Skip to content

Add replay-safety guard against fork-replays of report_revenue across networks #466

Description

@thlpkee20-wq

Description

A report_revenue signature replayed on a forked or sibling network could double-credit. Encode the network passphrase hash into the report payload and reject reports whose embedded network_id does not match the current network.

Requirements and context

  • Must be secure, tested, and documented
  • Should be efficient and easy to review
  • Relevant code: Revora-Contracts/src/lib.rs
  • Network-id check must run before any state read to fail fast and cheap

Suggested execution

  • Fork the repo and create a branch
  • git checkout -b feat/replay-safety-network-id
  • Implement changes
    • Read env.ledger().network_id() and require payload.network_id == env_network_id
    • Reject with NetworkIdMismatch typed error
    • Add fixture exercising a known testnet payload replayed against a mocked mainnet env
  • Validate security and correctness assumptions

Test and commit

  • Run tests
    • cargo test --all
  • Cover edge cases
    • Cross-passphrase forks must reject even when all other fields match
  • Include test output and security notes

Example commit message

feat: bind report_revenue to network_id to block cross-fork replay

Guidelines

  • Minimum 95 percent test coverage
  • Clear documentation
  • Timeframe: 96 hours

Metadata

Metadata

Assignees

No one assigned

    Type

    No type

    Fields

    No fields configured for issues without a type.

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions