Skip to content

Add chain-reorg replay protection via ledger sequence high-water mark #486

Description

@greatest0fallt1me

Description

This is a smart-contract issue for the GrantFox campaign. Track per-developer last-applied ledger sequence and reject any settlement claim from a lower or equal sequence.

Requirements and Context

  • high_water_mark stored
  • Reject equal/lower seq
  • Storage TTL tied to lifecycle
  • Test reorg path
  • Must be secure, tested, and documented
  • Should be efficient and easy to review

Suggested Execution

  1. Fork the repo and create a branch
    git checkout -b feature/replay-guard
  2. Implement changes
    • contracts/settlement/src/replay_guard.rs (new)
    • contracts/settlement/src/lib.rs
  3. Test and commit
    • Run the repo's standard test suite and lint
    • Cover edge cases; include output in the PR

Example commit message

feat: ledger-sequence replay protection

Acceptance Criteria

  • High-water enforced
  • Equal seq rejected
  • TTL maintained
  • Reorg test passes

Guidelines

  • Minimum 95% test coverage with cargo test
  • require_auth on every state-changing entrypoint
  • Overflow-safe math; no unwrap() in production paths
  • Clear NatSpec-style /// rustdoc
  • Timeframe: 96 hours

Metadata

Metadata

Assignees

Labels

GRANTFOX OSSGrantFox open-source campaign taskOFFICIAL CAMPAIGNOfficial GrantFox campaign issueStellar WaveIssues in the Stellar wave programauditSecurity audit/reviewsecuritySecurity hardeningsmart-contractSoroban smart-contract work

Type

No type

Fields

No fields configured for issues without a type.

Projects

No projects

Milestone

No milestone

Relationships

None yet

Development

No branches or pull requests

Issue actions