Description
A report_revenue signature replayed on a forked or sibling network could double-credit. Encode the network passphrase hash into the report payload and reject reports whose embedded network_id does not match the current network.
Requirements and context
- Must be secure, tested, and documented
- Should be efficient and easy to review
- Relevant code:
Revora-Contracts/src/lib.rs
- Network-id check must run before any state read to fail fast and cheap
Suggested execution
- Fork the repo and create a branch
git checkout -b feat/replay-safety-network-id
- Implement changes
- Read
env.ledger().network_id() and require payload.network_id == env_network_id
- Reject with
NetworkIdMismatch typed error
- Add fixture exercising a known testnet payload replayed against a mocked mainnet env
- Validate security and correctness assumptions
Test and commit
- Run tests
- Cover edge cases
- Cross-passphrase forks must reject even when all other fields match
- Include test output and security notes
Example commit message
feat: bind report_revenue to network_id to block cross-fork replay
Guidelines
- Minimum 95 percent test coverage
- Clear documentation
- Timeframe: 96 hours
Description
A
report_revenuesignature replayed on a forked or sibling network could double-credit. Encode the network passphrase hash into the report payload and reject reports whose embedded network_id does not match the current network.Requirements and context
Revora-Contracts/src/lib.rsSuggested execution
git checkout -b feat/replay-safety-network-idenv.ledger().network_id()and requirepayload.network_id == env_network_idNetworkIdMismatchtyped errorTest and commit
cargo test --allExample commit message
feat: bind report_revenue to network_id to block cross-fork replayGuidelines