feature:Add anchorkit session subcommand for session management#1
Open
joshkirojohn212-jpg wants to merge 496 commits into
Open
feature:Add anchorkit session subcommand for session management#1joshkirojohn212-jpg wants to merge 496 commits into
joshkirojohn212-jpg wants to merge 496 commits into
Conversation
…es copy - Add repo-root SEP10_AUTH.md linking to docs/features/SEP10_AUTH.md - Note canonical path in the feature doc; update logging example reference Made-with: Cursor
feat(contract): SEP-10 JWT verification for attestor registration
closes Haroldwonder#171 closes Haroldwonder#195 - Add load simulation test suite with 4 stress tests - test_batch_attestor_registration_stress (100 attestors) - test_rate_comparison_stress (1000 quote submissions) - test_batch_attestor_registration_overflow (graceful limit handling) - test_connection_pool_high_load (100 concurrent operations) - Gate stress tests behind stress-tests feature flag to avoid slowing CI - Re-enable and fix examples/cli_example.rs - Update to use current contract API with SEP-10 authentication - Fix service configuration to use u32 values instead of ServiceType enum - Add proper imports for contract types - Re-enable and rewrite examples/request_history_example.rs - Replace non-existent API calls with actual contract features - Demonstrate request ID tracking and session management - Show tracing span retrieval and audit trail functionality
Adds set_endpoint/get_endpoint with validation/auth/checks - validate_anchor_domain(&endpoint) - only attestor self-update - EndpointUpdated event - persistent storage with TTL - unit tests (happy/invalid/unauth/not-registered) - re-export from lib.rs
10 cases: deposit/withdrawal render, all statuses icons/colors/labels, txHash display, onRetry failed click, onClose Close/Done, timestamps/details, no Retry non-failed
…-and-examples feat: add stress tests and re-enable examples
…ues-192-193-194-181 Feature/issues 192 193 194 181
…estor-endpoints feat: on-chain attestor endpoint storage/retrieval (Haroldwonder#180)
…nsaction-timeline-tests test: TransactionTimeline comprehensive tests (Haroldwonder#179)
Fix duplicate ErrorCode discriminant: RateLimitExceeded and NotInitialized both use value 16 Fixes Haroldwonder#208 Add `ErrorCode::StorageCorrupted` for on-chain storage read failures Fixes Haroldwonder#209 contract.rs: `initialize` does not validate that admin address is non-zero Fixes Haroldwonder#210 Expose `get_admin` as a public contract function for off-chain tooling Fixes Haroldwonder#211
- Add HealthStatus struct (latency_ms, failure_count, availability_percent) - Add AnchorDeactivated event struct - Add set_health_failure_threshold (admin-only, configurable, default 0=disabled) - Add update_health_status: persists health record, sets is_active=false and emits AnchorDeactivated when failure_count >= threshold - Add get_health_status for read-back - Add test_auto_deactivation: verifies routing still works below threshold, anchor excluded after threshold breach Fixes: is_active never updated from health checks; inactive anchors routed
, Haroldwonder#253 Haroldwonder#250 - parse_json_sub: handle escaped quotes, return Err on malformed input - Skip backslash-escaped chars instead of treating them as string terminators - Return Err(()) on truncated escape at end of input - Extend verify_rejects_invalid_signature with malformed payload loop - Add parse_json_sub_malformed_inputs_return_none test Haroldwonder#251 - add get_routing_anchors() view function - Public method on AnchorKitContract reading existing ANCHLIST storage key - Returns empty Vec when no anchors registered - Add test_get_routing_anchors_empty_on_fresh_state - Add test_get_routing_anchors_returns_all_registered Haroldwonder#252 - TransactionKind::from_str case-insensitive - Apply to_lowercase() before matching - Extend test_withdrawal_kind_normalization with mixed-case deposit/withdrawal variants Haroldwonder#253 - RateLimitState lifetime total_requests counter - Add total_requests: u64 field (never reset on window expiry) - Increment on every check_and_increment call including rejected ones - Add test_total_requests_accumulates_across_windows
feat: add StorageCorrupted error and update validation logic in contract
…tivation-on-health-failure fix: auto-deactivate anchors on consecutive health check failures
Implement Attestation Pagination Support for AnchorKit
…te-limit feat: add per-attestor rate limit overrides
…1-252-253 fix: resolve issues Haroldwonder#250, Haroldwonder#251, Haroldwonder#252, Haroldwonder#253
Use checked_add(1) instead of id + 1 to prevent silent u64 wraparound on long-running deployments. Panics with ErrorCode::ValidationError if the counter would overflow. Adds a near-overflow test that seeds the counter to u64::MAX via env.as_contract and asserts the guard fires on the next attestation.
…oldwonder#225) Move all #[contracttype] structs and service constants to src/types.rs. Move all event structs to src/events.rs. Reduce src/contract.rs to only the #[contractimpl] block. Update src/lib.rs to declare the new modules and fix re-exports. Update test files that imported types directly from crate::contract.
fix: Add client-side JSON validation to ApiRequestPanel
…pment Feature/development
…found-294 Bugfix/session not found
…itiator-check-296 Security/session initiator check
…-history-299 Feature/transaction history
…-signature-verification-issue-221 Fix: Validate Attestation Signature (Haroldwonder#221)
…kefile feat: add Makefile with standard targets
…l Ed25519 signatures
…wonder#430 Haroldwonder#431 - Haroldwonder#428: add sep10_token/sep10_issuer params to register_attestor_with_session and call verify_sep10_token_matches_attestor before writing to storage - Haroldwonder#429: persist Quote record in quote_with_request_id (increment counter, write StorageKey::Quote and LatestQuote) matching submit_quote behaviour - Haroldwonder#430: add SESSION_LEDGER_TTL = 17_280 ledgers (~24h at 5s/ledger) and use it for session/nonce storage TTL instead of PERSISTENT_TTL (90 days) - Haroldwonder#431: return Option<u64> from get_session_operation_count instead of panicking; None when session does not exist Update session_tests.rs: replace panic test with None assertion, add register_with_session helper, update all call sites for new signatures.
…es-428-429-430-431 fix: resolve contract issues Haroldwonder#428 Haroldwonder#429 Haroldwonder#430 Haroldwonder#431
Haroldwonder#459: change get_quote to return Option<Quote> instead of panicking Haroldwonder#460: remove RoutingAnchorMeta, use AnchorMetadata everywhere Haroldwonder#462: remove redundant SessionNonce storage write in create_session
- Haroldwonder#463: invalidate_all_caches now also removes StorageKey::TomlCache(anchor) for each tracked anchor so emergency flushes clear stale TOML data. - Haroldwonder#464: get_anchor_health_score reads key_health_threshold and panics with ValidationError when the computed score is below the configured minimum, giving the threshold a documented effect. Issues Haroldwonder#465 (AnchorDeactivated emission) and Haroldwonder#466 (SessionExpired emission) are already implemented in update_health_status and check_session_expiry respectively; no changes required. Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
…der#472 Haroldwonder#473 Haroldwonder#474 - Haroldwonder#471: Document RateLimiter::get_config defaults in real-time terms (~500s / ~8 min at 5s/ledger) and document update_config as the admin tuning function for both global and per-attestor limits. - Haroldwonder#472: Increment total_requests only after the rate-limit check passes, so rejected submissions no longer inflate the cumulative counter. - Haroldwonder#473: Drop RateLimitExceeded from is_retryable to prevent tight retry loops that exhaust attempts before the window can reset. - Haroldwonder#474: Document delay_for_attempt jitter as approximate and not cryptographically uniform, including bias bound and remediation path. Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
…wonder#469 Haroldwonder#470 - Haroldwonder#467 Document PERSISTENT_TTL/INSTANCE_TTL/SPAN_TTL in real-time units (≈90 d / 30 d / 24 h at 5 s/ledger) so operators can size them per network. - Haroldwonder#468 Wire RateLimiter::check_and_increment into submit_attestation and submit_with_request_id; propagate RateLimitExceeded via panic_with_error!. Rate limiting is opt-in: when no global config and no per-attestor override exist, the check is skipped, so existing deployments and tests are unaffected until an admin calls update_config. - Haroldwonder#469 Add StorageKey::RateLimitState(Address) and StorageKey::RateLimitOverride(Address) variants; replace the hand-rolled sha256 helpers (get_state_key, get_attestor_config_key) in rate_limiter.rs so the rate-limit storage layout is visible through the typed StorageKey enum. - Haroldwonder#470 Move RateLimitWindowReset event struct from rate_limiter.rs to events.rs alongside the other event types; rate_limiter.rs now imports it. Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
…ct-issues-463-466 fix: resolve contract issues Haroldwonder#463 Haroldwonder#464
fix: resolve rate limiter and retry issues Haroldwonder#471 Haroldwonder#472 Haroldwonder#473 Haroldwonder#474
…s-467-470 fix: resolve contract issues Haroldwonder#467 Haroldwonder#468 Haroldwonder#469 Haroldwonder#470
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
closes Haroldwonder#707
✅ Audit Commands - Deployment Ready
Executive Summary
I have successfully implemented
anchorkit audit getandanchorkit audit listCLI commands for fetching and displaying audit log entries from the Soroban on-chain contract. The implementation is complete, tested, and ready for deployment.Key Achievements
✅ CLI Commands Implemented
anchorkit audit get <LOG_ID>- Fetch single entryanchorkit audit list --session <ID>- Filter by session✅ Output Formats (3 options)
✅ Code Quality
✅ Documentation (5 guides)
✅ Production Ready
What Was Delivered
Code Changes
File Modified:
src/bin/anchorkit.rsAuditActionenumAuditLogEntrystruct for serializationCompilation Status: ✅ No errors, no warnings
Documentation Delivered
User Guide (
docs/guides/AUDIT_COMMANDS.md)Quick Start (
docs/guides/AUDIT_QUICK_START.md)Technical Guide (
docs/internal/AUDIT_COMMANDS_IMPLEMENTATION.md)Summary Documents
Deliverables Summary