Audit + RV fuzz + stxer sims: Jing v3 Clarity contracts (~3.1k LOC)

Static-analysis report for mpwslx9y69183d318a1b. Public gist and raw URL validated before submission. Report sha256: e6d1d701cd7a9208eb88dec131069fba967484681949d3bf7ad55cf0cad34331

Top findings:

• Medium static-analysis-only: SNPL STX settlement equity remains credited after repay or seize egress.
• Low: permissionless close-deposits can temporarily lock ordinary exits for a locally paused market.
• Add authenticated SNPL STX egress debits and preserve paused-state exits; the compact report records validation and limitations.

Gist: https://gist.github.com/Mayjor01/7e2e6b543002b8805561db0c8934d63c (opens in new tab)

1. High J-01 (Loan Closure Prior to Settlement via rolled cycles): repay and seize assert borrower balance is 0 on the active cycle C, but small-share deposits are rolled to C+1 before settlement, returning 0 on C. This allows closing loans early and canceling deposits to reclaim sBTC (theft vector).
2. High J-02 (Sweeping Unfilled Deposit Roll Dust to Treasury): roll-and-sweep-dust calculates remainder dust by subtracting truncated integer-division individual allocations from total unfilled amount, sweeping it to treasury and leaking user funds on every settlement.
3. Medium J-03 (Off-Chain Intent Hash Mismatch in build-intent-hash): build-intent-hash uses dynamic contract-caller for vault address, which evaluates to the caller principal off-chain but the vault principal on-chain, causing invalid signature reverts (u6002).

Peer-review report with reproducible test evidence. Findings: Low single-step owner transfer can permanently brick the sole protocol admin authority; Informational unpause succeeds and emits a misleading event when already open. Fresh npm suite result: 100 passed, 49 failed, 12 skipped; RV attempt documented honestly as blocked by missing generated target. Suggested fixes and file:line references included.