docs: document solvency invariant design + add PoC repro (closes #16)#17
Merged
andsav merged 1 commit intoApr 26, 2026
Merged
Conversation
…epro (closes qmrkt#16) - Add detailed DESIGN NOTE comment to _assert_invariants() explaining why STATUS_DISPUTED is intentionally gated behind pool >= total_cost_basis. This was flagged as poorly documented in the qmrkt#13 review thread. - Add tests/repro_solvency_lock.py: a documented reproduction test that demonstrates the pool-depletion condition and confirms the guard fires correctly. Includes assertion that the market is NOT stuck — it remains in STATUS_RESOLUTION_PROPOSED and can still be finalised. - Add audit/bug13_solvency_lock_dispute.txt: security report artifact for the audit trail (originally submitted as qmrkt#13 bug bounty report). No contract logic is changed. The invariant check is preserved as-is. Closes qmrkt#16
Collaborator
|
Thank you for adding the clarifying comment there. As mentioned, I will revise this mechanism and ideally enable cancel/dispute. Contract size limit is an issue currently, so a larger refactor might be necessary. |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Closes #16
Per @andsav's request — submitting as the deliverable for the partial bounty award.
Changes (no logic modified):
_assert_invariants()explaining whySTATUS_DISPUTEDis gated behindpool >= total_cost_basistests/repro_solvency_lock.py— PoC confirming the guard fires correctly under pool-depletion conditionsaudit/bug13_solvency_lock_dispute.txt— original report as audit trailThanks again for the thorough review on #13.