Harden set_service_price to reject negative prices with a precise error
Description
In contracts/escrow/src/lib.rs, set_service_price rejects a negative price_stroops by panicking with EscrowError::RequestsMustBePositive (#2) — an error whose name and doc comment are about record_usage request counts, not prices. This semantic mismatch will confuse client SDKs decoding the error and any operator reading logs. This issue introduces a precise error while keeping codes append-only.
Requirements and context
- Repository scope:
Agentpay-Org/Agentpay-contracts only.
- Add a new
EscrowError::InvalidPrice variant (next free code, append-only) and use it for the negative-price guard in set_service_price.
- Do not renumber or reuse existing codes;
#2 keeps its record_usage meaning.
- Update the doc comment on
set_service_price and the error enum accordingly.
- Confirm zero price remains allowed (free service) per the existing contract.
Suggested execution
- Fork the repo and create a branch
git checkout -b security/contracts-25-invalid-price-error- Implement changes
- Write code in:
contracts/escrow/src/lib.rs — new error variant + guard swap.
- Write comprehensive tests in:
contracts/escrow/src/test.rs — negative price panics with the new code, zero allowed, positive round-trips.
- Add documentation: note the error semantics in
README.md.
- Include NatSpec-style doc comments (
///) matching the existing style in lib.rs.
- Validate security: no code reuse, stable SDK decoding.
- Test and commit
Test and commit
- Run
cargo fmt --all -- --check, cargo build, and cargo test.
- Cover edge cases: -1, i128::MIN, 0, large positive price.
- Include the full
cargo test output and a short security notes section in the PR description.
Example commit message
fix: use a dedicated InvalidPrice error for negative set_service_price
Guidelines
- Minimum 95 percent test coverage for impacted modules.
- Clear, reviewer-focused documentation.
- Timeframe: 96 hours.
Community & contribution rewards
- 💬 Join the AgentPay community on Discord for questions, reviews, and faster merges: https://discord.gg/eXvRKkgcv
- ⭐ This is a GrantFox OSS / Official Campaign task and may be rewarded. When your PR is merged you'll be prompted to rate the project — if this issue and the maintainers helped you ship, we'd be grateful for a 5-star rating. Clear questions in Discord and tidy, well-tested PRs are the fastest path to a merge and a reward.
Harden set_service_price to reject negative prices with a precise error
Description
In
contracts/escrow/src/lib.rs,set_service_pricerejects a negativeprice_stroopsby panicking withEscrowError::RequestsMustBePositive (#2)— an error whose name and doc comment are aboutrecord_usagerequest counts, not prices. This semantic mismatch will confuse client SDKs decoding the error and any operator reading logs. This issue introduces a precise error while keeping codes append-only.Requirements and context
Agentpay-Org/Agentpay-contractsonly.EscrowError::InvalidPricevariant (next free code, append-only) and use it for the negative-price guard inset_service_price.#2keeps itsrecord_usagemeaning.set_service_priceand the error enum accordingly.Suggested execution
git checkout -b security/contracts-25-invalid-price-errorcontracts/escrow/src/lib.rs— new error variant + guard swap.contracts/escrow/src/test.rs— negative price panics with the new code, zero allowed, positive round-trips.README.md.///) matching the existing style inlib.rs.Test and commit
cargo fmt --all -- --check,cargo build, andcargo test.cargo testoutput and a short security notes section in the PR description.Example commit message
fix: use a dedicated InvalidPrice error for negative set_service_priceGuidelines
Community & contribution rewards