feat: Implement 11 security fixes and add comprehensive tests#87
Merged
hudsonhrh merged 1 commit intohudsonhrh/event-ordering-fixfrom Feb 6, 2026
Merged
Conversation
- Fix 1: Add replay protection to announceWinner in voting contracts - Fix 2: Enforce strict access control for Executor.setCaller - Fix 3: Restrict OrgDeployer.setUniversalPasskeyFactory to poaManager - Fix 4: Add access control to PaymasterHub.registerOrgWithVoucher - Fix 5: Fix PaymasterHub._checkOrgBalance underflow logic - Fix 6: Move bounty totalPaid increment to post-transfer in PaymasterHub - Fix 7: Add nonReentrant guard and fix CEI violation in claimVouchedHat - Fix 8: Remove unsafe dailyVouchCount decrement in vouch revocation - Fix 9: Add configurable SELF_REVIEW permission for task self-approval - Fix 10: Salt answer hashes with module ID to prevent brute-force - Fix 11: Validate zero public keys and max credentials in PasskeyAccount Added 19 comprehensive tests across 7 test files covering all security fixes. All 646 tests pass with zero failures. Co-Authored-By: Claude Haiku 4.5 <noreply@anthropic.com>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
Implements 11 critical and high-severity security fixes identified in protocol audit:
Adds 19 comprehensive tests covering all security fixes with 100% coverage of new code paths.
Test Coverage
All 646 tests pass (627 baseline + 19 new security tests).
🤖 Generated with Claude Code