test(audit_registry): add integration tests for verify()#2
Open
devnWisdom wants to merge 1 commit into
Open
Conversation
) Adds verify_integration_test module with 9 integration tests covering: - verify() returns None for unanchored hashes - verify() returns correct reading_hash and anchored_at_ledger - ledger sequence is recorded at anchor time, not query time - verify() is idempotent across multiple calls - two distinct hashes have independent anchors - duplicate anchor rejection does not overwrite original anchor - boundary values (all-zeros, all-ones) Closes AnnabelJoe#563
🔍 Vercel Preview DeploymentURL: Learn More: https://err.sh/vercel/missing-token-value
|
AnnabelJoe
pushed a commit
that referenced
this pull request
Jun 25, 2026
## [1.16.0](AnnabelJoe/solarproof@v1.15.0...v1.16.0) (2026-06-08) ### Features * add bulk certificate retirement API and UI ([AnnabelJoe#347](AnnabelJoe#347)) ([196ab0c](AnnabelJoe@196ab0c)) * add GET/DELETE /api/meters/:id with admin auth ([AnnabelJoe#269](AnnabelJoe#269)) ([444a447](AnnabelJoe@444a447)) * add input validation and sanitization to all API endpoints ([AnnabelJoe#338](AnnabelJoe#338)) ([964d4b8](AnnabelJoe@964d4b8)) * add loading skeletons for async data fetches ([AnnabelJoe#255](AnnabelJoe#255)) ([3fc2fcd](AnnabelJoe@3fc2fcd)) * add pentest scope and report placeholder ([AnnabelJoe#342](AnnabelJoe#342)) ([d27703e](AnnabelJoe@d27703e)) * add public v1 verify API and OpenAPI spec ([AnnabelJoe#352](AnnabelJoe#352)) ([71dc4a9](AnnabelJoe@71dc4a9)) * admin interface and fractional kWh support ([49bd5fe](AnnabelJoe@49bd5fe)) * **api:** versioning — 301 redirects from /api/* to /api/v1/*, API-Version header ([fa8bf84](AnnabelJoe@fa8bf84)) * **auth:** configure token expiry, rotation, and revocation list ([d4117a7](AnnabelJoe@d4117a7)) * build analytics dashboard for energy generation statistics ([AnnabelJoe#350](AnnabelJoe#350)) ([971c19c](AnnabelJoe@971c19c)) * certificate transfer endpoint and UI ([#1](AnnabelJoe#1)) ([477a577](AnnabelJoe@477a577)) * **ci:** Docker image scanning with Trivy — block on CRITICAL CVEs ([164dbc7](AnnabelJoe@164dbc7)) * **contracts:** add upgrade timelock tests for community_governance ([AnnabelJoe#284](AnnabelJoe#284)) ([79f5662](AnnabelJoe@79f5662)) * **crypto:** add verifyReadingSignature and 100% unit test coverage ([2b79205](AnnabelJoe@2b79205)) * **db:** add perf indexes on readings, certificates, audit_anchors ([7e37584](AnnabelJoe@7e37584)) * **e2e:** add Playwright tests for dashboard, certificate detail, and public verifier ([1ecf24e](AnnabelJoe@1ecf24e)) * enable Turborepo remote caching for all CI steps ([AnnabelJoe#297](AnnabelJoe#297)) ([9385ff4](AnnabelJoe@9385ff4)) * **governance:** add proposed_action field to create proposal form ([515ed8d](AnnabelJoe@515ed8d)) * **governance:** configurable quorum/threshold with admin guard and edge-case tests ([ecda905](AnnabelJoe@ecda905)) * I-REC XML export for certificates ([#4](AnnabelJoe#4)) ([232bf4a](AnnabelJoe@232bf4a)) * implement BullMQ+Redis async job queue for Stellar tx ([AnnabelJoe#272](AnnabelJoe#272)) ([a4b425c](AnnabelJoe@a4b425c)) * implement certificate retirement API endpoint ([AnnabelJoe#270](AnnabelJoe#270)) ([861bcce](AnnabelJoe@861bcce)) * implement cooperative multi-meter management ([AnnabelJoe#351](AnnabelJoe#351)) ([640d0b9](AnnabelJoe@640d0b9)) * implement meter key revocation mechanism ([AnnabelJoe#339](AnnabelJoe#339)) ([ce90af9](AnnabelJoe@ce90af9)) * implement webhook notifications for certificate lifecycle events ([AnnabelJoe#353](AnnabelJoe#353)) ([4205191](AnnabelJoe@4205191)) * **load-test:** add k6 baseline + breakpoint scenarios, p95<500ms threshold ([f019ccc](AnnabelJoe@f019ccc)) * mock Freighter wallet for CI testing ([#2](AnnabelJoe#2)) ([325b565](AnnabelJoe@325b565)) * **notifications:** email alerts for mint, retire, and mint failure ([AnnabelJoe#140](AnnabelJoe#140)) ([7ce4a12](AnnabelJoe@7ce4a12)) * **security:** add HTTP security headers ([AnnabelJoe#129](AnnabelJoe#129)) ([944c5b9](AnnabelJoe@944c5b9)) * **security:** add RLS policies for multi-tenant isolation ([AnnabelJoe#274](AnnabelJoe#274)) ([9b2ce49](AnnabelJoe@9b2ce49)) * **security:** API key auth for meter submissions ([AnnabelJoe#131](AnnabelJoe#131)) ([a437a9b](AnnabelJoe@a437a9b)) * **security:** HTTPS redirect and HSTS headers ([45c9c81](AnnabelJoe@45c9c81)) * **security:** restrict Supabase service role key usage ([AnnabelJoe#134](AnnabelJoe#134)) ([037e825](AnnabelJoe@037e825)) * staging environment deployment pipeline ([AnnabelJoe#295](AnnabelJoe#295)) ([8169df0](AnnabelJoe@8169df0)) * support fractional kWh tokens with 3 decimal places ([84ee9a6](AnnabelJoe@84ee9a6)), closes [AnnabelJoe#354](AnnabelJoe#354) * **testing:** add mutation testing for Rust contracts and TS utilities ([AnnabelJoe#331](AnnabelJoe#331)) ([29135d5](AnnabelJoe@29135d5)) * **web:** real-time energy chart with WebSocket + polling fallback ([AnnabelJoe#260](AnnabelJoe#260)) ([7881a7e](AnnabelJoe@7881a7e)) ### Bug Fixes * **ci:** add dependency license compliance check ([AnnabelJoe#344](AnnabelJoe#344)) ([ab4b39e](AnnabelJoe@ab4b39e)) * resolve conflicts, reconcile retirement model, and fix tests ([a0d4332](AnnabelJoe@a0d4332)) * resolve JSX parse errors in dashboard and verify pages ([a1ec4b7](AnnabelJoe@a1ec4b7)) * resolve residual merge conflict markers ([1c8b371](AnnabelJoe@1c8b371)) * resolve workspace compilation and type errors ([042221a](AnnabelJoe@042221a)) * **security:** add security headers to all HTTP responses ([AnnabelJoe#340](AnnabelJoe#340)) ([1d6db6b](AnnabelJoe@1d6db6b)) * **security:** implement audit logging for sensitive operations ([AnnabelJoe#341](AnnabelJoe#341)) ([34d0971](AnnabelJoe@34d0971)) * **security:** implement CSP headers for Next.js web app ([AnnabelJoe#333](AnnabelJoe#333)) ([2834203](AnnabelJoe@2834203)) ### Documentation * add hardware meter integration guide ([AnnabelJoe#320](AnnabelJoe#320)) ([f5c4b3e](AnnabelJoe@f5c4b3e)) * add inline comments and required/optional markers to .env.example ([AnnabelJoe#318](AnnabelJoe#318)) ([92ea4da](AnnabelJoe@92ea4da)) * add mainnet deployment process and checklist to deployments.md ([AnnabelJoe#285](AnnabelJoe#285)) ([c08ad58](AnnabelJoe@c08ad58)) * add operational runbooks ([AnnabelJoe#315](AnnabelJoe#315)) ([2638a9f](AnnabelJoe@2638a9f)) * add OWASP Top 10 security review and remediate misconfiguration ([AnnabelJoe#334](AnnabelJoe#334)) ([092e901](AnnabelJoe@092e901)) * add SECRETS.md — centralized secrets management guide ([AnnabelJoe#289](AnnabelJoe#289)) ([90eed76](AnnabelJoe@90eed76)) * add Stellar mainnet deployment checklist and go-live plan ([120d730](AnnabelJoe@120d730)), closes [AnnabelJoe#142](AnnabelJoe#142) * add user guide for web dashboard (closes [AnnabelJoe#317](AnnabelJoe#317)) ([eb1a425](AnnabelJoe@eb1a425)) * **audit:** add security audit engagement tracking and remediation policy ([bca11a2](AnnabelJoe@bca11a2)) * **contracts:** add/enhance Rust doc comments on all public functions ([AnnabelJoe#319](AnnabelJoe#319)) ([18c472a](AnnabelJoe@18c472a)) * create SECURITY.md with vulnerability disclosure policy ([AnnabelJoe#314](AnnabelJoe#314)) ([7698660](AnnabelJoe@7698660)) * **performance:** ensure load test baseline + breaking point documentation ([9a0056a](AnnabelJoe@9a0056a)) * standardize CHANGELOG.md and update PR template [AnnabelJoe#312](AnnabelJoe#312) ([8281f08](AnnabelJoe@8281f08))
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
Adds a dedicated integration test module for
audit_registry::verify()covering the full anchor → verify round-trip.What's included
audit_registry/src/verify_integration_test.rs— 9 integration testslib.rsunder#[cfg(test)]Tests added
verify_returns_none_for_unanchored_hashverify()returnsNonebefore anchoringverify_returns_anchor_with_correct_reading_hashreading_hashmatches the anchored hashverify_records_ledger_sequence_at_anchor_timeanchored_at_ledgeris set to the ledger at anchor timeverify_ledger_sequence_is_not_current_ledger_if_anchored_earlierverify_is_idempotentverify()calls return identical resultsverify_distinguishes_two_hashesverify_unchanged_after_rejected_duplicate_anchorverify_works_with_all_zeros_hash[0x00; 32]verify_works_with_all_ones_hash[0xFF; 32]Closes AnnabelJoe#563