feat: per-token vault reserve cap#587
Open
Fury03 wants to merge 1 commit into
Open
Conversation
Add a per-token reserve cap to the vault. Deposits that would push a token's tracked balance past the configured cap are rejected with the new VaultError::ExceedsReserveCap (code 37). - contracts/vault/src/limits.rs (new): set/get/check helpers for the per-token cap stored under StorageKey::ReserveCap(Address). - lib.rs: StorageKey::ReserveCap, VaultError::ExceedsReserveCap, set_reserve_cap (owner-only), get_reserve_cap view, cap guard in deposit() before the effects block. - events.rs: reserve_cap_set event topic. - test_reserve_cap.rs (new): 17 focused tests covering validation, exact-cap boundary, cumulative enforcement, event payload, and interaction with other entrypoints. - test_error_codes.rs: include codes 35-37 in stability snapshot. - docs/ERROR_CODES.md: document codes 35-37.
|
@Fury03 Great news! 🎉 Based on an automated assessment of this PR, the linked Wave issue(s) no longer count against your application limits. You can now already apply to more issues while waiting for a review of this PR. Keep up the great work! 🚀 |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Closes #524
Summary
contracts/vault/src/limits.rs(new module per the issue spec) withset,get, andcheckhelpers.set_reserve_cap(caller, token, cap)(owner-only) andget_reserve_cap(token)(view).ExceedsReserveCap) and event topicreserve_cap_set.Changes
contracts/vault/src/limits.rscontracts/vault/src/lib.rsStorageKey::ReserveCap,VaultError::ExceedsReserveCap,set_reserve_cap,get_reserve_cap, deposit guard callcontracts/vault/src/events.rsevent_reserve_cap_settopiccontracts/vault/src/test_reserve_cap.rscontracts/vault/src/test_error_codes.rsdocs/ERROR_CODES.mdSecurity & Design
set_reserve_capcallscaller.require_auth()andrequire_ownerbefore any state write.deposit(), before the Effects block, consistent with CEI ordering.checked_add— nounwrap()on production paths.i128::MAX(fast-path skip), so existing vaults behave identically until a cap is explicitly set.Test plan
get_reserve_cap_returns_max_when_not_set— default is unlimitedset_reserve_cap_stores_value/set_reserve_cap_can_be_updated— happy pathset_reserve_cap_to_max_restores_unlimited— removing capset_reserve_cap_rejects_zero/set_reserve_cap_rejects_negative— validationset_reserve_cap_requires_owner— auth guardset_reserve_cap_is_per_token— caps isolated per token addressset_reserve_cap_emits_event/set_reserve_cap_event_includes_previous_value— event correctnessdeposit_succeeds_when_no_cap_set— no regression when uncappeddeposit_succeeds_when_below_cap/deposit_succeeds_at_exact_cap— boundary passdeposit_fails_when_exceeds_cap— boundary rejectdeposit_fails_when_cumulative_total_exceeds_cap— cumulative enforcementdeposit_succeeds_again_after_cap_raised— cap increase unblocks depositsdeposit_at_one_above_cap_fails— off-by-one boundaryreserve_cap_does_not_affect_withdrawal— cap is deposit-only