Skip to content

security: harden router-scoped compliance boundary#18

Open
0xMuang wants to merge 2 commits into
mainfrom
17-security-review-compliance-bypass-paths-outside-executionrouter
Open

security: harden router-scoped compliance boundary#18
0xMuang wants to merge 2 commits into
mainfrom
17-security-review-compliance-bypass-paths-outside-executionrouter

Conversation

@0xMuang

@0xMuang 0xMuang commented Jun 20, 2026
edited
Loading

Copy link
Copy Markdown
Collaborator

Summary

  • document that Corner Store DEX-level compliance is enforced on router-mediated execution paths
  • distinguish protected router flow from direct ERC-3643 transfers, direct venue calls, wrappers, vaults, custodians, and offchain beneficial ownership paths
  • record the current limited-scope security/product decision in DECISIONS.md
  • enforce router-only authorization on RFQ and order-book adapter stubs so future supported settlement paths cannot be directly called by maker/taker
  • add direct-call rejection tests for RFQ/order-book stubs
  • switch the AMM adapter callback token pull to SafeERC20.safeTransferFrom
  • add security checklist items for callback-origin validation, SafeERC20, signed settlement replay binding, and venue governance risks

Closes #17

Verification

  • forge fmt
  • git diff --check
  • scripts/check.sh

@0xMuang
Document router-scoped compliance guarantees
ec565e3 
Constraint: Issue 17 is a security-boundary documentation task, not a broad code hardening pass.\nRejected: Attempting to block every non-router path in code | direct token, pool, wrapper, and custodian paths require product and issuer-level decisions first.\nConfidence: high\nScope-risk: narrow\nDirective: Do not describe Corner Store as globally enforcing every RWA movement unless non-router paths are separately restricted.\nTested: git diff --check; scripts/check.sh\nNot-tested: production ERC-3643 issuer modules, live venues, RFQ, order book, wrapper, or custodian enforcement.
@0xMuang 0xMuang linked an issue Jun 20, 2026 that may be closed by this pull request
security: review compliance bypass paths outside ExecutionRouter #17
Open
5 tasks
@0xMuang
Enforce router-only venue stubs
4b87216 
Constraint: Issue 17 requires skeleton-supported venue paths to avoid compliance bypass while non-router token/pool paths remain product-boundary decisions.\nRejected: Treating this as docs-only | added router-only guards and direct-call tests for future RFQ/order-book stubs.\nConfidence: high\nScope-risk: narrow\nDirective: Future adapters and settlement contracts must keep router-only or equivalent authorization before production support.\nTested: forge fmt; git diff --check; scripts/check.sh\nNot-tested: live RFQ/order-book settlement, live Uniswap v3 pools, wrapper/vault/custodian enforcement.
@0xMuang 0xMuang changed the title docs: document router-scoped compliance boundary security: harden router-scoped compliance boundary Jun 20, 2026
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

security: review compliance bypass paths outside ExecutionRouter

1 participant

@0xMuang