Merged
Conversation
- Analyze Chamber, Board, Wallet, and Registry contracts - Document 10+ strengths including modular architecture, security patterns - Identify 10+ weaknesses with prioritized recommendations - Include ERC4626 withdrawal vulnerability finding - Add metrics and security considerations Co-authored-by: chyad <chyad@hotmail.com>
|
Cursor Agent can help with this pull request. Just |
1. Override withdraw() and redeem() to check delegation constraints - Prevents users from withdrawing shares that are delegated - Adds _checkDelegationConstraint() internal helper 2. Add transaction expiration (30 days) - Add submittedAt timestamp to Transaction struct - Add TRANSACTION_EXPIRATION constant (30 days) - Add notExpired modifier to _confirmTransaction and _executeTransaction - Add getTransactionFull() and isTransactionExpired() functions - Add TransactionExpired error to IWallet 3. Implement minimum delegation age for director actions (1 day) - Prevents flash loan governance attacks - Track first delegation time per agent - Add MINIMUM_DELEGATION_AGE constant (1 day) - Add DelegationTooRecent error to IChamber - Add getAgentFirstDelegationTime() function 4. Update interfaces with new errors and functions - IWallet: TransactionExpired, getTransactionFull, isTransactionExpired - IChamber: DelegationTooRecent, getAgentFirstDelegationTime 5. Update tests for new functionality - Add tests for all three security features - Fix existing tests to account for delegation age requirement Version bumped to 0.5 Co-authored-by: chyad <chyad@hotmail.com>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Create a detailed functionality review document for the Chamber smart contracts, outlining their strengths, weaknesses, and recommendations.