📌 Description
commitment_core::create_commitment computes the creation fee twice: first with
the overflow-checked fuzzing::checked_fee_from_bps (with proper guard reset), then
again immediately below with the unchecked fees::fee_from_bps and a plain
amount - creation_fee. The second block shadows the first and reintroduces an
unchecked subtraction, defeating the earlier overflow protection.
This issue removes the duplicate, keeping only the checked computation.
🎯 Requirements and Context
- Delete the second
creation_fee_bps/creation_fee/net_amount block so only the checked_fee_from_bps + checked_sub path remains.
- The reentrancy guard must still be reset on every error path.
ArithmeticOverflow must remain the failure mode for overflowing fees.- No change to the resulting
net_amount for valid inputs; preserve fee_tests.rs and creation snapshots.
🛠️ Suggested Execution
1. Fork the repo and create a branch
git checkout -b security/dedupe-creation-fee
2. Implement changes
- Edit
contracts/commitment_core/src/lib.rs to remove the shadowing unchecked block; add a /// note on the single fee source of truth.
- Cross-check
docs/FEES.md and docs/FEE_MODEL_CROSS_CHECK.md.
3. Test and commit
- Extend
contracts/commitment_core/src/fee_tests.rs.
- Run:
cargo test --target wasm32v1-none --release
- Edge cases: bps=0, bps=10000, near-overflow amount, guard reset after overflow.
Example commit message
fix: drop duplicated unchecked creation-fee computation in core
✅ Guidelines
- Minimum 95% test coverage on
create_commitment fee paths.
- Document the single fee source of truth.
- Timeframe: 96 hours.
🏷️ Labels
type-security · type-refactor · area-contracts · MAYBE REWARDED · GRANTFOX OSS · OFFICIAL CAMPAIGN
💬 Community & Support
- Join the CommitLabs contributor Discord to coordinate and get unblocked fast: https://discord.gg/WV7tdYkJk
- Introduce yourself before starting to avoid duplicate work.
- Maintainers triage actively and review fast.
📌 Description
commitment_core::create_commitmentcomputes the creation fee twice: first withthe overflow-checked
fuzzing::checked_fee_from_bps(with proper guard reset), thenagain immediately below with the unchecked
fees::fee_from_bpsand a plainamount - creation_fee. The second block shadows the first and reintroduces anunchecked subtraction, defeating the earlier overflow protection.
This issue removes the duplicate, keeping only the checked computation.
🎯 Requirements and Context
creation_fee_bps/creation_fee/net_amountblock so only thechecked_fee_from_bps+checked_subpath remains.ArithmeticOverflowmust remain the failure mode for overflowing fees.net_amountfor valid inputs; preservefee_tests.rsand creation snapshots.🛠️ Suggested Execution
1. Fork the repo and create a branch
2. Implement changes
contracts/commitment_core/src/lib.rsto remove the shadowing unchecked block; add a///note on the single fee source of truth.docs/FEES.mdanddocs/FEE_MODEL_CROSS_CHECK.md.3. Test and commit
contracts/commitment_core/src/fee_tests.rs.cargo test --target wasm32v1-none --releaseExample commit message
✅ Guidelines
create_commitmentfee paths.🏷️ Labels
type-security·type-refactor·area-contracts·MAYBE REWARDED·GRANTFOX OSS·OFFICIAL CAMPAIGN💬 Community & Support