Summary
contracts/hashport-account/src/test.rs exists but should be pushed further given this contract directly custodies user funds — expand coverage of authorization and numeric edge cases before any mainnet use.
Description
Review contracts/hashport-account/src/lib.rs for every require_auth call site (set_owner, transfer) and add tests asserting each fails without proper authorization from a caller other than the owner.
Add tests for transfer with amount = 0, negative amounts (already guarded by Error::InvalidAmount — verify the guard), and i128::MAX to check for overflow behavior in the underlying token transfer.
Add a test for calling any method before __constructor runs (Self::owner currently .expect("not initialized") — confirm this panics cleanly rather than an unclear trap).
Consider whether a formal fuzzing pass (e.g. via proptest for amount ranges) is warranted given the contract holds real value; scope that as a follow-up if it's too large for this issue.
Deliverables
- Expanded
test.rs covering unauthorized-call, zero/negative/max-amount, and uninitialized-call cases
- Written note on residual risk / recommended follow-up (e.g. fuzzing, external audit) before mainnet
Dependencies
None
Summary
contracts/hashport-account/src/test.rsexists but should be pushed further given this contract directly custodies user funds — expand coverage of authorization and numeric edge cases before any mainnet use.Description
Review
contracts/hashport-account/src/lib.rsfor everyrequire_authcall site (set_owner,transfer) and add tests asserting each fails without proper authorization from a caller other than the owner.Add tests for
transferwithamount = 0, negative amounts (already guarded byError::InvalidAmount— verify the guard), andi128::MAXto check for overflow behavior in the underlying token transfer.Add a test for calling any method before
__constructorruns (Self::ownercurrently.expect("not initialized")— confirm this panics cleanly rather than an unclear trap).Consider whether a formal fuzzing pass (e.g. via
proptestfor amount ranges) is warranted given the contract holds real value; scope that as a follow-up if it's too large for this issue.Deliverables
test.rscovering unauthorized-call, zero/negative/max-amount, and uninitialized-call casesDependencies
None