Cross-Contract Consistency Remediation
How to fix cross-account state consistency issues.
Cross-Contract Consistency Remediation
Overview
Related Detector: Cross-Contract Consistency
Partial multi-account updates create exploitable inconsistencies. The fix is to validate all preconditions before any writes, then commit all updates together.
Recommended Fix
// Validate everything first
require!(a.balance >= amount, Insufficient);
require!(b.balance.checked_add(amount).is_some(), Overflow);
// Then commit all writes
a.balance -= amount;
b.balance += amount;Common Mistakes
Mistake: Writing Between Validations
a.balance -= amount;
a.serialize(data_a)?; // Written
require!(b.can_receive(amount), CannotReceive); // May fail
b.balance += amount; // Never reachedValidate all preconditions before any state mutations.