Skip to content

added robinhood#8050

Open
mrben1 wants to merge 2 commits into
DefiLlama:masterfrom
mrben1:master
Open

added robinhood#8050
mrben1 wants to merge 2 commits into
DefiLlama:masterfrom
mrben1:master

Conversation

@mrben1

@mrben1 mrben1 commented Jul 10, 2026

Copy link
Copy Markdown
Contributor

NOTE

Please enable "Allow edits by maintainers" while putting up the PR.


  • If you would like to add a tvl adapter please submit the PR here.
  1. Once your adapter has been merged, it takes time to show on the UI. If more than 24 hours have passed, please let us know in Discord.
  2. Please fill the form below only if the PR is for listing a new protocol else it can be ignored/replaced with reason/details about the PR
  3. For updating listing info Please send a mail to metadata@defillama.com
  4. Do not edit/push package.json/package-lock.json file as part of your changes
  5. No need to go to our discord/other channel and announce that you've created a PR, we monitor all PRs and will review it asap

Name (to be shown on DefiLlama):
Twitter Link:
List of audit links if any:
Website Link:
Logo (High resolution, will be shown with rounded borders):
Current TVL:
Treasury Addresses (if the protocol has treasury)
Chain:
Coingecko ID (so your TVL can appear on Coingecko, leave empty if not listed): (https://api.coingecko.com/api/v3/coins/list)
Coinmarketcap ID (so your TVL can appear on Coinmarketcap, leave empty if not listed): (https://api.coinmarketcap.com/data-api/v3/map/all?listing_status=active,inactive,untracked&start=1&limit=10000)
Short Description (to be shown on DefiLlama):
Token address and ticker if any:
Category (full list at https://defillama.com/categories) *Please choose only one:
Oracle Provider(s): Specify the oracle(s) used (e.g., Chainlink, Band, API3, TWAP, etc.):
Implementation Details: Briefly describe how the oracle is integrated into your project:
Documentation/Proof: Provide links to documentation or any other resources that verify the oracle's usage:
forkedFrom (Does your project originate from another project):
methodology (what is being counted as tvl, how is tvl being calculated):
Github org/user (Optional, if your code is open source, we can track activity):
Does this project have a referral program?

@coderabbitai

coderabbitai Bot commented Jul 10, 2026

Copy link
Copy Markdown
Contributor

Review Change Stack

Summary by CodeRabbit

  • New Features
    • Added Robinhood volume data support through the Ape Store integration.
  • Changes
    • Volume results now include daily volume only; total volume and timestamp fields are no longer returned.

Walkthrough

The Ape Store adapter broadens its HTTP utility imports and updates Base, Ethereum, and Robinhood fetch implementations to return only dailyVolume. Robinhood posts start-of-day data with authorization to the Ape Store volume endpoint.

Changes

Ape Store volume adapter

Layer / File(s) Summary
Network volume fetch mappings
dexs/apestore/index.ts
Base, Ethereum, and Robinhood fetch results now contain only dailyVolume; the Robinhood request uses startOfDay and an authorization header.

Estimated code review effort: 2 (Simple) | ~10 minutes

Suggested labels: dexs

🚥 Pre-merge checks | ✅ 11 | ❌ 4

❌ Failed checks (4 warnings)

Check name Status Explanation Resolution
Title check ⚠️ Warning The title is not in the required [type] protocol-name - description format and does not clearly describe the adapter change. Use a title like “[add] Robinhood - add Ape Store Robinhood volume adapter” to match the repository format and summarize the change.
Description check ⚠️ Warning The PR description is only the template and contains no protocol-specific details, so it is largely incomplete for a new listing. Fill in the form with Robinhood-specific details such as name, website, chain, description, methodology, and proof links, or state the reason if not a new listing.
Pullhourly Required For Version 2 ⚠️ Warning dexs/apestore/index.ts is version 2 but has no explicit pullHourly key, so it violates the required v2 adapter setting. Add pullHourly: true to the adapter, or pullHourly: false with a comment if hourly pulls are impossible.
Adapter Shape ⚠️ Warning All three chains use the same start (1712265900), but the adapter still defines separate per-chain entries instead of a single shared chains/start shape. Consolidate to one chains array with a single start and parameterize fetch by chain; only use chainConfig if per-chain settings differ.
✅ Passed checks (11 passed)
Check name Status Explanation
Docstring Coverage ✅ Passed No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.
Linked Issues check ✅ Passed Check skipped because no linked issues were found for this pull request.
Out of Scope Changes check ✅ Passed Check skipped because no linked issues were found for this pull request.
Breakdown Methodology Check ✅ Passed apestore is a version-2 volume adapter with no .add() calls and no breakdownMethodology; the fee-adapter breakdown check is not applicable.
Income Statement Compliance ✅ Passed PASS: dexs/apestore only returns dailyVolume for a DEX volume adapter; no dailyFees/dailyRevenue/dailySupplySideRevenue fields are present, so the fees check doesn’t apply.
Version 2 Required ✅ Passed dexs/apestore/index.ts explicitly exports version: 2, so the new adapter meets the required format.
Dune Adapters Are Version 1 ✅ Passed dexs/apestore/index.ts has no Dune queries; it exports version 2 and only uses httpPost, so the Dune-specific v1 rule does not apply.
Income Statement Balance ✅ Passed Apestore is a volume adapter returning only dailyVolume; no fees fields or fees adapter files are changed, so the income-statement check is not applicable.
Fetchoptions Usage ✅ Passed All fetches use the single (options: FetchOptions) signature and return only dailyVolume; no old v1 args or timestamp fields remain.
Efficiency And Error Handling ✅ Passed No getLogs/api.call loops or swallowed errors were added; the hardcoded token/start values were preexisting, and the PR only changes returned fields.
Methodology Keys ✅ Passed No methodology object exists in the changed adapter file; the PR only adjusts fetch return fields to dailyVolume.
✨ Finishing Touches
✨ Simplify code
  • Create PR with simplified code

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

Comment @coderabbitai help to get the list of available commands.

