Skip to content

audit: security audit and storage optimization for stealth-registry#35

Open
thebabalola wants to merge 1 commit into
wraith-protocol:developfrom
thebabalola:audit/stealth-registry
Open

audit: security audit and storage optimization for stealth-registry#35
thebabalola wants to merge 1 commit into
wraith-protocol:developfrom
thebabalola:audit/stealth-registry

Conversation

@thebabalola
Copy link
Copy Markdown

@thebabalola thebabalola commented May 29, 2026

Conducted a security audit of the stealth-registry contract. Improved scalability by switching to persistent storage and added a remove_keys function for privacy. Closes #2.

@drips-wave
Copy link
Copy Markdown

drips-wave Bot commented May 29, 2026

@thebabalola Great news! 🎉 Based on an automated assessment of this PR, the linked Wave issue(s) no longer count against your application limits.

You can now already apply to more issues while waiting for a review of this PR. Keep up the great work! 🚀

Learn more about application limits

@thebabalola thebabalola marked this pull request as ready for review May 29, 2026 21:07
@thebabalola
Copy link
Copy Markdown
Author

thebabalola commented May 29, 2026

Hi @maintainer, I've completed the security audit and storage optimization for the stealth-registry contract. It's ready for review!

@truthixify truthixify changed the base branch from main to develop June 1, 2026 15:10
@truthixify
Copy link
Copy Markdown
Contributor

truthixify commented Jun 1, 2026

The instance()persistent() migration is a real improvement and the remove_keys entrypoint is a sensible addition — both should land. But the audit deliverable here is lighter than what issue #2 asked for; could you expand it before we merge?

Specific gaps vs the issue spec:

  1. Location: Should be at stellar/stealth-registry/audits/2026-XX-author.md (in the audits/ subdirectory), matching the pattern PR Security audit of stealth-announcer Soroban contract #34 set for the announcer. Move AUDIT.md there.
  2. tests/audit.rs file: Each finding needs a reproducer test in a dedicated tests/audit.rs, like Security audit of stealth-announcer Soroban contract #34 did for the announcer. Right now the tests are inline in lib.rs and aren't labelled to which finding they prove.
  3. "Storage rent strategy" section: This is explicitly called out in the issue. With persistent storage your registrations no longer expire by archival, but Soroban still charges rent on TTL extension. A short section on whether (and how) we keep registrations alive would close the loop.
  4. Findings the issue asked you to look for that aren't covered yet:
    • Storage-key collision risk (can two (registrant, scheme_id) pairs collide via the DataKey packing?)
    • Replacement squatting (can an attacker pre-register a victim's slot? With require_auth() they can't, but it's worth documenting why.)
    • Scheme-ID forward compatibility (what happens with unknown scheme_ids?)
    • State exposure / privileged side channels
    • Replay protection across the write boundary (currently overwriting allowed — say so explicitly)

The code change (storage migration + remove_keys) is good. Just need the audit doc to match the rigor of #34.

Thanks @thebabalola — happy to re-review once you push the revisions.

@truthixify truthixify mentioned this pull request Jun 1, 2026
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

Security audit of stealth-registry Soroban contract

2 participants

@thebabalola @truthixify