feat: add multi-signature approval for large releases#340
Open
anumukul wants to merge 178 commits intoJagadeeshftw:masterfrom
Open
feat: add multi-signature approval for large releases#340anumukul wants to merge 178 commits intoJagadeeshftw:masterfrom
anumukul wants to merge 178 commits intoJagadeeshftw:masterfrom
Conversation
- Add comprehensive event schema documentation (EVENT_SCHEMA.md) * Define event structures for all contracts * Document event versioning strategy * Provide indexing strategies and retention policies * Include monitoring hooks and filtering examples - Implement event indexing infrastructure (internal/events/indexing.go) * EventIndexer for efficient event querying * Support for time-series, entity-based, and composite queries * Event aggregation capabilities * Event statistics and unindexed event tracking - Implement event monitoring system (internal/events/monitoring.go) * EventMonitor for real-time event listening * AnomalyDetector for detecting unusual patterns * Alert generation and handling * EventFilter and EventAggregator utilities - Implement advanced event filtering (internal/events/filtering.go) * FilterBuilder with fluent API * AdvancedEventFilter with operators (eq, ne, gt, gte, lt, lte, contains, in) * EventFilterStatistics for analytics * EventFilterExporter for JSON/CSV export - Create database migration (migrations/000025_contract_events_indexing.up.sql) * contract_events table with comprehensive indexing * event_alerts table for monitoring alerts * event_metrics table for performance tracking * event_replay_log table for event replay capability * Materialized views for daily statistics * Database functions for cleanup and queries - Add event indexing strategy guide (EVENT_INDEXING_STRATEGY.md) * Architecture overview and data flow * Database schema documentation * Indexing strategies (time-series, entity, composite, JSONB, materialized views) * Query patterns and monitoring hooks * Performance optimization techniques * Event retention policy - Add event versioning documentation (contracts/EVENT_VERSIONING.md) * Semantic versioning scheme (MAJOR.MINOR.PATCH) * Version evolution rules and migration strategies * Deprecation timeline and best practices * Indexer compatibility patterns * Version roadmap - Add implementation guide (EVENT_INDEXING_README.md) * Component overview and architecture * Usage examples for all major features * API integration patterns * Monitoring dashboard metrics * Performance tuning guide * Troubleshooting section Key Features: - Efficient off-chain event indexing with multiple strategies - Real-time event monitoring and anomaly detection - Comprehensive event schema with backward compatibility - Event versioning for smooth schema evolution - Advanced filtering and aggregation capabilities - Performance metrics and SLA tracking - Event retention policies for compliance - Monitoring alerts and dashboards Closes #[event-indexing-issue]
… Soroban contracts - Add error classification system (transient, permanent, partial) - Implement exponential backoff with jitter for retry logic - Add circuit breaker pattern to prevent cascading failures - Support partial success in batch operations with detailed tracking - Implement error state persistence and monitoring - Add comprehensive event emission for all error scenarios - Create 20 passing unit tests covering all error recovery scenarios - Integrate error recovery into program-escrow contract This implementation significantly improves platform reliability by: - Automatically retrying transient failures (network timeouts, rate limits) - Preventing permanent error retries (insufficient funds, invalid addresses) - Allowing batch operations to partially succeed instead of all-or-nothing - Tracking failed batch items for targeted retry - Implementing circuit breakers to prevent system overload - Providing detailed error events for monitoring and debugging All tests passing (36/36)
- Create comprehensive SDK for Grainlify contracts - TypeScript bindings from contract ABIs - Client classes for Core and Escrow contracts - Examples for all workflows: lock funds, release funds, batch payouts, query escrow - Error handling utilities - Complete documentation and usage guide
- Remove node_modules directory from contracts/sdk - Add node_modules/ to root .gitignore to prevent future commits
…, and ensure all cargo checks pass
…tracts - Added ContractPaused error (code 11) to bounty escrow - Added IsPaused state to contract storage (DataKey enum) - Implemented pause() and unpause() functions (admin-only) - Implemented emergency_withdraw() for critical fund recovery (paused state only) - Added pause checks to all state-changing functions: - lock_funds, release_funds, refund - batch_lock_funds, batch_release_funds - Added pause events: ContractPaused, ContractUnpaused, EmergencyWithdrawal - Applied same pause functionality to program-escrow contract - Added pause guards to lock_program_funds, batch_payout, single_payout - Added pause guards to create_program_release_schedule and release_prog_schedule_automatic - Implemented is_paused() helper function for querying pause state - Added comprehensive pause tests: - test_pause_functionality: validates pause/unpause and blocked operations - test_emergency_withdraw: validates fund recovery during pause - All operations blocked when paused (fail-fast design) - Read-only functions unaffected by pause state Security features: - Least privilege: only admins can pause/unpause or withdraw - Fail-closed design: paused contracts reject state-changing operations - Auditability: all sensitive actions emit events - State persistence: pause state survives upgrades - Idempotent operations: pause/unpause can be called multiple times safely
- Fixed duplicate error code 11: moved BatchSizeMismatch to code 18 - ContractPaused now uses code 11 (was duplicated) - Changed IsPaused storage from instance to persistent storage for better persistence - Added 2 pause-specific tests: test_pause_functionality and test_emergency_withdraw - Fixed test assertions to work with Soroban SDK's no_std environment Test Results: - Bounty Escrow: 50/50 passing (42 existing + 2 pause tests + 6 other tests) - All pause functionality working correctly: - pause() and unpause() functions properly toggle pause state - Pause state persists across function calls - is_paused() correctly reports pause status - emergency_withdraw() callable when paused
…cklist-whitelist Feature: Participant blacklist and whitelist
…y-guard-audit Security/reentrancy guard audit
Feat/new feature name
…ct-standard-interfaces Feat: Cross contract standard interfaces
…gration-scripts feat(scripts): implement deployment and migration scripts
…ting Feat/invariant testing
…pport feat: Multiple token support
…-utilities feat: add contract testing utilities and helpers
- Resolved conflicts in bounty_escrow/lib.rs (module imports, error codes, DataKey enum, token address logic) - Resolved conflicts in bounty_escrow/events.rs (merged multisig events with EscrowExpired event) - Resolved conflicts in program-escrow/lib.rs (module imports, DataKey enum, function name) - Kept both multisig functionality and upstream features (token whitelisting, reentrancy guards, etc.)
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
20 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Multi-Signature Approval for Large Releases
This PR adds configurable multi-sig requirements for releases and payouts above a certain threshold. The goal is straightforward: high-value transactions should require more than one approval before funds move.
What changed
Bounty Escrow:
MultisigConfigstores threshold, signers list, and required approval countconfigure_multisig()lets admin set the configinitiate_release()kicks off the approval process for amounts above thresholdapprove_release_as()collects signer approvals - executes automatically when threshold is metcancel_release_approval()for admin to abort if neededProgram Escrow:
initiate_payout()/approve_payout_as()/cancel_payout_approval()How it works
configure_multisig(threshold, signers, required_count, enabled)initiate_release()to create pending approvalapprove_release_as()required_countapprovals are collected, release executescancel_release_approval()Test coverage
34 new tests total across both contracts.
Breaking changes
None. Multisig is disabled by default - existing behavior unchanged until explicitly configured.
Closes #306