Skip to content

Add flash loan manipulation guards#401

Open
TUPM96 wants to merge 1 commit into
Smartdevs17:mainfrom
TUPM96:codex/flash-loan-manipulation-379
Open

Add flash loan manipulation guards#401
TUPM96 wants to merge 1 commit into
Smartdevs17:mainfrom
TUPM96:codex/flash-loan-manipulation-379

Conversation

@TUPM96
Copy link
Copy Markdown

@TUPM96 TUPM96 commented May 25, 2026

Closes #379

Summary

  • add configurable flash-loan security limits for loan/liquidity, price impact, and TWAP deviation
  • track per-asset active flash loans and latest security snapshots
  • block liquidation pricing while debt/collateral asset is in an active flash loan
  • add tests covering liquidity caps, excessive price impact, and TWAP liquidity manipulation simulations

Tests

  • cargo fmt -p stellarlend-lending
  • cargo check -p stellarlend-lending --lib
  • cargo test -p stellarlend-lending -- --test-threads=4

Copilot AI review requested due to automatic review settings May 25, 2026 11:41
@vercel
Copy link
Copy Markdown

vercel Bot commented May 25, 2026

@TUPM96 is attempting to deploy a commit to the smartdevs17's projects Team on Vercel.

A member of the Team first needs to authorize it.

@TUPM96 TUPM96 mentioned this pull request May 25, 2026
Closed
6 tasks
Copilot AI reviewed May 25, 2026
View reviewed changes
Copy link
Copy Markdown

Copilot AI left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Copilot encountered an error and was unable to review this pull request. You can try again by re-requesting a review.

Smartdevs17 pushed a commit that referenced this pull request May 28, 2026
@akintewe
feat: secure upgrade mechanism, flash loan attack prevention, DTO ref…
cc43b6d 
…actor, event schema standardization (#415)

* feat(upgrade): add 48h standard and 4h emergency timelocks with multisig

- Add STANDARD_TIMELOCK_SECS (48h) and EMERGENCY_TIMELOCK_SECS (4h) constants
- Add TimelockNotElapsed and StorageLayoutMismatch error variants
- Add TimelockQueued stage to UpgradeStage enum
- Add execute_after and is_emergency fields to UpgradeProposal and UpgradeStatus
- Add upgrade_queue_timelock() to start the standard 48h countdown post-approval
- Add upgrade_propose_emergency() for 4h emergency path (admin only)
- Enforce timelock in upgrade_execute() — rejects before execute_after elapses
- Add UpgradeTimelockQueuedEvent and UpgradeEmergencyProposedEvent to events
- Update all tests to go through queue_and_execute() helper for correct flow

* feat(flash-loan): add TWAP price manipulation detection and attack prevention

- Add ManipulationConfig with pool liquidity cap (50%), price impact limit,
  TWAP deviation threshold, and concurrent loan detection
- Add TwapAccumulator/TwapState structs with time-windowed price sampling
- Add check_twap_deviation(), check_liquidity_cap(), check_price_impact()
- Add per-asset AssetLoanGuard to block concurrent flash loans (sandwich prevention)
- Update flash_loan() signature to accept spot_price for TWAP checks
- Add flash_record_price() and set_flash_manipulation_config() entrypoints
- Apply same attack guards to hello-world flash_loan module
- Update all tests to use new flash_loan() signature with spot_price
- Add tests for liquidity cap, price impact, and TWAP deviation blocking

Closes #379, #401

* feat(api): add DTO layer with structured validation for all endpoints

- Add api/src/dto/ directory with TypeScript DTO classes
- base.dto.ts: FieldError, ValidationResult, helper validators (isValidStellarAddress,
  isValidAmount, isOptionalString), MAX_I128 constant
- lending.dto.ts: LendingOperationDto, PrepareRequestDto, SubmitRequestDto,
  RelayDelegatedDto, PrepareResponseDto, TransactionResponseDto — all with
  static validate() and fromBody()/fromQuery() factories + JSDoc/OpenAPI schemas
- subscription.dto.ts: CreateSubscriptionDto covering all subscription fields
- pagination.dto.ts: PaginationQueryDto with configurable max-limit
- dto/index.ts: barrel re-export
- middleware/validation.ts: add DTO-based middleware variants (validateLendingOperationDto,
  validatePrepareDto, validateSubmitDto, validateRelayDelegatedDto,
  validateCreateSubscriptionDto, validatePaginationDto) that attach typed DTOs
  to req for use in controllers — existing express-validator chain preserved

Closes #362

* feat(events): standardize event schemas across all contracts

AMM (amm.rs):
- Add explicit topics attributes: amm_swap, amm_liq_add, amm_liq_rm, amm_op, amm_cb_valid
- Add timestamp: u64 field to SwapExecutedEvent, LiquidityAddedEvent, LiquidityRemovedEvent,
  CallbackValidatedEvent (AmmOperationEvent already had it)
- Update all emit helper functions to pass env.ledger().timestamp()

Bridge (bridge.rs):
- Add explicit topics attributes: br_reg, br_fee, br_active, br_dep, br_wdraw, br_pause,
  br_val_upd, br_sec_cfg, br_slash, br_ch_emrg, br_anomaly
- Add timestamp: u64 to all 11 bridge event structs (previously none had it)
- Update all emit call sites to include timestamp

Docs:
- Add docs/event-schema.md: mandatory fields spec, topic naming conventions,
  per-contract event catalogue, backward-compat note, PR checklist

CI:
- Add scripts/check_event_schema.sh: detects contractevent structs missing
  the required timestamp field; warns on missing explicit topics

Closes #356, #408
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

Copilot code review Copilot Copilot left review comments

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

Add flash loan attack prevention with price manipulation detection

2 participants

@TUPM96