Description
A proposal in governance.rs is keyed by an incrementing id, but identical re-submitted payloads can be voted on by re-using off-chain signatures. Add a per-proposal salt: BytesN<32> baked into the signed vote message so signatures are bound to a specific proposal instance.
Requirements and Context
- Generate salt at proposal creation using
Env::prng
- Include salt in canonical vote message
- Reject signatures whose salt does not match
- Must be secure, tested, and documented
- Should be efficient and easy to review
Suggested Execution
- Fork the repo and create a branch
git checkout -b feature/governance-vote-salt
- Implement changes
contracts/predictify-hybrid/src/governance.rscontracts/predictify-hybrid/src/governance_tests.rs
- Test and commit
cargo test -p predictify-hybrid governance_salt- Cover edge cases
- Include test output and notes in the PR
Example commit message
feat: bind governance vote signatures to per-proposal salt
Acceptance Criteria
Guidelines
- Validate auth, overflow, and storage TTL/archival
- Clear documentation and inline comments
- Timeframe: 96 hours
Description
A proposal in
governance.rsis keyed by an incrementing id, but identical re-submitted payloads can be voted on by re-using off-chain signatures. Add a per-proposalsalt: BytesN<32>baked into the signed vote message so signatures are bound to a specific proposal instance.Requirements and Context
Env::prngSuggested Execution
contracts/predictify-hybrid/src/governance.rscontracts/predictify-hybrid/src/governance_tests.rscargo test -p predictify-hybrid governance_saltExample commit message
Acceptance Criteria
Env::prng, not block timestampGuidelines