fix(types): bigint amounts + manual JSON signing payload (audit H1+H2+H4)#12
Merged
github-actions[bot] merged 1 commit intomainfrom May 7, 2026
Merged
Conversation
…+H4) Audit 2026-05-07 findings: H1 (HIGH): all amount/fee/nonce/chain_id/timestamp/total_minted/etc. fields typed as JS `number` overflowed safe-int (~90.07M SRX) below the 315M supply target. Now `bigint` everywhere they appear. H2 (HIGH): SentrixWallet.signingPayload used JSON.stringify which (a) threw on bigint and (b) silently rounded numbers > 2^53 in the pre-bigint era. Now builds the JSON string manually so bigint amounts are emitted as bare integer literals — matching Rust serde_json u64 output byte-for-byte. H4: CI ran 'pnpm test --passWithNoTests' with zero test files, so signing-payload Rust parity was never gated. Added src/wallet/signing-payload.test.ts with 3 fixtures including a > 2^53 amount case. CI workflow updated to drop --passWithNoTests. Helpers added: - stringifyWithBigInt(value) — JSON.stringify replacement that emits bigints as integer literals - bigintFromJsonText(text, [keys]) — for deserializing high-value numeric fields from the chain's REST responses without rounding Submit-tx POST now uses stringifyWithBigInt internally so callers can pass bigint-typed NativeTx without serialize errors. Version bumped 0.2.0-rc.0 → 0.3.0-rc.0 (breaking API change: amount/ fee/etc consumers must migrate from number to bigint).
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Audit 2026-05-07 fixes (HIGH × 3):
H1: amount/fee/nonce/etc fields → bigint (was number, overflows ~90M SRX safe-int).
H2: SentrixWallet.signingPayload now builds JSON manually with bigint integer literals (was JSON.stringify, threw on bigint and silently rounded > 2^53).
H4: 3-test fixture including > 2^53 amount case verifies sha256(payload) parity with Rust chain.
Helpers added:
stringifyWithBigInt(value)— JSON.stringify replacementbigintFromJsonText(text, [keys])— for high-value REST response fieldsBreaking change: version bumped 0.2.0-rc.0 → 0.3.0-rc.0. Consumers must migrate
amount: 100→amount: 100n.