fix(contracts): move consumedIntents assignment before external call (CEI)#70
Conversation
…(CEI) Follows Checks-Effects-Interactions pattern by marking the intent as consumed before calling verifier_.verifySettlement(). The current verifier is view so reentrancy is not possible today, but this makes the code correct by construction for any future non-view verifier. Also updates THREAT_MODEL.md invariant 2 to reflect the fix.
Dependency Review✅ No vulnerabilities or license issues or OpenSSF Scorecard issues found.Scanned FilesNone |
|
No actionable comments were generated in the recent review. 🎉 ℹ️ Recent review info⚙️ Run configurationConfiguration used: Path: .coderabbit.yaml Review profile: ASSERTIVE Plan: Pro Plus Run ID: 📒 Files selected for processing (2)
WalkthroughThis PR reorders the intent consumption check in ChangesIntent Consumption Replay Protection
Estimated code review effort🎯 2 (Simple) | ⏱️ ~12 minutes Possibly related PRs
Poem
🚥 Pre-merge checks | ✅ 5✅ Passed checks (5 passed)
✏️ Tip: You can configure your own custom pre-merge checks in the settings. ✨ Finishing Touches🧪 Generate unit tests (beta)
Tip 💬 Introducing Slack Agent: The best way for teams to turn conversations into code.Slack Agent is built on CodeRabbit's deep understanding of your code, so your team can collaborate across the entire SDLC without losing context.
Built for teams:
One agent for your entire SDLC. Right inside Slack. Comment |
Summary
Fixes a CEI (Checks-Effects-Interactions) pattern violation in
MARKSettlementModule._consumeAndValidate.Root cause
consumedIntents[intentId] = truewas set after the external call toverifier_.verifySettlement(). The current verifier isviewso reentrancy is not possible today, but this would become a real reentrancy vector if a future non-view verifier is plugged in.Fix
Move
consumedIntents[intentId] = trueto before the external call. No behaviour change for the current verifier.Verification
All tests pass.
Scope
contracts/src/settlement/MARKSettlementModule.solcontracts/THREAT_MODEL.mdRisk
Low — no behaviour change for current verifier. Improves correctness for future verifier integrations.
Summary by CodeRabbit
Bug Fixes
Documentation