Make setting ck take extrinsics payable

[gztensor]

Motivation

increase_take and decrease_take were marked as Pays::No, which means these state-mutating delegate take changes did not pay normal transaction fees. These calls should be payable like other user-submitted staking operations.

What Changed

• Changed decrease_take dispatch metadata from Pays::No to Pays::Yes.
• Changed increase_take dispatch metadata from Pays::No to Pays::Yes.
• Added unit coverage asserting both calls remain DispatchClass::Normal and now report Pays::Yes.
• Bumped runtime spec_version from 417 to 418.

Behavioral Impact

Delegate take increase/decrease transactions now participate in normal fee payment. The existing origin checks, take bounds, ownership checks, rate limiting, and underlying staking logic are otherwise unchanged.

Migration / Spec Version

No storage migration is required. This is a runtime-affecting metadata change and includes the required spec_version bump.

Testing

• Added test_delegate_take_dispatch_info_pays_fee for the affected dispatch metadata.
• Author checklist indicates ./scripts/fix_rust.sh and unit tests were run locally.

[github-actions]

AI review — see the sticky summary comment for the verdict and the inline comments below for specific findings.

[github-actions]

[HIGH] Runtime fee semantics changed without a spec_version bump

This changes dispatch metadata for decrease_take from Pays::No to Pays::Yes, and the same PR also changes increase_take. That is a runtime-affecting semantic change, but the diff does not update runtime/src/lib.rs spec_version (currently 417). Shipping upgraded Wasm with the same spec version can leave nodes treating old native runtime code as compatible with the new on-chain runtime, which is especially risky here because old and new code disagree on whether these calls withdraw transaction fees. Bump spec_version in this PR.

[github-actions]

🛡️ AI Review — Skeptic (security review)

VERDICT: SAFE

BASELINE scrutiny: established contributor with repo write permission, substantial prior repo activity, no Gittensor allowlist match; branch feat/ck-take-settings-pays-yes -> devnet-ready.

Static-only review found no .github/ prompt/workflow changes, dependency changes, lockfile changes, or build-script changes. The delegate-take metadata changes are limited to Pays::Yes, include a runtime spec_version bump from 417 to 418, and the hotkey-swap pre-check accounts for the added Owner storage reads.

Findings

No findings.

Prior-comment reconciliation

• 97158285: addressed — The new-hotkey pre-check accrues reads(3) when the hotkey exists, covering hotkey_account_exists(new_hotkey) plus the two reads inside coldkey_owns_hotkey, and reads(1) when it does not exist.

Conclusion

No malicious pattern or security vulnerability was found in the current diff. The prior weight-accounting concern remains addressed.

---

🔍 AI Review — Auditor (domain review)

VERDICT: 👍

Gittensor: UNKNOWN; no allowlist match. Author has repo write permission and substantial recent subtensor history, so calibrated as established-contributor runtime work.

The fee metadata change is narrow: decrease_take and increase_take now report Pays::Yes, with dispatch-info coverage added and spec_version bumped to 418.

Description discrepancy: the PR body still frames this as only a delegate-take fee metadata change, but the diff also changes do_swap_hotkey to reject an existing new_hotkey unless it is owned by the signing coldkey. The previously stale swap-hotkey test expectation has been updated, so I am not carrying the blocker forward, but the PR body should mention this runtime behavior change before merge.

Targeted test attempt: SKIP_WASM_BUILD=1 cargo test -p pallet-subtensor --lib tests::staking::test_delegate_take_dispatch_info_pays_fee -- --exact could not run in this sandbox because rustup cannot create temp files under read-only /home/runner/.rustup/tmp.

Findings

No findings.

Prior-comment reconciliation

• d2dcafae: addressed — The test_swap_owner_new_hotkey_already_exists expectation now matches the new NonAssociatedColdKey pre-check behavior.

Conclusion

Approving: the prior test blocker is addressed, the fee metadata change is directly covered, and I found no remaining domain issue that should block merge. The PR description should still be corrected to disclose the included swap_hotkey behavior change.

---

📜 Previous run (superseded)

Sev	File	Finding	Status
MEDIUM	pallets/subtensor/src/tests/swap_hotkey_with_subnet.rs:921	Update swap-hotkey tests for the new pre-check	✅ Addressed The test_swap_owner_new_hotkey_already_exists expectation now matches the new NonAssociatedColdKey pre-check behavior.

[github-actions]

🔄 AI review updated — Skeptic: VULNERABLE

[github-actions]

🔄 AI review updated — Skeptic: SAFE Auditor: 👍

[github-actions]

AI review — see the sticky summary comment for the verdict and the inline comments below for specific findings.

[github-actions]

🔄 AI review updated — Skeptic: SAFE Auditor: 👎

[github-actions]

AI review — see the sticky summary comment for the verdict and the inline comments below for specific findings.

[github-actions]

🔄 AI review updated — Skeptic: VULNERABLE

[github-actions]

🔄 AI review updated — Skeptic: SAFE Auditor: 👎

[github-actions]

🔄 AI review updated — Skeptic: SAFE Auditor: 👍