feat(tests): add regression suite for critical stream flows (#584)#2
Open
DevKingOche wants to merge 450 commits into
Open
feat(tests): add regression suite for critical stream flows (#584)#2DevKingOche wants to merge 450 commits into
DevKingOche wants to merge 450 commits into
Conversation
- Add AllowedTokens/AllowedToken DataKey variants to types.rs - Add ERR_TOKEN_NOT_ALLOWED error constant (E018) - Add storage helpers: is_token_allowed, add_allowed_token, remove_allowed_token, get_allowed_tokens - Add contract functions: add_allowed_token (admin), remove_allowed_token (admin), get_allowed_tokens (public) - Guard create_stream and create_streams_batch against non-allowlisted tokens - Allowlist is open (all tokens pass) until first token is added Closes Vera3289#292
- Add ContractConfig packed struct: packs min_deposit, fee_bps, max_streams, admin_nonce, paused into a single ledger entry - Add Config DataKey variant (replaces 5 individual instance-storage keys) - Rewrite storage.rs with load_config/save_config; all scalar config accessors now read/write the single Config entry — reduces instance-storage reads per hot-path call from ≥3 to 1 - Add get_paused_cfg/set_paused_cfg backed by packed config - Add early-exit in claimable_amount when elapsed == 0 (avoids 128-bit multiply in the common post-withdraw case) - Document full storage layout in storage.rs header comment - Old individual DataKey variants retained for on-chain backward compat Closes Vera3289#272
- Replace X-API-Key-only middleware with JWT Bearer token support - POST /auth/challenge: returns a one-time nonce (5 min TTL) for a given Stellar address - POST /auth/verify: validates Ed25519 signature over the nonce using stellar-sdk Keypair.verify(), issues a 24h JWT on success - api/middleware/auth.js: validates Bearer JWT; falls back to X-API-Key for backward compatibility - Register /auth routes as public (no auth middleware) in server.js - Add BearerAuth security scheme to Swagger config - Add jsonwebtoken@9.0.2 to package.json - Document JWT_SECRET in .env.example Closes Vera3289#245
- services/indexer/src/migrate.js: PostgreSQL schema with indexer_cursor (singleton cursor for resume-after-restart) and stream_events (dedup via UNIQUE on tx_hash+event_type+stream_id) - services/indexer/src/index.js: polls Soroban RPC getEvents every POLL_INTERVAL_MS (default 5s), decodes XDR topics/data, upserts events into PostgreSQL; advances cursor to latestLedger each poll; handles 'startLedger too old' reorg/gap recovery by jumping cursor to current ledger - GET /events: query indexed events with stream_id, event_type, limit, offset filters - GET /status: returns lastIndexedLedger and totalEvents count - services/indexer/package.json: @stellar/stellar-sdk, pg, express - services/indexer/.env.example: SOROBAN_RPC_URL, STREAM_CONTRACT_ID, DATABASE_URL, POLL_INTERVAL_MS, PORT Closes Vera3289#247
Resolves Vera3289#271 - Add emergency global pause (pause_all/resume_all) Resolves Vera3289#283 - Add per-employer stream count limit (default 1000) Resolves Vera3289#270 - Contract upgrade mechanism with 48h timelock Resolves Vera3289#266 - Environment variable validation (.env.example) - Vera3289#271: pause_all()/resume_all() admin functions; blocks create_stream and withdraw when paused; emits GlobalPaused event - Vera3289#283: enforce EmployerStreamLimit per employer; admin can adjust via set_stream_limit(); returns E006 StreamLimitExceeded on breach - Vera3289#270: schedule_upgrade()/execute_upgrade()/cancel_upgrade() with 48h timelock; emits UpgradeScheduled and UpgradeExecuted events - Vera3289#266: .env.example documents all required vars; scripts/validate-env.sh validates presence, format (addresses, contract IDs, integers), and warns on deprecated vars; wired into init-testnet.sh - Fix pre-existing pause/resume bug: add paused_at field to Stream so paused duration is excluded from claimable calculation - All 24 tests pass
…1-283 feat: emergency pause, stream limit, upgrade timelock, env validation
feat(services): implement stream event indexer
feat(contract): implement token allowlist for streams
feat(api): implement JWT authentication for API
…ion-272 perf(contract): optimize storage layout for gas reduction
