resolve issues #87, #108, #110: multi-asset tests, reentrancy analysis, api-reference docs

.github/workflows/deploy-testnet.yml

@@ -0,0 +1,107 @@
+name: Deploy to Testnet
+
+on:
+  push:
+    branches: [ main ]
+  workflow_dispatch:
+    inputs:
+      reason:
+        description: 'Reason for manual deployment'
+        required: false
+        default: 'Manual deployment trigger'
+
+jobs:
+  deploy:
+    runs-on: ubuntu-latest
+
+    steps:
+    - uses: actions/checkout@v4
+
+    - name: Install Rust
+      uses: actions-rs/toolchain@v1
+      with:
+        toolchain: stable
+        target: wasm32-unknown-unknown
+        override: true
+
+    - name: Install soroban-cli
+      run: cargo install --locked soroban-cli --version 22.0.0
+
+    - name: Cache cargo registry
+      uses: actions/cache@v4
+      with:
+        path: ~/.cargo/registry
+        key: ${{ runner.os }}-cargo-registry-${{ hashFiles('**/Cargo.lock') }}
+
+    - name: Cache cargo index
+      uses: actions/cache@v4
+      with:
+        path: ~/.cargo/git
+        key: ${{ runner.os }}-cargo-git-${{ hashFiles('**/Cargo.lock') }}
+
+    - name: Cache target directory
+      uses: actions/cache@v4
+      with:
+        path: target
+        key: ${{ runner.os }}-target-${{ hashFiles('**/Cargo.lock') }}
+
+    - name: Run tests
+      run: |
+        cd contracts/ephemeral_account
+        cargo test --verbose
+        cd ../sweep_controller
+        cargo test --verbose
+        cd ../reserve_contract
+        cargo test --verbose
+
+    - name: Check format
+      run: |
+        cd contracts/ephemeral_account
+        cargo fmt -- --check
+        cd ../sweep_controller
+        cargo fmt -- --check
+        cd ../reserve_contract
+        cargo fmt -- --check
+
+    - name: Run clippy
+      run: |
+        cd contracts/ephemeral_account
+        cargo clippy -- -D warnings
+        cd ../sweep_controller
+        cargo clippy -- -D warnings
+        cd ../reserve_contract
+        cargo clippy -- -D warnings
+
+    - name: Build all contracts
+      run: |
+        cd contracts/ephemeral_account
+        cargo build --target wasm32-unknown-unknown --release
+        cd ../sweep_controller
+        cargo build --target wasm32-unknown-unknown --release
+        cd ../reserve_contract
+        cargo build --target wasm32-unknown-unknown --release
+
+    - name: Deploy to Stellar Testnet
+      env:
+        DEPLOYER_SECRET_KEY: ${{ secrets.TESTNET_DEPLOYER_SECRET_KEY }}
+      run: |
+        chmod +x scripts/deploy-testnet.sh
+        ./scripts/deploy-testnet.sh
+
+    - name: Upload contract IDs as artifacts
+      uses: actions/upload-artifact@v4
+      with:
+        name: contract-ids
+        path: deployment-artifacts/contract-ids.txt
+        retention-days: 90
+
+    - name: Post deployment summary
+      run: |
+        echo "## 🚀 Testnet Deployment Summary" >> $GITHUB_STEP_SUMMARY
+        echo "" >> $GITHUB_STEP_SUMMARY
+        echo "Contracts have been successfully deployed to Stellar Testnet!" >> $GITHUB_STEP_SUMMARY
+        echo "" >> $GITHUB_STEP_SUMMARY
+        echo "### Contract IDs" >> $GITHUB_STEP_SUMMARY
+        echo '```' >> $GITHUB_STEP_SUMMARY
+        cat deployment-artifacts/contract-ids.txt >> $GITHUB_STEP_SUMMARY
+        echo '```' >> $GITHUB_STEP_SUMMARY

