fix(payments): 4 core bugs from Codex audit (precision, revert feedback, tip webhook, gate)#28
Merged
Merged
Conversation
…, tip webhook, gate) Codex の core-payment 監査で確認した実バグを修正 (PaymentForm/CheckoutForm/TipForm は OOM で unit-test が動かないため、typecheck + 純関数 unit test + e2e + Codex review で担保)。 B1 (金額の精度ドリフト): DECIMAL_PATTERN が小数桁を無制限に許可し、parseUnits が token の decimals 超過分を黙って丸める (例: USDC 6dp で "0.0000009" → 0.000001) ため表示額と実送金額が 乖離。lib/url.exceedsTokenPrecision を追加、PaymentForm/TipForm は精度超過で amountWei=0n に 倒し送信 block + errorAmountPrecision を案内 (CheckoutForm は item 価格 parser が既に弾く)。 B2 (revert の無反応穴): gasless は data.success===false、standard は phase=*-error だが receipt は 成功 (status=reverted) で Error 無く、success panel も error も出ず無反応。3 form の error 表示に revertedNoFeedback → errorReverted を追加。 B3 (TipForm webhook の live-state 読み): webhook が live の amountStr/breakdown を読み、送信後の額 変更や gasQuote refetch で実送金と異なるチップを通知し得た。onSubmit でスナップショット固定 + 送信中は preset/custom 入力を lock。 B4 (CheckoutForm の弱い zero-merchant gate): canSubmit に merchantReceives>0 明示ガードが無く PaymentForm と非対称。明示ガードを追加して揃える。 i18n: errorAmountPrecision / errorReverted を 3 form 名前空間 (ja/en) に追加。 Verified: tsc 0 · eslint 0 · full suite 2583 passed/0 failed。 Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
|
The latest updates on your projects. Learn more about Vercel for GitHub.
|
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Codex の core-payment 監査で確認した 実バグ4件 を修正。PaymentForm/CheckoutForm/TipForm は OOM で unit-test が CI で動かないため、typecheck + 純関数 unit test + e2e + diff レビューで担保。
DECIMAL_PATTERNが小数桁を無制限許可 →parseUnitsが token decimals 超過分を黙って丸め、表示額≠実送金額 (例 USDC 6dp0.0000009→0.000001)exceedsTokenPrecisionを追加、PaymentForm/TipForm は精度超過で送信 block +errorAmountPrecision案内 (Checkout の item parser は既に弾く)。純関数 unit test 付きsuccess:false/ standardphase=*-error(receipt 成功 = Error 無し) で success panel も error も出ないrevertedNoFeedback → errorRevertedを追加canSubmitにmerchantReceives>0明示ガードが無く PaymentForm と非対称i18n:
errorAmountPrecision/errorRevertedを 3 form 名前空間 (ja/en) に追加。tsc 0 · eslint 0 · full suite 2583 passed/0 failed。
🤖 Generated with Claude Code