Skip to content

fix: add authorization to set_risk_tier (Issue #24)#52

Closed
HERO570 wants to merge 1 commit into
mericcintosun:mainfrom
HERO570:fix/set-risk-tier-authorization
Closed

fix: add authorization to set_risk_tier (Issue #24)#52
HERO570 wants to merge 1 commit into
mericcintosun:mainfrom
HERO570:fix/set-risk-tier-authorization

Conversation

@HERO570

@HERO570 HERO570 commented Mar 30, 2026

Copy link
Copy Markdown

Summary

  • initialize(admin) — one-time function to set a trusted admin address, stored in instance storage. Panics on double-init.
  • set_risk_tier — now takes a caller parameter. caller.require_auth() is enforced, and if caller != user, the caller must be the admin. Random addresses are blocked from manipulating other users' scores.
  • update_chosen_tier — now requires user.require_auth() so only the user can change their own chosen tier.
  • TypeScript client & writeScore.js updated to pass the new caller parameter.
  • 24/24 unit tests passing, covering:
    • Admin init & double-init rejection
    • Admin setting any user's tier
    • User setting their own tier (self-service)
    • Unauthorized caller blocked
    • Admin overwriting user score
    • All original functional tests preserved

Test plan

  • cargo test — 24/24 passing
  • Verify TypeScript client integration on testnet
  • Verify writeScore.js self-service flow works end-to-end

Closes #24

- Add initialize(admin) function to set trusted admin address (one-time)
- set_risk_tier now requires caller to be admin OR the user themselves
- update_chosen_tier now requires user authentication
- Add testutils feature for dev-dependencies to enable test address generation
- Update TypeScript client and writeScore.js to pass caller parameter
- 24/24 unit tests passing covering all auth paths

Closes mericcintosun#24

Signed-off-by: Darshan R <darshan@MacBook-Pro.local>
@vercel

vercel Bot commented Mar 30, 2026

Copy link
Copy Markdown

Someone is attempting to deploy a commit to the mericcintosun Team on Vercel.

A member of the Team first needs to authorize it.

@mericcintosun

Copy link
Copy Markdown
Owner

Thanks — really solid full-stack fix! Closing as superseded by #74, which we're merging. #74 closes the same vulnerability on both write functions while keeping the existing 4-arg set_risk_tier ABI and tuple-key storage, so it's a drop-in with zero client changes / no data migration. Your client-side updates were great; if we later move to an explicit caller ABI we'll revisit this approach. 🙏

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

Security Audit and Best Practices

2 participants