.github/workflows/test.yml

@@ -8,52 +8,82 @@ on:
 
 jobs:
   test:
+    name: Test Contracts
     runs-on: ubuntu-latest
-    
+
     steps:
-    - uses: actions/checkout@v3
-    
+    - uses: actions/checkout@v4
+
     - name: Install Rust
       uses: actions-rs/toolchain@v1
       with:
         toolchain: stable
         target: wasm32-unknown-unknown
         override: true
-
+
+    - name: Install soroban-cli
+      run: cargo install --locked soroban-cli --version 22.0.0
+
     - name: Cache cargo registry
-      uses: actions/cache@v3
+      uses: actions/cache@v4
       with:
         path: ~/.cargo/registry
         key: ${{ runner.os }}-cargo-registry-${{ hashFiles('**/Cargo.lock') }}
-        
+
     - name: Cache cargo index
-      uses: actions/cache@v3
+      uses: actions/cache@v4
       with:
         path: ~/.cargo/git
         key: ${{ runner.os }}-cargo-git-${{ hashFiles('**/Cargo.lock') }}
-        
+
     - name: Cache target directory
-      uses: actions/cache@v3
+      uses: actions/cache@v4
       with:
         path: target
         key: ${{ runner.os }}-target-${{ hashFiles('**/Cargo.lock') }}
-        
+
     - name: Run tests
       run: |
         cd contracts/ephemeral_account
         cargo test --verbose
-
+        cd ../sweep_controller
+        cargo test --verbose
+        cd ../reserve_contract
+        cargo test --verbose
+
     - name: Check format
       run: |
         cd contracts/ephemeral_account
         cargo fmt -- --check
-
+        cd ../sweep_controller
+        cargo fmt -- --check
+        cd ../reserve_contract
+        cargo fmt -- --check
+
     - name: Run clippy
       run: |
         cd contracts/ephemeral_account
         cargo clippy -- -D warnings
-
-    - name: Build contracts
+        cd ../sweep_controller
+        cargo clippy -- -D warnings
+        cd ../reserve_contract
+        cargo clippy -- -D warnings
+
+    - name: Build all contracts
       run: |
         cd contracts/ephemeral_account
-        cargo build --target wasm32-unknown-unknown --release
+        cargo build --target wasm32-unknown-unknown --release
+        cd ../sweep_controller
+        cargo build --target wasm32-unknown-unknown --release
+        cd ../reserve_contract
+        cargo build --target wasm32-unknown-unknown --release
+
+    - name: Upload WASM artifacts
+      uses: actions/upload-artifact@v4
+      with:
+        name: wasm-contracts
+        path: |
+          contracts/ephemeral_account/target/wasm32-unknown-unknown/release/*.wasm
+          contracts/sweep_controller/target/wasm32-unknown-unknown/release/*.wasm
+          contracts/reserve_contract/target/wasm32-unknown-unknown/release/*.wasm
+        retention-days: 30

Cargo.toml

@@ -5,4 +5,19 @@ members = [
     "contracts/sweep_controller",
     "contracts/shared",
     "contracts/reserve_contract",
+    "contracts/account_factory",
 ]
+
+[profile.release]
+opt-level = "z"
+overflow-checks = true
+debug = 0
+strip = "symbols"
+debug-assertions = false
+panic = "abort"
+codegen-units = 1
+lto = true
+
+[profile.release-with-logs]
+inherits = "release"
+debug-assertions = true

README.md

@@ -1,15 +1,29 @@
-# Bridgelet Core
+ Bridgelet Core
 
 **Soroban smart contracts for ephemeral account restrictions**
 
-**MVP Status**
-> 🚧 **MVP — Active Development:** Authorization and token transfer layers are not yet 
-> implemented on-chain. See [MVP Status](#mvp-status) for details.
+**Status:** Active Development
 
 ## Overview
 
 Bridgelet Core contains the Soroban smart contracts that enforce single-use restrictions on ephemeral Stellar accounts and manage the sweep logic for transferring funds to permanent wallets.
 
+## MVP Status
+
+### Current Stub Inventory
+
+| Function | Contract | Stub Status | Production Requirement | Tracking Issue |
+|----------|----------|-------------|------------------------|----------------|
+| `verify_sweep_authorization` | EphemeralAccount | **Partial** - Uses `require_auth()` instead of Ed25519 signature verification | Implement `env.crypto().ed25519_verify()` against stored `authorized_signer` with signature covering destination + nonce + contract_id | #86 |
+| Token transfers | SweepController | **Implemented** - `execute_transfers()` calls `token.transfer()` for all assets | Already implemented in `transfers.rs` | N/A |
+
+### Implementation Notes
+
+- **EphemeralAccount::sweep()**: Currently uses Soroban's `require_auth()` for authorization instead of cryptographic Ed25519 signature verification. The signature parameters (`destination`, `auth_signature`) are accepted but not cryptographically verified. Production implementation should use `env.crypto().ed25519_verify()` similar to SweepController's implementation.
+- **SweepController::claim()**: Experimental gas-free claim path. The recipient signs a Soroban auth entry for `claim(recipient, ephemeral_account)`, and a relayer/SDK can submit the transaction and pay fees. Internally the controller uses `authorize_as_current_contract()` so the downstream `EphemeralAccount::sweep()` call can satisfy `authorized_controller.require_auth()`.
+- **SweepController::execute_transfers()**: Token transfer logic is fully implemented using SEP-41 token contracts. All recorded payments are transferred atomically to the destination.
+- **Security guidance**: Always route sweeps through `SweepController` for proper Ed25519 signature verification. Do not call `EphemeralAccount::sweep()` directly until the signature verification stub is replaced.
+
 ## Tech Stack
 
