📌 Description
commitment_core::create_commitment carefully sets and resets
DataKey::ReentrancyGuard around its NFT mint and token transfer, but settle
(line ~1056) and early_exit (line ~1171) perform their own cross-contract NFT calls
and token transfers. These settlement paths must be confirmed to be wrapped by the
same require_no_reentrancy / set_reentrancy_guard discipline; any gap is a
fund-custody risk.
This issue audits and, where missing, adds reentrancy protection to the settlement
paths.
🎯 Requirements and Context
- Wrap
settle and early_exit external-call sections with require_no_reentrancy → set_reentrancy_guard(true) → work → set_reentrancy_guard(false).
- Guard must be reset on every panic/early-return branch (mirror the
set_reentrancy_guard(&e, false) pattern already used in create_commitment).
- Must not change settlement amounts or event payloads.
- Add an explicit reentrancy regression test using a malicious token mock.
🛠️ Suggested Execution
1. Fork the repo and create a branch
git checkout -b security/core-settle-reentrancy
2. Implement changes
- Audit and patch
settle/early_exit in contracts/commitment_core/src/lib.rs, adding /// notes on the guard.
- Update
docs/SECURITY_CONSIDERATIONS.md.
3. Test and commit
- Add tests to
contracts/commitment_core/src/security_review_tests.rs.
- Run:
cargo test --target wasm32v1-none --release
- Edge cases: reentry during settle transfer, reentry during early_exit, guard reset after revert.
Example commit message
fix: enforce reentrancy guard on core settlement paths
✅ Guidelines
- Minimum 95% test coverage on the settlement paths.
- Document the guard invariant.
- Timeframe: 96 hours.
🏷️ Labels
type-security · area-contracts · MAYBE REWARDED · GRANTFOX OSS · OFFICIAL CAMPAIGN
💬 Community & Support
- Join the CommitLabs contributor Discord to coordinate and get unblocked fast: https://discord.gg/WV7tdYkJk
- Introduce yourself before starting to avoid duplicate work.
- Maintainers triage actively and review fast.
📌 Description
commitment_core::create_commitmentcarefully sets and resetsDataKey::ReentrancyGuardaround its NFT mint and token transfer, butsettle(line ~1056) and
early_exit(line ~1171) perform their own cross-contract NFT callsand token transfers. These settlement paths must be confirmed to be wrapped by the
same
require_no_reentrancy/set_reentrancy_guarddiscipline; any gap is afund-custody risk.
This issue audits and, where missing, adds reentrancy protection to the settlement
paths.
🎯 Requirements and Context
settleandearly_exitexternal-call sections withrequire_no_reentrancy→set_reentrancy_guard(true)→ work →set_reentrancy_guard(false).set_reentrancy_guard(&e, false)pattern already used increate_commitment).🛠️ Suggested Execution
1. Fork the repo and create a branch
2. Implement changes
settle/early_exitincontracts/commitment_core/src/lib.rs, adding///notes on the guard.docs/SECURITY_CONSIDERATIONS.md.3. Test and commit
contracts/commitment_core/src/security_review_tests.rs.cargo test --target wasm32v1-none --releaseExample commit message
✅ Guidelines
🏷️ Labels
type-security·area-contracts·MAYBE REWARDED·GRANTFOX OSS·OFFICIAL CAMPAIGN💬 Community & Support