SC: Transfer Component Enhancements #65
Description
Description
The transfer_component in the Starknet contract has several issues impacting security, functionality, and efficiency. This issue outlines critical problems and proposed fixes.
Problems and Proposed Fixes
No Expiration Handling
Problem: Transfers are not marked as Expired when expires_at is reached, and total_expired_transfers is never updated.
Fix: Add a function to mark expired transfers or check expiration in status-changing functions.
Missing Agent Assignment Logic
Problem: assigned_agent is always zero and lacks assignment logic, limiting cash-out functionality.
Fix: Implement an admin-only function to assign agents to transfers.
Verbose Zero Address Creation
Problem: Uses 0.try_into().unwrap() for zero addresses.
Fix: Replace with Zero::zero() from core::num::traits::Zero.
Inefficient Pagination
Problem: get_transfers_by_sender/get_transfers_by_recipient iterate over indices, which may be gas-intensive.
Fix: Optimize storage or add status-based filtering.
Missing Expiration Checks
Problem: No expiration validation in complete_transfer, partial_complete_transfer, or request_cash_out.
Fix: Add checks to prevent actions on expired transfers.
Unclear Metadata Usage
Problem: metadata is stored but not validated or used.
Fix: Define its purpose or remove if unnecessary.
Statistics Double-Counting
Problem: total_completed_transfers increments for both complete_transfer and complete_cash_out, risking double-counting.
Fix: Use separate counters or clarify counting logic.
Acceptance Criteria
Implement expiration handling for transfers.
Add an admin-only agent assignment function.
Replace zero address creation with Zero::zero().
Optimize pagination for sender/recipient queries.
Add expiration checks in relevant functions.
Define or remove metadata field.
Ensure accurate transfer statistics with clear counting logic.
Include unit tests for all fixes, covering edge cases.