This issue tracks the implementation of the Soroban Authorization Framework within the Soroban semantics. Specifically, we aim to properly implement the two host functions that are currently no-ops:
require_authauthorize_as_curr_contract
Implementing these is essential for enabling accurate reasoning about the authorization properties of Soroban smart contracts using Komet.
Currently, require_auth and authorize_as_curr_contract are stubbed and do not affect contract execution or analysis. As a result, Komet cannot model or analyze the authorization behavior of Soroban contracts. Once these functions are correctly implemented, Komet will be able to check authorization flows.
TODO:
Resources:
Priority: High
This issue tracks the implementation of the Soroban Authorization Framework within the Soroban semantics. Specifically, we aim to properly implement the two host functions that are currently no-ops:
require_authauthorize_as_curr_contractImplementing these is essential for enabling accurate reasoning about the authorization properties of Soroban smart contracts using Komet.
Currently,
require_authandauthorize_as_curr_contractare stubbed and do not affect contract execution or analysis. As a result, Komet cannot model or analyze the authorization behavior of Soroban contracts. Once these functions are correctly implemented, Komet will be able to check authorization flows.TODO:
require_authauthorize_as_curr_contractResources:
Priority: High