security_review/audit/topics/genesis_allocation_schema.md

893 bytes
Bundle Index Verify JSON 
# SpaceCash Security Review Topic: genesis_allocation_schema

- Severity if failed: `high`
- Status: `not_reviewed`
- Reviewer:
- Reviewed at:

## Required Questions

- [ ] Does the verifier reject invalid addresses, duplicate allocations, non-positive amounts, missing basis fields, and supply mismatches?
- [ ] Does require-approved mode fail unless approval fields, manual legal/compliance gate, allocation hash, and supply totals are complete?
- [ ] Can reviewers reproduce the allocation hash from the canonical JSON body?

## Expected Controls

- genesis_allocation_template.json
- genesis_allocation_check.json
- tools/spacecash_genesis_allocation.py
- allocation_hash

## Evidence Collected

- Source files reviewed:
- Commands/tests run:
- Artifacts reviewed:

## Findings

- None recorded yet.

## Closure Notes

- Decision: `not_reviewed`
- Notes: