Sulkta-Coop/aldabra
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
Pull-mirror of github.com/Sulkta-Coop/aldabra. Canonical lives on GitHub; this is a LAN-fast read-only cache.
103 commits 1 branch 0 tags 950 KiB
Find a file
Kayos eb192fa676 fix(escrow_wip): apply 2026-05-09 internal audit findings 
Two HIGH validator-side bugs + several MED/LOW off-chain issues found
in the subagent-driven audit on this branch. New validator hash:
a8081acef26935d9b5f44b92052178e17301b6d6e6808c91c5b56f5d.

## HIGH-1: Deposit redeemer let depositors drain tokens

aiken-escrow/validators/escrow.ak Deposit branch now requires
`value_geq_value(new_value, in_value)` before computing net_added.
Previously net_added could carry negative quantities (when new_value
< in_value component-wise), letting a depositor write a matching
new_d.deposits with reduced values and pocket the difference as
wallet change. Latent under v1 ADA-only MCP usage but the validator
must hold against all callers.

## HIGH-2: Empty/partial deposits enabled funds drain via Veto/Refund

Veto and Refund branches now require
`value_eq(deposits_to_value(d.deposits), in_value)` — the tracked
deposits must account for the full locked value. Previously
`refund_outputs_satisfy(_, [])` was vacuously true on empty deposits,
so a driver could fire Veto/Refund on an escrow opened with
`initial_contributor=None` (deposits=[], in_value>0) and pocket the
input's lovelace as change.

Defense in depth: escrow_open builder now refuses
`initial_contributor=None`. New helper `deposits_to_value` folds
deposit FlatValues into a Value via `assets.add` for the equality
check.

## MED: off-chain fixes

- escrow_open min-utxo bumped 1M → 2M (Conway-era inline-datum
  + script-address outputs need ~1.4-1.7 ADA, NOT the 1 ADA default).
- escrow_settle_unsigned + escrow_refund_timeout_unsigned now derive
  `validity_lower_ms` via slot_to_posix_ms(network, slot) instead of
  Koios's `block_time*1000` — the chain reconstructs `lower` from the
  slot, so Koios's ~1s drift could pass off-chain preflight while the
  chain rejects at the strict-`>` boundary.
- escrow_open_unsigned MCP tool no longer accepts (and silently
  discards) `fee_lovelace` — the unsigned-tx builder auto-estimates.

## LOW: defensive depth

- escrow_veto + escrow_refund_timeout: `qty as u64` → `u64::try_from`
  so a corrupt or adversarial datum with negative i128 qty can't slip
  through with a wraparound.

## Tests

- 36 escrow builder tests pass (added rejects_no_initial_contributor)
- 132 dao tests pass under --features escrow_wip
- aldabra-mcp release build clean

## Infra

- Validator artifact files (plutus.json, validator.cbor.hex)
  regenerated. Dockerfile already wired to bake them at
  /etc/aldabra/escrow/ for MCP tools' validator_script_path arg.
- Internal audit findings written up at
  audits/2026-05-09-escrow-internal-audit.md including the v2-deferred
  items (multi-asset spend-input, lovelace-not-cross-checked, etc.)

Third-party audit still required before any mainnet deployment.
2026-05-09 14:06:17 -07:00
.cargo build: strip Gitea token from pallas patch URLs + add cargo config 2026-05-06 07:45:37 -07:00
aiken-escrow fix(escrow_wip): apply 2026-05-09 internal audit findings 2026-05-09 14:06:17 -07:00
audits fix(escrow_wip): apply 2026-05-09 internal audit findings 2026-05-09 14:06:17 -07:00
crates fix(escrow_wip): apply 2026-05-09 internal audit findings 2026-05-09 14:06:17 -07:00
docs rename: sulkta-wallet → aldabra (per Cobb 2026-05-04) 2026-05-04 10:11:23 -07:00
.dockerignore phase 1: full read path — bip39 + cip-3 + cip-1852 + koios + age-mnemonic + rmcp 2026-05-04 11:09:00 -07:00
.gitignore phase 1 scaffold: cargo workspace + 3 crates + roadmap + architecture 2026-05-04 10:02:32 -07:00
Cargo.lock audit: cargo fmt + clippy --fix across workspace + retract_votes cooldown bug fix 2026-05-09 10:27:48 -07:00
Cargo.toml build: switch aldabra-pallas patch URLs to SSH 2026-05-06 07:55:32 -07:00
Dockerfile fix(escrow_wip): apply 2026-05-09 internal audit findings 2026-05-09 14:06:17 -07:00
LICENSE phase 1 scaffold: cargo workspace + 3 crates + roadmap + architecture 2026-05-04 10:02:32 -07:00
README.md rename: sulkta-wallet → aldabra (per Cobb 2026-05-04) 2026-05-04 10:11:23 -07:00
ROADMAP.md rename: sulkta-wallet → aldabra (per Cobb 2026-05-04) 2026-05-04 10:11:23 -07:00