@coderabbitai coderabbitai Bot added the dexs label Jul 10, 2026

@coderabbitai coderabbitai Bot left a comment

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Actionable comments posted: 2

🤖 Prompt for all review comments with AI agents
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

Inline comments:
In `@dexs/apestore/index.ts`:
- Around line 47-51: Replace the hardcoded Authorization value in the httpPost
call with a securely sourced environment variable or secret-store value, and
validate that it is configured before making the request; do not add a comment
to justify retaining the secret in source.
- Around line 53-57: Update the affected fetch return object to include only
dailyVolume; remove timestamp and deprecated totalVolume. Also inspect the
existing base and eth adapters in the same file and remove those fields from
their fetch results to keep all adapters consistent.
🪄 Autofix (Beta)

Fix all unresolved CodeRabbit comments on this PR:

  • Push a commit to this branch (recommended)
  • Create a new PR with the fixes

ℹ️ Review info
⚙️ Run configuration

Configuration used: Path: .coderabbit.yaml

Review profile: ASSERTIVE

Plan: Pro

Run ID: 19a24b61-2585-4932-9385-40f5269bb1bf

📥 Commits

Reviewing files that changed from the base of the PR and between f53de8f and 3132001.

📒 Files selected for processing (1)
  • dexs/apestore/index.ts

Comment thread dexs/apestore/index.ts
Comment on lines +47 to +51
const volumeData: VolumeInfo = await httpPost('https://api.ape.store/robinhood/volume', { date: options.startOfDay }, {
headers: {
"Authorization": "92ff54fa-80b7-4f2c-bae1-f862ea7525ae"
},
});

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

🔒 Security & Privacy | 🟠 Major | ⚡ Quick win

Hardcoded API key in source code without comment.

The Authorization header value "92ff54fa-80b7-4f2c-bae1-f862ea7525ae" is a secret hardcoded directly in source. Per coding guidelines, hardcoded values should have a comment and source link so maintainers can verify them. More importantly, embedding API keys in source code is a security risk — consider using an environment variable or secret store.

🤖 Prompt for AI Agents
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

In `@dexs/apestore/index.ts` around lines 47 - 51, Replace the hardcoded
Authorization value in the httpPost call with a securely sourced environment
variable or secret-store value, and validate that it is configured before making
the request; do not add a comment to justify retaining the secret in source.

Source: Coding guidelines

Comment thread dexs/apestore/index.ts

@coderabbitai coderabbitai Bot left a comment

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Caution

Some comments are outside the diff and can’t be posted inline due to platform limitations.

⚠️ Outside diff range comments (2)
dexs/apestore/index.ts (2)

17-17: 🔒 Security & Privacy | 🟠 Major | ⚡ Quick win

Hardcoded API key remains unaddressed.

The Authorization header value "92ff54fa-80b7-4f2c-bae1-f862ea7525ae" is still hardcoded across all three adapters (lines 17, 31, 45). This was previously flagged and has not been addressed. Per coding guidelines, hardcoded values should have a comment and source link. More importantly, embedding API keys in source is a security risk.

Also applies to: 31-31, 45-45

🤖 Prompt for AI Agents
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

In `@dexs/apestore/index.ts` at line 17, Remove the hardcoded Authorization value
from all three adapters using the affected request definitions, and load it from
a secure configuration source such as an environment variable or secret manager.
Validate that the configured credential exists before making requests and update
each Authorization header consistently.

15-15: 🎯 Functional Correctness | 🟡 Minor | ⚡ Quick win

Switch this adapter to version: 1. These endpoints take a daily date and return daily volume, so hourly v2 polling will just repeat the same request. If it stays v2, add pullHourly: true and drive the request from startTimestamp/fromTimestamp instead of startOfDay.

🤖 Prompt for AI Agents
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

In `@dexs/apestore/index.ts` at line 15, Update the ape.store adapter request
around VolumeInfo to use version: 1, since the endpoint is daily and keyed by
options.startOfDay; alternatively, retain version 2 only by setting pullHourly:
true and changing the request parameters to use startTimestamp/fromTimestamp.
🤖 Prompt for all review comments with AI agents
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

Outside diff comments:
In `@dexs/apestore/index.ts`:
- Line 17: Remove the hardcoded Authorization value from all three adapters
using the affected request definitions, and load it from a secure configuration
source such as an environment variable or secret manager. Validate that the
configured credential exists before making requests and update each
Authorization header consistently.
- Line 15: Update the ape.store adapter request around VolumeInfo to use
version: 1, since the endpoint is daily and keyed by options.startOfDay;
alternatively, retain version 2 only by setting pullHourly: true and changing
the request parameters to use startTimestamp/fromTimestamp.

ℹ️ Review info
⚙️ Run configuration

Configuration used: Path: .coderabbit.yaml

Review profile: ASSERTIVE

Plan: Pro

Run ID: f14addb2-3d0f-491e-a67e-8100a5e03c45

📥 Commits

Reviewing files that changed from the base of the PR and between 3132001 and bbfff36.

📒 Files selected for processing (1)
  • dexs/apestore/index.ts

@bheluga bheluga self-assigned this Jul 10, 2026
@bheluga

bheluga commented Jul 10, 2026

Copy link
Copy Markdown
Member

@mrben1 thanks for the PR
The code fails with status code 500, can you please test locally

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

Projects

None yet

Development

Successfully merging this pull request may close these issues.

2 participants