johba/harb - Forgejo: Beyond coding. We forge.

johba/harb

Fork 0

Commit graph

Author	SHA1	Message	Date
openhands	10c90e4c50	fix: address AI review findings on SECURITY_REVIEW.md and deployment.md (#838 ) - M-2: update body to show current deployer-only setFeeDestination() implementation and conditional locking; mark as partially resolved; downgrade severity from Medium to Low; update conclusion entry - I-1: mark as resolved — Recentered event declared at line 66 and emitted at line 224 of LiquidityManager.sol - I-2: correct VWAP direction (records on sells/ETH outflow, not buys); update stale line reference from 146-158 to 177-191 - deployment.md §6.5: replace vague 'assess severity' step 1 with concrete action (upgrade optimizer to bear defaults via §6.2) - deployment.md §8 timeline: remove stale 'Set recenter access' row; update 'First recenter' dependency Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>	2026-03-16 15:15:33 +00:00
openhands	9b75817300	fix: SECURITY_REVIEW.md references obsolete recenterAccess pattern (#838 ) - Update M-3 finding: recenterAccess was removed; MIN_RECENTER_INTERVAL (60s) cooldown now enforced unconditionally — downgrade severity to Informational (resolved) - Update Access Control Summary: remove recenterAccess rows, reflect permissionless recenter() with cooldown - Update Conclusion: mark M-3 as resolved - Fix stale M-1 impact note that mentioned recenterAccess as a workaround - deployment.md: remove Section 3.2 "Set Recenter Access" (setRecenterAccess no longer exists); update 3.3 first-recenter comment - deployment.md: replace recenterAccess() verification call with lastRecenterTime() check - deployment.md §6.1: rewrite Pause Recentering note — no access-control switch exists, cooldown is the only rate limiter - deployment.md §6.5: remove stale setRecenterAccess(0xdEaD) instruction Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>	2026-03-16 14:43:37 +00:00
johba	396f2b5f90	docs: layered information architecture (#140 ) (#163 )	2026-02-20 09:01:11 +01:00

Author

SHA1

Message

Date

openhands

10c90e4c50

fix: address AI review findings on SECURITY_REVIEW.md and deployment.md (#838 )

- M-2: update body to show current deployer-only setFeeDestination()
  implementation and conditional locking; mark as partially resolved;
  downgrade severity from Medium to Low; update conclusion entry
- I-1: mark as resolved — Recentered event declared at line 66 and
  emitted at line 224 of LiquidityManager.sol
- I-2: correct VWAP direction (records on sells/ETH outflow, not buys);
  update stale line reference from 146-158 to 177-191
- deployment.md §6.5: replace vague 'assess severity' step 1 with
  concrete action (upgrade optimizer to bear defaults via §6.2)
- deployment.md §8 timeline: remove stale 'Set recenter access' row;
  update 'First recenter' dependency

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>

2026-03-16 15:15:33 +00:00

openhands

9b75817300

fix: SECURITY_REVIEW.md references obsolete recenterAccess pattern (#838 )

- Update M-3 finding: recenterAccess was removed; MIN_RECENTER_INTERVAL
  (60s) cooldown now enforced unconditionally — downgrade severity to
  Informational (resolved)
- Update Access Control Summary: remove recenterAccess rows, reflect
  permissionless recenter() with cooldown
- Update Conclusion: mark M-3 as resolved
- Fix stale M-1 impact note that mentioned recenterAccess as a workaround
- deployment.md: remove Section 3.2 "Set Recenter Access" (setRecenterAccess
  no longer exists); update 3.3 first-recenter comment
- deployment.md: replace recenterAccess() verification call with
  lastRecenterTime() check
- deployment.md §6.1: rewrite Pause Recentering note — no access-control
  switch exists, cooldown is the only rate limiter
- deployment.md §6.5: remove stale setRecenterAccess(0xdEaD) instruction

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>

2026-03-16 14:43:37 +00:00

johba

396f2b5f90

docs: layered information architecture (#140 ) (#163 )

2026-02-20 09:01:11 +01:00

3 commits