Skip to content

fix(program): remediate escrow audit findings#27

Open
dev-jodee wants to merge 5 commits intomainfrom
fix/a26sfr3-audit-remediations
Open

fix(program): remediate escrow audit findings#27
dev-jodee wants to merge 5 commits intomainfrom
fix/a26sfr3-audit-remediations

Conversation

@dev-jodee
Copy link
Collaborator

@dev-jodee dev-jodee commented Mar 18, 2026

Summary

  • remediate confirmed Creature audit findings refactor: post-review improvements and cleanup #2 through chore(deps): bump @solana/kit to v6.0.1 and related packages #14 in the escrow program
  • harden account validation (version/discriminator checks, owner/mint checks, allowed mint self-validation)
  • enforce extension and hook safety constraints, including signer rejection and withdraw context fixes
  • fix prefunded-PDA create flow to avoid lamport transfer griefing while keeping strict create-once semantics
  • defer finding #15 (receipt policy snapshot design) for a follow-up PR

Test Plan

  • cargo fmt -p escrow-program -p tests-escrow-program --check
  • cd program && cargo clippy --all-targets -- -D warnings
  • cd tests && cargo clippy --all-targets -- -D warnings
  • cargo test -p escrow-program
  • cargo test -p tests-escrow-program

Notes

  • just fmt fails at pnpm lint:fix due existing strict TypeScript lint errors in apps/web and examples/typescript unrelated to these Rust/program changes.

@dev-jodee
fix(program): remediate escrow audit findings 2-14
210aa0f 
Apply and test remediations for the confirmed findings from the Creature audit repository, including account validation hardening, extension enforcement updates, hook context/signer restrictions, discriminator/version guards, and prefunded PDA-safe creation semantics.\n\nFinding #15 remains intentionally deferred for later design alignment.
@dev-jodee dev-jodee changed the title fix(program): remediate escrow audit findings 2-14 fix(program): remediate escrow audit findings Mar 23, 2026
@dev-jodee dev-jodee marked this pull request as ready for review March 23, 2026 13:30
dev-jodee and others added 4 commits March 23, 2026 12:02
@dev-jodee
fix(program): downgrade hook CPI account privileges
2299d72
@dev-jodee
feat(extensions): add generic remove-extension instruction
cd10ec2
@dev-jodee
feat(extensions): add unblock token extension flow
818bd1a
@dev-jodee
feat: add escrow immutability flow (#30)
4a79fd8 
* feat: add escrow immutability flow

* fix(program): align immutability and deposit behavior

* fix(program): remove stale escrow immutability error path

* test(integration): remove immutable setup from withdraw fixture

* fix(tests): gate set_immutable module as test-only

Restore #[cfg(test)] on the set_immutable integration test module to satisfy clippy in non-test targets.\n\nAlso keep rustfmt import/module ordering updates produced by formatting.

* fix(program): enforce mutability for extension removal ops

Require escrow mutability in RemoveExtension and UnblockTokenExtension processors to align with other admin config updates.\n\nAdd integration regressions to assert EscrowImmutable is returned after locking escrow.

---------

Co-authored-by: Jo D <dev-jodee@users.noreply.github.com>
@dev-jodee dev-jodee requested a review from amilz March 23, 2026 18:40
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@amilz amilz Awaiting requested review from amilz

At least 1 approving review is required to merge this pull request.

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@dev-jodee