Skip to content

Validate verifier and destination addresses are distinct in create_vault #225

Description

@1nonlypiece

📌 Description

create_vault in src/lib.rs accepts verifier, success_destination, and
failure_destination with no relationship checks. The repo already ships
snapshots probing dangerous overlaps (e.g.
test_create_vault_verifier_equals_success_destination_rejected,
test_create_vault_verifier_equals_failure_destination_rejected), but the
constraint is not consistently enforced in the contract itself.

This issue makes the address-distinctness invariant explicit and enforced at
creation time.

Goal: reject vault creation when verifier == success_destination or
verifier == failure_destination, since a verifier who is also a payout target
has a conflict of interest.

🎯 Requirements and Context

  • Must be secure, tested, and documented.
  • Add a new Error::ConflictingAddresses returned by create_vault.
  • Decide and document the rule for success_destination == failure_destination
    (the existing snapshot ..._no_verifier_destination_overlap_allowed suggests
    some overlaps are allowed — keep behaviour consistent with it).
  • Preserve verifier == creator acceptance (TEST_VERIFIER_SAME_AS_CREATOR.md).

🛠️ Suggested Execution

1. Fork the repo and create a branch

git checkout -b feature/verifier-address-distinctness

2. Implement changes

  • Contract: add the distinctness checks near the top of create_vault in
    src/lib.rs, before pulling USDC into escrow.
  • Tests: extend tests/create_vault.rs to assert each rejected/accepted overlap,
    matching the existing snapshot expectations.
  • Docs: add docs/ADDRESS_CONSTRAINTS.md enumerating allowed/rejected overlaps;
    cross-link from README.md.
  • Add NatSpec-style /// comments documenting the new validation rules.
  • Validate security: a verifier can never also be a payout destination.

3. Test and commit

  • Run cargo test.
  • Cover edge cases: verifier == success, verifier == failure, verifier == creator
    (allow), None verifier with overlapping destinations (per existing snapshot).

Example commit message

feat: enforce verifier/destination address distinctness in create_vault

✅ Guidelines

  • Minimum 95% test coverage on new/changed lines.
  • Clear documentation of the allowed/rejected address matrix.
  • No regressions on existing overlap snapshots.
  • Timeframe: 96 hours.

🏷️ Labels

type-enhancement · area-contracts · type-security · type-testing ·
MAYBE REWARDED · GRANTFOX OSS · OFFICIAL CAMPAIGN

💬 Community & Support

  • Join the Disciplr contributor Discord to coordinate, ask questions, and get
    unblocked fast: https://discord.gg/xvNAvMJf
  • Please introduce yourself before you start so we can avoid duplicate work,
    pair you with a reviewer, and merge your PR quickly.

Metadata

Metadata

Assignees

No one assigned

    Labels

    GRANTFOX OSSGrantFox open-source campaignMAYBE REWARDEDEligible for GrantFox rewardOFFICIAL CAMPAIGNOfficial GrantFox campaign issuearea-contractsSmart contract (Soroban/Rust) worktype-enhancementImprovement to existing functionalitytype-securitySecurity review / hardeningtype-testingTests and test coverage

    Fields

    No fields configured for Feature.

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions