Skip to content

fix: remediate round 2 audit — API layer (#39)#50

Merged
0xZunia merged 3 commits intomainfrom
fix/audit-r2-api
Feb 22, 2026
Merged

fix: remediate round 2 audit — API layer (#39)#50
0xZunia merged 3 commits intomainfrom
fix/audit-r2-api

Conversation

@0xZunia
Copy link
Copy Markdown
Contributor

@0xZunia 0xZunia commented Feb 22, 2026

Summary

  • NEW-1 (Medium): Validate signature (64B) and public key (32B) lengths in GraphQL TransactionInput.ToTransaction(), matching REST validation
  • NEW-2 (Medium): Cap /v1/call gas limit at BlockGasLimit to prevent unbounded compute
  • NEW-3 (Medium): Add maxPools pagination to /v1/pools (default 100, max 1000)
  • NEW-4 (Low): Faucet nonce retry — retry once with incremented nonce on mempool rejection
  • NEW-5 (Medium): Per-IP rate limiting (100 req/min) via Microsoft.AspNetCore.RateLimiting
  • NEW-6 (Low): CORS middleware for API access from explorer/external clients
  • NEW-7 (Low): Remove exception type name from GraphQL mutation error messages

Closes #39

Test plan

  • Clean build (0 warnings, 0 errors)
  • Full test suite passes (0 failures)

@0xZunia
fix: remediate round 2 audit — API layer (#39)
fa75772 
NEW-1: Validate signature (64B) and public key (32B) lengths in GraphQL
TransactionInput.ToTransaction, matching REST endpoint validation.

NEW-2: Cap /v1/call gas limit at chainParams.BlockGasLimit to prevent
unbounded compute via ulong.MaxValue gas limit.

NEW-3: Add maxPools pagination parameter to /v1/pools (default 100,
max 1000) to prevent unbounded pool iteration.

NEW-4: Add faucet nonce retry — if mempool rejects due to nonce
conflict, retry once with incremented nonce.

NEW-5: Add per-IP rate limiting (100 req/min fixed window) via
Microsoft.AspNetCore.RateLimiting middleware.

NEW-6: Add CORS middleware with permissive default policy for API
access from explorer and external clients.

NEW-7: Remove exception type name from GraphQL mutation error messages
to prevent internal type information leakage.
@0xZunia
fix: update GraphQL error test to match NEW-7 generic error message
2c1e917 
The test was still asserting old L-1 behavior (exception type in error),
but NEW-7 intentionally removed it to prevent information leakage.
@0xZunia
Merge remote-tracking branch 'origin/main' into fix/audit-r2-api
c77f520 
# Conflicts:
#	src/api/Basalt.Api.Rest/RestApiEndpoints.cs
@0xZunia 0xZunia merged commit bec23af into main Feb 22, 2026
4 checks passed
@0xZunia 0xZunia deleted the fix/audit-r2-api branch February 22, 2026 15:30
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

API Layer Audit Report (Round 2)

1 participant

@0xZunia