 500 when any account pipeline rejects causes Alchemy to retry the entire webhook payload, not just the failed account. In this handler, side effects (e.g., sendPushNotification in the transfer loop and successful exaSend calls for other accounts) can already be committed before this response is decided, and there is no webhook-event idempotency check, so a single failing account can repeatedly duplicate notifications/transactions for accounts that already succeeded.

Useful? React with 👍 / 👎.