feat: admin blacklist for hunt creators#1
Open
ola196 wants to merge 370 commits into
Open
Conversation
…ardManager and add regression test
…mulation - Replace += with saturating_add for total_score_sum in get_hunt_statistics to prevent u64 overflow with large numbers of high-scoring players (issue Samuel1-ona#154) - Guard average_score cast with .min(u32::MAX) to prevent silent truncation - Replace += with saturating_add for total_score in PlayerProgress::complete_clue to keep per-player score accumulation consistent with the same defensive pattern
…ting pool Resolves Samuel1-ona#142 - Add optional HuntyCore contract address storage (set_hunty_core admin fn) - In create_reward_pool, if hunty_core is configured, call get_hunt_info via try_invoke_contract to verify the hunt exists before creating the pool - Return new HuntNotFound (error code 13) if the hunt does not exist - If hunty_core is not configured, hunt_id remains caller-trusted (no change in behavior for existing deployments) - Add 3 tests covering caller-trusted mode, HuntNotFound rejection, and admin-only access to set_hunty_core
…g with saturating_add Merges two concurrent changes to complete_clue: - Add is_required param and required_completed_count tracking (from main) - Use saturating_add for total_score to prevent overflow (issue Samuel1-ona#154) Also adds required_completed_count field to PlayerProgress and StoredPlayerProgress structs with full to_stored/from_stored support.
…te min_distribution_amount Resolves Samuel1-ona#141 - Add update_pool_config(creator, hunt_id, min_distribution_amount) function - Restricted to the pool creator via require_auth + creator check - Validates min_distribution_amount is not negative - Returns PoolNotFound if no pool exists for the given hunt_id - Returns Unauthorized if caller is not the pool creator - Returns InvalidAmount if min_distribution_amount is negative - Add 5 tests covering success, zero reset, unauthorized, not found, and negative
…ze storage Resolves Samuel1-ona#138
…cated to operators
…el1-ona#157) - Add offset: u32 parameter to get_hunt_leaderboard allowing clients to page through results beyond the 20-entry cap (e.g. ranks 21-40, 41-60) - Returned rank values are absolute (offset + local_rank) - Update all 4 existing call sites with offset=0 (no behaviour change) - Fix pre-existing E0282 type inference compile error in test.rs - Add test_get_hunt_leaderboard_offset_pagination covering offset=0,1,2,100
fixed the test
…ted-owner-index fix: replace unbounded Vec in add_nft_to_owner with paginated index (Issue Samuel1-ona#86)
fix: propagate NFT mint failures from reward manager
…imization issue fixed
Add a warning in docs and consider an opt-in public_question: bool flag
feat: all issues solved
…-ona#84 Adds five targeted tests that guard against re-introducing instance storage for hunt/clue data: - test_hunt_data_readable_after_player_registration: verifies that registering a player (which only touches persistent keys) does not leave hunt data inaccessible. - test_clue_index_readable_after_player_submits_answer: verifies that the clue index (previously in instance storage) survives player interactions that only bump persistent TTLs. - test_hunt_clue_and_player_data_consistent_across_full_lifecycle: end-to-end consistency check across create/add-clue/activate/ register/submit stages. - test_multiple_hunts_maintain_isolated_persistent_clue_indexes: verifies that each hunt's clue index is isolated in persistent storage with no cross-contamination. - test_hunt_counter_increments_sequentially_in_persistent_storage: verifies the global hunt counter lives in persistent storage and yields sequential IDs across multiple create_hunt calls. Co-Authored-By: Claude Sonnet 4.6 <[email protected]>
…ng-semver-404 Feat/contract versioning semver 404
origin/main independently migrated all hunt/clue storage to persistent() and added a TtlPolicy enum with status-aware TTL bumping. Accept upstream's implementation — it satisfies issue Samuel1-ona#84 (no instance-storage TTL mismatch) and adds proper TTL management on top. Our regression tests in test.rs are retained. Co-Authored-By: Claude Sonnet 4.6 <[email protected]>
After origin/main merged bdebdfd, three function signatures changed: - add_clue gained a new `difficulty: Option<u32>` parameter - create_hunt gained `max_submissions_per_minute: u32` and `start_multiplier_bps: Option<u32>` parameters - register_contract(None, T) was replaced by register(T, ()) Update every call site in test.rs to match: pass `None` for difficulty, `0, None` for the new create_hunt params, and use `env.register(T, ())`. Also fix the five issue-Samuel1-ona#84 regression tests: remove the stale `creator` arg from add_clue, correct activate_hunt arg order (hunt_id before caller), and switch submit_answer calls to use the local wrapper helper. Co-Authored-By: Claude Sonnet 4.6 <[email protected]>
- Add 16 tests covering all acceptance criteria: - Transfer to self returns InvalidRecipient, state unchanged - Transfer non-existent NFT (id 9999 and id 0) returns NftNotFound - Transfer by non-owner returns NotOwner/NotOperator - Operator happy path and revoked-operator path - Transfer soulbound NFT returns SoulboundNft, operator cannot bypass - Transfer updates owner field, owner_of query, player NFT indexes - Chained transfers A->B->C tracked correctly - completion_player and metadata fields preserved after transfer - NftTransferredEvent emitted with correct fields - Fix: add missing NftLocked = 12 to NftErrorCode enum in errors.rs - Fix: add contracts/common/Cargo.toml and lib.rs to unblock workspace
- Add HuntEndTimeInPast (31) to HuntErrorCode and HuntError - Check end_time > current_time in activate_hunt before setting Active - Add test_activate_hunt_end_time_in_past to cover the new guard - Fix register_player body indentation (pre-existing syntax error) - Fix missing closing brace in get_global_view_only_list (storage.rs) - Remove duplicate closing brace at end of lib.rs - Add contracts/common/Cargo.toml so workspace resolves Closes Samuel1-ona#179
…boundary-cases Test/194 hunt title boundary cases
…d-time-179 fix: reject activate_hunt when end_time is already in the past
…-edge-case-tests Add NFT transfer test coverage
…smatch Fix/84 storage ttl mismatch
Cover leaderboard sorting edge cases for the hunt leaderboard: - equal scores tie-broken by completion time (earlier ranks higher) - single-player leaderboard - zero-score players ranked below players who have scored (empty leaderboard already covered by test_get_hunt_leaderboard_empty) Closes Samuel1-ona#428 Closes Samuel1-ona#424 Closes Samuel1-ona#427 Closes Samuel1-ona#434
test(hunty-core): add leaderboard sorting correctness tests
- Add CreatorBlacklisted(23) error code to HuntErrorCode - Add CreatorBlacklistedEvent and CreatorRemovedFromBlacklistEvent types - Add set_admin, get_admin, blacklist_creator, remove_from_blacklist, is_blacklisted helpers to Storage - Implement set_admin, blacklist_creator, remove_from_blacklist, is_blacklisted contract functions in HuntyCore - Check blacklist in create_hunt; return CreatorBlacklisted on match - Emit CreatorBlacklisted/CreatorRemovedFromBlacklist events - Add 6 tests covering all acceptance criteria - Fix pre-existing E0282 type inference compile error Closes Samuel1-ona#405
feat: all hunty issues on
PR Samuel1-ona#426: Add Cross-Contract Integration Test Suite
…bution-replay-vulnerability Implement Replay Protection for Cross-Contract Reward Distribution
Samuel1-ona
pushed a commit
that referenced
this pull request
Jun 30, 2026
feat: add Paused status to HuntStatus, replace Draft in deactivate_hu…
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
19 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Closes Samuel1-ona#405