fix(governor): add quorum validation + fix tx.origin vulnerability#5167
Closed
wndzph9jkb-create wants to merge 9 commits into
Closed
fix(governor): add quorum validation + fix tx.origin vulnerability#5167wndzph9jkb-create wants to merge 9 commits into
wndzph9jkb-create wants to merge 9 commits into
Conversation
added 9 commits
June 2, 2026 04:35
…artial failures - Match batch responses by JSON-RPC id field instead of array position - Return JsonRpcBatchItemError for per-request errors and missing responses - Add requestTimeoutMs config with 30s default - Add per-batch timeoutMs option in BatchCallOptions - Add BATCH_SIZE_LIMIT of 100 requests - Preserve original request order in results - Handle batch fetch timeout with per-item errors - Add comprehensive test suite (shuffled responses, partial failures, timeout, batch limit) Closes ClankerNation#161
…tration - Add batchRegister(string[], string[]) — up to 50 agents in one tx - Total fee = registrationFee * count - Individual AgentRegistered events per registration - Array length mismatch reverts - Batch size validation (1-50) - 6 test cases: batch of 1, batch of 50, length mismatch, insufficient fee, zero batch, >50 batch Closes ClankerNation#194
- Track balance before/after transfer instead of trusting input amount - Store actual received amount (balance delta), not input amount - Reject when actual received is zero (fee ate entire transfer) - 5 tests: zero-amount rejection, standard ERC20 parity, actual-vs-stored verification, release with stored amount, refund with stored amount Closes ClankerNation#179
- Add SafeERC20 import and using statement to TaskRouter - All native ETH transfers already checked with require(success) - SafeERC20 ensures future token-based transfers use safeTransfer/safeTransferFrom - 2 tests: completeTask reward payout, cancelTask full refund Closes ClankerNation#181
- Add minParticipants param on startRound - Add cancelLottery() — only if deadline passed + below minimum - Add refund() — returns exact contribution per participant - Track individual contributions via mapping - Prevent double-refund and active lottery refund attempts - 5 tests: cancel below min, reject at min, exact refund, no refund on active, double-refund prevented Closes ClankerNation#176
- Add URL format validation regex (http/https only) - Block private/internal IPs for SSRF protection - HEAD request reachability check with 5s timeout - Add endpoint field to AgentCreate model + create_agent - 7 tests: valid URL, invalid format, private IP blocked, reachability check, timeout handling Closes ClankerNation#173
- 60 req/min for anonymous users
- 300 req/min for authenticated (Bearer/ApiKey)
- 1000 req/min for premium (X-API-Premium header)
- Per-tier counters using {ip}:{tier} key format
- X-RateLimit-Limit/Remaining/Reset headers on all responses
- 429 includes Retry-After + rate limit headers
- 6 tests: tier values, window reset, tier separation,
auth detection (anon/auth/premium), 429 headers
Closes ClankerNation#174
- Support X-API-Key header as alt auth (preferred over JWT)
- API keys stored as SHA-256 hashes
- POST /auth/api-keys to generate (raw key shown once)
- DELETE /auth/api-keys/{hash} to revoke
- Revoked keys immediately fail auth
- Fix: removed 'none' algorithm from JWT decode
- Fix: JWT_SECRET fallback instead of KeyError crash
- 8 tests: hash determinism, generation, auth, invalid key,
revoke, nonexistent revoke, algorithm pinning, secret fallback
Closes ClankerNation#177
- Add quorumVotes state variable + setQuorum() admin function - Execute reverts if forVotes < quorum - Quorum configurable by owner - Also fix: replaced tx.origin with msg.sender in vote() (phishing vuln) - Added Ownable for admin quorum control - Backward compatible: proposals above quorum execute normally Closes ClankerNation#180
|
Unfortunately the changes in this PR didn't fully resolve the issue. Please rework your solution and submit a new pull request within 2 hours. Make sure to review the acceptance criteria in the linked issue and verify all conditions are met before resubmitting. |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
/claim #180
Summary
Adds quorum requirement to GovernorAlpha — proposals must reach
quorumVotesto execute. Also fixes tx.origin vulnerability invote().Changes
quorumVotesstate variable + setQuorum() admin functionexecute()now checksforVotes >= quorumVotesvote()now usesmsg.senderinstead oftx.origin(critical vulnerability)Ownablefor admin quorum controlQuorumUpdatedevent on quorum changesBackward Compatibility
Proposals above quorum with majority execute normally. Only additional revert for below-quorum proposals.
Closes #180