…robes feat: add health readiness probes
backend: add pg connection pooling with env-configurable settings
…edule stream: add linear vesting streams and claimable support
Comprehensive pre-mainnet checklist covering security audit status, test coverage, load testing, DR runbook, legal/compliance, infra, frontend/SDK, and deployment execution steps. Closes Vera3289#343
…referred currency, refresh prices every 60s Closes Vera3289#339
## Overview Implements employee stream transfer functionality and comprehensive event schema documentation. ## Changes - **Stream Transfer**: Added `transfer_stream(stream_id, new_employee)` method allowing employees to transfer stream rights to another address. Pending claimable amount is preserved during transfer. - **Event Schema Docs**: Created `docs/events.md` documenting all emitted events (StreamCreated, Withdrawn, Paused, Resumed, Cancelled, ToppedUp, StreamTransferred) with field types, descriptions, and example payloads. - **Event Refinement**: Updated event emission to use explicit typed events (stream_paused, stream_resumed, stream_cancelled, stream_transferred) instead of generic status events. - **Transfer Index Helper**: Added `transfer_employee_stream()` storage helper to move stream ownership in the employee index safely. - **Test Coverage**: Added `test_transfer_stream_preserves_claimable()` to verify claimable tokens are correctly preserved after transfer. ## Fixes - Fixes Vera3289#276 Implement stream transfer (change employee) - Fixes Vera3289#281 Add contract event schema documentation ## Acceptance Criteria ✅ `transfer_stream(stream_id, new_employee)` callable by current employee ✅ Pending claimable amount preserved ✅ Emits StreamTransferred event ✅ Employer cannot block transfer ✅ All events documented with field names and types ✅ Example event payloads included ✅ Published in docs/events.md
- Add transfer_stream(employee, stream_id, new_employee) callable by current employee - Pending claimable amount preserved during transfer - Emits StreamTransferred event - Employer cannot block transfer - Add transfer_employee_stream storage helper to update employee index - Add test_transfer_stream_preserves_claimable test Closes Vera3289#276
Document all emitted events with fields, types, and example payloads: - StreamCreated, Withdrawn, Paused, Resumed, Cancelled, ToppedUp, StreamTransferred - Each event includes topic format, field table, and example JSON payload Closes Vera3289#281
- NotificationPreference model with email/webhook channels - Per-event-type toggles for all 7 stream events - CRUD operations: create, list, get, update, delete - Unsubscribe via token (one-click opt-out from email links) - backend/README.md documents endpoints and usage Closes Vera3289#261
- Reject payloads > 1MB with 400 and field-level error message - Strip unexpected fields not in the endpoint's allow-list - Validate Stellar address format (56-char, G-prefix, base32) on all address fields - error_response() helper builds structured 400 JSON body - Unit tests for all four acceptance criteria Closes Vera3289#254
feat(tests): add invariant tests for stream contract
…zation-286 feat(contract): optimize create_streams_batch gas cost
…ng-295 feat(ci): add code coverage reporting and threshold enforcement
…ra3289#443) Bumps the patch-updates group in /demo with 4 updates: [react](https://github.com/facebook/react/tree/HEAD/packages/react), [@types/react](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/react), [react-dom](https://github.com/facebook/react/tree/HEAD/packages/react-dom) and [vite](https://github.com/vitejs/vite/tree/HEAD/packages/vite). Updates `react` from 19.2.6 to 19.2.7 - [Release notes](https://github.com/facebook/react/releases) - [Changelog](https://github.com/facebook/react/blob/main/CHANGELOG.md) - [Commits](https://github.com/facebook/react/commits/v19.2.7/packages/react) Updates `@types/react` from 19.2.15 to 19.2.16 - [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases) - [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/react) Updates `react-dom` from 19.2.6 to 19.2.7 - [Release notes](https://github.com/facebook/react/releases) - [Changelog](https://github.com/facebook/react/blob/main/CHANGELOG.md) - [Commits](https://github.com/facebook/react/commits/v19.2.7/packages/react-dom) Updates `@types/react` from 19.2.15 to 19.2.16 - [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases) - [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/react) Updates `vite` from 8.0.14 to 8.0.16 - [Release notes](https://github.com/vitejs/vite/releases) - [Changelog](https://github.com/vitejs/vite/blob/main/packages/vite/CHANGELOG.md) - [Commits](https://github.com/vitejs/vite/commits/v8.0.16/packages/vite) --- updated-dependencies: - dependency-name: react dependency-version: 19.2.7 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: patch-updates - dependency-name: "@types/react" dependency-version: 19.2.16 dependency-type: direct:development update-type: version-update:semver-patch dependency-group: patch-updates - dependency-name: react-dom dependency-version: 19.2.7 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: patch-updates - dependency-name: "@types/react" dependency-version: 19.2.16 dependency-type: direct:development update-type: version-update:semver-patch dependency-group: patch-updates - dependency-name: vite dependency-version: 8.0.16 dependency-type: direct:development update-type: version-update:semver-patch dependency-group: patch-updates ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps [morgan](https://github.com/expressjs/morgan) from 1.10.1 to 1.11.0. - [Release notes](https://github.com/expressjs/morgan/releases) - [Changelog](https://github.com/expressjs/morgan/blob/master/HISTORY.md) - [Commits](expressjs/morgan@1.10.1...1.11.0) --- updated-dependencies: - dependency-name: morgan dependency-version: 1.11.0 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com>
Bumps [@bull-board/api](https://github.com/felixmosh/bull-board/tree/HEAD/packages/api) from 5.23.0 to 7.1.5. - [Release notes](https://github.com/felixmosh/bull-board/releases) - [Changelog](https://github.com/felixmosh/bull-board/blob/master/CHANGELOG.md) - [Commits](https://github.com/felixmosh/bull-board/commits/v7.1.5/packages/api) --- updated-dependencies: - dependency-name: "@bull-board/api" dependency-version: 7.1.5 dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com>
Bumps [zaproxy/action-baseline](https://github.com/zaproxy/action-baseline) from 0.12.0 to 0.15.0. - [Release notes](https://github.com/zaproxy/action-baseline/releases) - [Changelog](https://github.com/zaproxy/action-baseline/blob/master/CHANGELOG.md) - [Commits](zaproxy/action-baseline@v0.12.0...v0.15.0) --- updated-dependencies: - dependency-name: zaproxy/action-baseline dependency-version: 0.15.0 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com>
Bumps [anchore/scan-action](https://github.com/anchore/scan-action) from 4 to 7. - [Release notes](https://github.com/anchore/scan-action/releases) - [Changelog](https://github.com/anchore/scan-action/blob/main/RELEASE.md) - [Commits](anchore/scan-action@v4...v7) --- updated-dependencies: - dependency-name: anchore/scan-action dependency-version: '7' dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com>
Bumps [docker/metadata-action](https://github.com/docker/metadata-action) from 5 to 6. - [Release notes](https://github.com/docker/metadata-action/releases) - [Commits](docker/metadata-action@v5...v6) --- updated-dependencies: - dependency-name: docker/metadata-action dependency-version: '6' dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com>
Bumps [actions/checkout](https://github.com/actions/checkout) from 4 to 6. - [Release notes](https://github.com/actions/checkout/releases) - [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md) - [Commits](actions/checkout@v4...v6) --- updated-dependencies: - dependency-name: actions/checkout dependency-version: '6' dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com>
Bumps [dependabot/fetch-metadata](https://github.com/dependabot/fetch-metadata) from 2 to 3. - [Release notes](https://github.com/dependabot/fetch-metadata/releases) - [Commits](dependabot/fetch-metadata@v2...v3) --- updated-dependencies: - dependency-name: dependabot/fetch-metadata dependency-version: '3' dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com>
…ns/dependabot/fetch-metadata-3 chore(deps): bump dependabot/fetch-metadata from 2 to 3
…ns/actions/checkout-6 chore(deps): bump actions/checkout from 4 to 6
…ns/docker/metadata-action-6 chore(deps): bump docker/metadata-action from 5 to 6
…ns/anchore/scan-action-7 chore(deps): bump anchore/scan-action from 4 to 7
…ns/zaproxy/action-baseline-0.15.0 chore(deps): bump zaproxy/action-baseline from 0.12.0 to 0.15.0
…/bull-board/api-7.1.5 chore(deps): bump @bull-board/api from 5.23.0 to 7.1.5
Bumps [@bull-board/express](https://github.com/felixmosh/bull-board/tree/HEAD/packages/express) from 5.23.0 to 7.1.5. - [Release notes](https://github.com/felixmosh/bull-board/releases) - [Changelog](https://github.com/felixmosh/bull-board/blob/master/CHANGELOG.md) - [Commits](https://github.com/felixmosh/bull-board/commits/v7.1.5/packages/express) --- updated-dependencies: - dependency-name: "@bull-board/express" dependency-version: 7.1.5 dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com>
Bumps [@aws-sdk/client-secrets-manager](https://github.com/aws/aws-sdk-js-v3/tree/HEAD/clients/client-secrets-manager) from 3.1057.0 to 3.1061.0. - [Release notes](https://github.com/aws/aws-sdk-js-v3/releases) - [Changelog](https://github.com/aws/aws-sdk-js-v3/blob/main/clients/client-secrets-manager/CHANGELOG.md) - [Commits](https://github.com/aws/aws-sdk-js-v3/commits/v3.1061.0/clients/client-secrets-manager) --- updated-dependencies: - dependency-name: "@aws-sdk/client-secrets-manager" dependency-version: 3.1061.0 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com>
Bumps [bullmq](https://github.com/taskforcesh/bullmq) from 5.77.6 to 5.78.0. - [Release notes](https://github.com/taskforcesh/bullmq/releases) - [Commits](taskforcesh/bullmq@v5.77.6...v5.78.0) --- updated-dependencies: - dependency-name: bullmq dependency-version: 5.78.0 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com>
…/morgan-1.11.0 chore(deps): bump morgan from 1.10.1 to 1.11.0
…/bullmq-5.78.0 chore(deps): bump bullmq from 5.77.6 to 5.78.0
…/aws-sdk/client-secrets-manager-3.1061.0 chore(deps): bump @aws-sdk/client-secrets-manager from 3.1057.0 to 3.1061.0
…/bull-board/express-7.1.5 chore(deps): bump @bull-board/express from 5.23.0 to 7.1.5
…pi, sdks, and demo
Vera3289#455) Bumps the patch-updates group in /demo with 1 update: [@types/react](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/react). Updates `@types/react` from 19.2.16 to 19.2.17 - [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases) - [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/react) --- updated-dependencies: - dependency-name: "@types/react" dependency-version: 19.2.17 dependency-type: direct:development update-type: version-update:semver-patch dependency-group: patch-updates ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
…pdates (Vera3289#465) Bumps the patch-updates group with 3 updates in the / directory: [bullmq](https://github.com/taskforcesh/bullmq), [ioredis](https://github.com/luin/ioredis) and [prettier](https://github.com/prettier/prettier). Updates `bullmq` from 5.78.0 to 5.78.1 - [Release notes](https://github.com/taskforcesh/bullmq/releases) - [Commits](taskforcesh/bullmq@v5.78.0...v5.78.1) Updates `ioredis` from 5.11.0 to 5.11.1 - [Release notes](https://github.com/luin/ioredis/releases) - [Changelog](https://github.com/redis/ioredis/blob/main/CHANGELOG.md) - [Commits](redis/ioredis@v5.11.0...v5.11.1) Updates `prettier` from 3.8.3 to 3.8.4 - [Release notes](https://github.com/prettier/prettier/releases) - [Changelog](https://github.com/prettier/prettier/blob/main/CHANGELOG.md) - [Commits](prettier/prettier@3.8.3...3.8.4) --- updated-dependencies: - dependency-name: bullmq dependency-version: 5.78.1 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: patch-updates - dependency-name: ioredis dependency-version: 5.11.1 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: patch-updates - dependency-name: prettier dependency-version: 3.8.4 dependency-type: direct:development update-type: version-update:semver-patch dependency-group: patch-updates ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
19 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
Testing