 - **Language:** Rust
@@ -64,13 +78,25 @@ cargo install --locked soroban-cli --version 22.0.0
 
 # Add wasm target
 rustup target add wasm32-unknown-unknown
+
+# Install Binaryen (for WASM optimization)
+# Minimum required version: 100
+# macOS:
+brew install binaryen
+# Ubuntu/Debian:
+apt-get install binaryen
+# Or download from: https://github.com/WebAssembly/binaryen/releases
 ```
 
 ## Build & Deploy
 ```bash
-# Build contracts
+# Build contracts (with WASM optimization if binaryen is installed)
 ./scripts/build.sh
 
+# The build script automatically optimizes WASM files using wasm-opt -O3
+# if Binaryen is installed. This typically reduces binary size by 15-30%.
+# If wasm-opt is not found, the build continues without optimization.
+
 # Run tests
 cargo test
 
@@ -93,6 +119,35 @@ cargo test --test integration
 ./scripts/test-local.sh
 ```
 
+## CI/CD
+
+### Automated Testing
+- **Test Workflow** (`.github/workflows/test.yml`): Runs on every push to `main`/`develop` and on PRs to `main`
+  - Runs cargo tests for all contracts
+  - Checks code formatting with `cargo fmt`
+  - Runs clippy for linting
+  - Builds all contracts for wasm32-unknown-unknown target
+  - Uploads WASM artifacts for deployment
+
+### Automated Testnet Deployment
+- **Deploy Workflow** (`.github/workflows/deploy-testnet.yml`): Automatically deploys to Stellar Testnet on merge to `main`
+  - Runs tests, format checks, clippy, and builds before deployment
+  - Deploys all three contracts: `ephemeral_account`, `sweep_controller`, `reserve_contract`
+  - Stores contract IDs as CI artifacts (90-day retention)
+  - Posts deployment summary with contract IDs to GitHub Actions summary
+  - Can also be triggered manually via `workflow_dispatch`
+
+#### Required GitHub Secrets
+To enable automated deployments, add the following secret to your GitHub repository:
+- `TESTNET_DEPLOYER_SECRET_KEY`: Stellar testnet deployer secret key (S... format)
+
+#### Manual Deployment
+To trigger a manual deployment:
+1. Go to Actions tab in GitHub
+2. Select "Deploy to Testnet" workflow
+3. Click "Run workflow"
+4. Optionally provide a reason for the deployment
+
 ## Contract Interfaces
 
 ### EphemeralAccount
@@ -116,7 +171,6 @@ pub trait EphemeralAccountInterface {
     fn is_expired(env: Env) -> bool;
 }
 ```
-> **⚠️ MVP:**  **authorization is not yet enforced on-chain.
 
 See [Bridgelet Documentation](https://github.com/bridgelet-org/bridgelet) for full API reference.
 
@@ -148,4 +202,4 @@ See [Security Audit Report](./docs/security-audit.md) (coming soon)
 
 ## License
 
-MIT
+MIT

contracts/account_factory/Cargo.toml

@@ -0,0 +1,15 @@
+[package]
+name = "account_factory"
+version = "0.1.0"
+edition = "2021"
+
+[lib]
+crate-type = ["cdylib", "rlib"]
+
+[dependencies]
+soroban-sdk = "22.0.0"
+bridgelet-shared = { path = "../shared", version = "0.1.0" }
+ephemeral_account = { path = "../ephemeral_account", version = "0.1.0" }
+
+[dev-dependencies]
+soroban-sdk = { version = "22.0.0", features = ["testutils"] }