Skip to content

fix(contract): address authorization and state consistency issues in certificate workflows#609

Open
lishmanTech wants to merge 4 commits into
Servora:mainfrom
lishmanTech:newIssue
Open

fix(contract): address authorization and state consistency issues in certificate workflows#609
lishmanTech wants to merge 4 commits into
Servora:mainfrom
lishmanTech:newIssue

Conversation

@lishmanTech

Copy link
Copy Markdown
Contributor

Summary

This PR fixes multiple contract bugs related to authorization, ownership indexing, and request lifecycle management.

Changes

  • Fixed complete_transfer to keep the OwnerCertIds index synchronized when certificate ownership changes.

    • Removes the certificate ID from the previous owner's index.
    • Adds the certificate ID to the new owner's index.
    • Prevents stale ownership queries after transfers.
  • Fixed cancel_request to use RequestStatus::Cancelled instead of RequestStatus::Rejected.

    • Preserves accurate workflow history.
    • Distinguishes user-initiated cancellations from signer rejections.
  • Added an authorization check to issue_approved_certificate.

    • Requires issuer authentication before issuing an approved certificate.
    • Prevents unauthorized accounts from finalizing approved requests.
  • Added an authorization check to propose_certificate.

    • Requires issuer authentication before creating certificate proposals.
    • Prevents malicious users from proposing certificates on behalf of other issuers.

Result

These changes improve the security and consistency of the certificate workflow by enforcing proper authorization, maintaining ownership indexes, and preserving an accurate request lifecycle.

Closes #569
Closes #570
Closes #571
Closes #572

@drips-wave

drips-wave Bot commented Jul 3, 2026

Copy link
Copy Markdown

@lishmanTech Great news! 🎉 Based on an automated assessment of this PR, the linked Wave issue(s) no longer count against your application limits.

You can now already apply to more issues while waiting for a review of this PR. Keep up the great work! 🚀

Learn more about application limits

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment