Subnet sale offer

[l0r1s]

Summary

This PR adds subnet sale offers to the Subtensor pallet.

The goal is to let a subnet owner announce that a subnet is for sale, optionally restricted to a specific buyer coldkey. Once an offer exists, a later crowdloan lease flow can target that offer, pay the seller, and transform the subnet into a lease atomically.

Creating an offer stores the sale terms by netuid and freezes the seller coldkey and current subnet owner hotkey while the offer is active. This prevents the seller from mutating the relevant accounts during the sale process. The seller or root can cancel the offer, and sale-offer state is also cleaned up if the subnet is removed.

The PR also adds a CheckSubnetSale dispatch extension so frozen sale accounts are rejected at dispatch time. Seller coldkeys may still cancel their sale offer, owner hotkeys are blocked unless the call is MEV-protected, and root bypasses the guard.

[github-actions]

AI review — see the sticky summary comment for the verdict and the inline comments below for specific findings.

[github-actions]

🛡️ AI Review — Skeptic (security review)

VERDICT: VULNERABLE

BASELINE scrutiny: l0r1s has write permission, an established account, substantial prior subtensor history, and no trusted Gittensor allowlist match. Branch subnet-sale-offer -> devnet-ready.

No .github/ai-review/*, .github/copilot-instructions.md, Cargo.toml, Cargo.lock, or build-script changes were present in the PR diff.

Findings

Sev	File	Finding
MEDIUM	pallets/subtensor/src/guards/check_subnet_sale.rs:60	Seller cannot cancel when coldkey is also owner hotkey	inline

Prior-comment reconciliation

• 55c47d32: not addressed — The current diff still rejects cancel_sale_offer when the signer is also present in SubnetSaleFrozenHotkeys; it even adds a test asserting that rejection.

Conclusion

The diff does not look malicious, but the sale guard can still strand a seller whose coldkey is also the subnet owner hotkey by blocking the only non-root cancellation path. That liveness and funds-access risk makes the PR currently vulnerable.

---

📜 Previous run (superseded)

Sev	File	Finding	Status
MEDIUM	pallets/subtensor/src/guards/check_subnet_sale.rs:60	Seller cannot cancel when coldkey is also owner hotkey	➡️ Carried forward to current findings The current diff still rejects cancel_sale_offer when the signer is also present in SubnetSaleFrozenHotkeys; it even adds a test asserting that rejection.

---

# 🔍 AI Review — Auditor (domain review) has not yet run on this PR.

[github-actions]

🔄 AI review updated — Skeptic: VULNERABLE

[github-actions]

AI review — see the sticky summary comment for the verdict and the inline comments below for specific findings.

[github-actions]

[MEDIUM] Seller cannot cancel when coldkey is also owner hotkey

Creating an offer freezes both the seller coldkey and the current owner hotkey. If those are the same account, the earlier coldkey branch allows cancel_sale_offer, but this owner-hotkey branch immediately rejects the same cancellation with HotkeyLockedDuringSale. The existing owner-hotkey setter only rejects system accounts, so this state is reachable and leaves the seller unable to cancel without root intervention. Let cancel_sale_offer pass this branch too; do_cancel_sale_offer still enforces that a signed caller must be the offer seller.

Suggested change

	if is_sale_frozen_owner_hotkey && !is_mev_protected {
	if is_sale_frozen_owner_hotkey && !is_sale_cancel && !is_mev_protected {

[github-actions]

🔄 AI review updated — Skeptic: VULNERABLE