Skip to content

feat(contract): unify auth model across all entrypoints (#209)#442

Open
Lazaruster wants to merge 1 commit into
StayLitCodes:mainfrom
Lazaruster:feat/209-unify-auth-require-auth
Open

feat(contract): unify auth model across all entrypoints (#209)#442
Lazaruster wants to merge 1 commit into
StayLitCodes:mainfrom
Lazaruster:feat/209-unify-auth-require-auth

Conversation

@Lazaruster

Copy link
Copy Markdown

closes #209

  • raise_dispute: move caller.require_auth() before escrow load to prevent membership probing without auth
  • confirm_delivery: remove untrusted 'buyer' param; derive auth from escrow.depositor stored on-chain
  • refund_expired: remove untrusted 'caller' param; derive auth from escrow.depositor stored on-chain
  • release_milestone: add depositor.require_auth() to above-threshold multisig path (previously had no require_auth call)
  • Update all call sites to match new signatures
  • Rewrite test_unauthorized_confirm_delivery and test_refund_expired_authorization_check to use mock_auths(&[])
  • Add 17 negative auth tests (test_auth_*) covering every state-changing entrypoint

…#209)

- raise_dispute: move caller.require_auth() before escrow load to prevent
  membership probing without auth
- confirm_delivery: remove untrusted 'buyer' param; derive auth from
  escrow.depositor stored on-chain
- refund_expired: remove untrusted 'caller' param; derive auth from
  escrow.depositor stored on-chain
- release_milestone: add depositor.require_auth() to above-threshold
  multisig path (previously had no require_auth call)
- Update all call sites to match new signatures
- Rewrite test_unauthorized_confirm_delivery and
  test_refund_expired_authorization_check to use mock_auths(&[])
- Add 17 negative auth tests (test_auth_*) covering every
  state-changing entrypoint
@drips-wave

drips-wave Bot commented Jun 28, 2026

Copy link
Copy Markdown

@Lazaruster Great news! 🎉 Based on an automated assessment of this PR, the linked Wave issue(s) no longer count against your application limits.

You can now already apply to more issues while waiting for a review of this PR. Keep up the great work! 🚀

Learn more about application limits

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

[CONTRACT] Unify auth model across functions (require_auth consistency)

1 participant