README.md

aldabra

Rust-native Cardano lite wallet with an MCP-server interface — built for LLM-first usage (send, receive, mint, Plutus interaction).

Status: Phase 1 scaffold (2026-05-04). Compiles, structure in place, real wallet primitives still landing. See ROADMAP.md.

Why

The existing Cardano MCP servers are either read-only doc gateways (Jimmyh-world/Cardano_MCP) or built on Blockfrost (web3-mcp) which is a centralized API we deliberately don't depend on. Sulkta runs its own Koios + Ogmios endpoints on Rackham; we want a wallet that talks directly to those.

Also: it's the first Sulkta Rust project — useful as a workout for crafting-table's Rust toolchain (per Sulkta-Coop/lucy-infra spec-crafting-table.md).

Architecture

Three crates in a Cargo workspace:

Crate Responsibility
aldabra-core Pure crypto + types. Mnemonic → root key (CIP-3), root → payment + stake key (CIP-1852), address construction, signing. No I/O, no network. This is the security boundary.
aldabra-chain Pluggable backends for chain queries. ChainBackend trait, with Koios as the phase-1 implementation. Ogmios + submission paths in phase 2.
aldabra-mcp Binary. MCP server speaking stdio. Glues core + chain together, exposes tools to the LLM client. 
            ┌─────────────────────────────┐
LLM client  │       aldabra-mcp (bin)      │  stdio
─────────►  │   tool handlers, lifecycle  │  ────►
            └──────────┬──────────────────┘
                       │
              ┌────────┴────────┐
              ▼                 ▼
       ┌──────────────┐  ┌──────────────┐
       │ aldabra-core  │  │ aldabra-chain │
       │ keys, sign   │  │ Koios/Ogmios │
       └──────────────┘  └──────────────┘

MCP tools (target)

Phase 1:

  • wallet.address — derived base address at account 0, index 0
  • wallet.balance — ADA + native asset balance at the wallet's address
  • wallet.utxos — list UTXOs

Phase 2:

  • wallet.send — build, sign, submit a payment (ADA or native)
  • wallet.tx_status — poll a submitted tx hash

Phase 3:

  • wallet.mint — mint a CIP-25 / CIP-68 native asset
  • wallet.policy.create — generate a policy script (timelock, multisig)

Phase 4:

  • wallet.script.attach — attach an inline datum + reference script
  • wallet.script.spend — spend a Plutus-locked UTXO with redeemer
  • wallet.stake.delegate — delegate to a pool

Build

# Local (requires rustc 1.75+)
cargo build --release

# Through crafting-table (preferred — validates the toolchain there)
crafting-table build aldabra

Run

# Direct invocation (smoke test only — does nothing useful in phase 1)
./target/release/aldabra

# As an MCP server registered with Claude Code:
# add to ~/.claude.json:
#   "aldabra": {
#     "command": "/path/to/aldabra",
#     "env": {
#       "ALDABRA_DATA": "/mnt/cache/appdata/aldabra"
#     }
#   }

Security model

  • Mnemonic source: interactive bootstrap on first run, paste once, encrypted at rest with age. Never written to disk in plaintext.
  • Derived keys: in-memory only, ZeroizeOnDrop on every container.
  • Network exposure: stdio MCP transport — never opens a TCP socket. Only the spawning client process can reach it.
  • Multi-network: mainnet by default, but --network preview / --network preprod for testing without real ADA.

See also