Feature/escrow maturity gate#64
Merged
mikewheeleer merged 8 commits intoLiquifact:mainfrom Mar 27, 2026
Merged
Conversation
Add ledger timestamp check in settle(). The current ledger time must be >= escrow.maturity before status can advance to settled (2). Security note: env.ledger().timestamp() is the canonical on-chain clock and cannot be spoofed by the contract caller.
- Refactor helpers into setup() to reduce boilerplate - Fix existing settle tests to advance ledger to >= maturity - Add edge cases: exact boundary, one second before, one day after, timestamp=0 with maturity>0, and zero-maturity (no time lock) - All 17 tests pass with zero warnings
Add 'Maturity gate' section explaining the two settle() guards: - funding status check - ledger timestamp >= maturity check Include a truth table of all time/status combinations and a note on the security property of env.ledger().timestamp().
- Expand module-level doc to describe the maturity gate security model - Annotate InvoiceEscrow::maturity with timestamp semantics and the zero-maturity escape hatch - Expand settle() doc comment with security rationale for using env.ledger().timestamp() as the trusted clock
|
@shaaibu7 Great news! 🎉 Based on an automated assessment of this PR, the linked Wave issue(s) no longer count against your application limits. You can now already apply to more issues while waiting for a review of this PR. Keep up the great work! 🚀 |
Contributor
|
resolve the conflicts |
Contributor
Author
|
conflict resolved |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
feat(escrow): implement maturity gate for settlement
Blocks
settle()from executing before the invoice maturity timestamp,preventing premature settlement and protecting investor yield obligations.
Changes
escrow/src/lib.rs— addedenv.ledger().timestamp() >= maturitycheck in
settle()with a clear panic message; expanded module-leveland field-level doc comments explaining the security model
escrow/src/test.rs— rewrote test suite (17 tests) covering allmaturity gate paths: exact boundary, one second before, one day after,
timestamp=0 with maturity>0, and zero-maturity (no time lock)
README.md— added Maturity gate section with truth table and noteon why
env.ledger().timestamp()is a trustless clockSecurity note
env.ledger().timestamp()is set by Stellar network consensus and cannotbe manipulated by the contract caller, making it safe as a time gate.
closes #6