feat: merkle root, reentrancy lock, group refund, subscription billing#300
Merged
Merged
Conversation
…ion billing Task 1 — Merkle root for caller allowlist: Replace the stored Vec<Address> allowed_callers with a merkle root (BytesN<32>). The creator stores only the root on-chain; each payer submits a merkle proof when paying via pay_with_proof(). Added verify_merkle_proof(), set_allowed_callers_root(), and wired the proof parameter through _pay(). Task 2 — Reentrancy protection: Added require_non_reentrant() / clear_reentrant() to all state-mutating public functions that were missing them (~55 functions). Fixed broken set_self_limit() and resolve_dispute() implementations in the process. Task 3 — Group all-or-nothing refund: Modified refund() to detect group membership. When any member of a group is underfunded past the deadline, all group invoices are refunded together. Extracted _refund_single() as an internal helper. Task 4 — Subscription billing: Extended SubscriptionParams with interval_secs, next_invoice_at, active flag, and last_invoice_id. Updated create_subscription() to accept a billing interval. Added opt_into_subscription(), cancel_subscription(), cancel_subscription_creator(), and process_subscription() which creates the next invoice and charges all opted-in payers each cycle.
|
@Emmy6654 Great news! 🎉 Based on an automated assessment of this PR, the linked Wave issue(s) no longer count against your application limits. You can now already apply to more issues while waiting for a review of this PR. Keep up the great work! 🚀 |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Closes #259
Closes #260
Closes #261
Closes #262
Summary
This PR implements four independent features for the StellarSplit contract:
Task 1 — Merkle Root for Caller Allowlist
Replaces the expensive on-chain
Vec<Address>allowed_callerswith a Merkle root (BytesN<32>). The creator stores only the root on-chain; each payer submits a Merkle proof when paying.Changes:
allowed_callers_root: Option<BytesN<32>>toInvoiceExt,Invoice,InvoiceOptions, andInvoiceTemplateverify_merkle_proof()helper using SHA-256 with lexicographic orderingset_allowed_callers_root()public function for creators_pay()to verify Merkle proof when the root is setallowed_callers: Nonereferences updated toallowed_callers_root: NoneTask 2 — Reentrancy Protection
Added
require_non_reentrant()/clear_reentrant()guards to all state-mutating public functions (~55 functions). Fixed brokenset_self_limit()andresolve_dispute()implementations uncovered during the audit.Task 3 — Group All-or-Nothing Refund
Modified
refund()to detect invoice group membership. When any group member is underfunded past the deadline, all group invoices are refunded together. Extracted_refund_single()as a helper for the per-invoice refund logic.Task 4 — Subscription Billing
Overhauled the subscription system:
SubscriptionParamsnow includesinterval_secs,next_invoice_at,active, andlast_invoice_idcreate_subscription()accepts a configurable billing interval (min 1 day)opt_into_subscription()for payers to opt incancel_subscription()andcancel_subscription_creator()for opt-outprocess_subscription()— creates the next invoice per cycle, charges all opted-in payers, and auto-releases if fully fundedFiles Changed
contracts/split/src/lib.rs— All four taskscontracts/split/src/types.rs— Merkle root fields, subscription params