Add Soroban test-stablecoin with OpenZeppelin freeze support#55
Add Soroban test-stablecoin with OpenZeppelin freeze support#55alex-predicate wants to merge 7 commits intomainfrom
Conversation
Design document for adding Soroban (Stellar) smart contracts: predicate-registry, test-stablecoin, and predicate-client library. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
7-task plan covering workspace scaffolding, predicate-client types, predicate-registry contract, test-stablecoin, integration tests, CI/CD updates, and final verification. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
SAC-compatible Soroban token built on OpenZeppelin Stellar Contracts 0.6.0: - FungibleToken with BlockList extension (blocks transfers, approvals, burns) - FungibleBurnable for token destruction - AccessControl with "manager" role for compliance admin - 6 decimals, admin-controlled minting - 13 tests covering all token operations and block enforcement Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
![claude[bot]](https://avatars.githubusercontent.com/in/1236702?s=60&v=4){kind=small}
There was a problem hiding this comment.
Code review is billed via overage credits. To resume reviews, an organization admin can raise the monthly limit in Settings → Usage.
Once credits are available, reopen this pull request to trigger a review.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
alex-predicate
left a comment
alex-predicate
left a comment
There was a problem hiding this comment.
Good work overall — clean contract, well-composed OZ building blocks, solid test coverage. A few items to address, mostly around test gaps and housekeeping. See inline comments.
| #![no_std] | ||
|
|
||
| use soroban_sdk::{ | ||
| contract, contracterror, contractimpl, symbol_short, Address, Env, MuxedAddress, String, |
There was a problem hiding this comment.
Unused imports: MuxedAddress, Symbol, and Vec are imported but unused. These will likely trigger compiler warnings.
| contract, contracterror, contractimpl, symbol_short, Address, Env, MuxedAddress, String, | |
| contract, contracterror, contractimpl, symbol_short, Address, Env, String, |
soroban/test-stablecoin/Cargo.toml
Outdated
| soroban-sdk = "23.5.3" | ||
| stellar-tokens = "0.6.0" | ||
| stellar-access = "0.6.0" | ||
| stellar-macros = "0.6.0" |
There was a problem hiding this comment.
stellar-macros does not appear to be used directly in the source. If the OZ traits pull it in transitively, this explicit dependency is unnecessary.
| doctest = false | ||
|
|
||
| [dependencies] | ||
| soroban-sdk = "23.5.3" |
There was a problem hiding this comment.
SDK version mismatch with spec: The design spec references soroban-sdk 25.3.0, but this pins 23.5.3. If 23.5.3 is the correct version for OZ 0.6.0 compatibility, that's fine — but the spec should be updated to reflect the actual version used.
| #[test] | ||
| fn test_constructor() { | ||
| let e = Env::default(); | ||
| e.mock_all_auths(); |
There was a problem hiding this comment.
All tests use mock_all_auths(), which bypasses all auth checks at the SDK level. This means enforce_admin_auth, require_auth, and ensure_role are never truly exercised.
Consider adding at least 1-2 tests that use e.mock_auths() with specific authorizations instead, to verify the auth requirements are wired correctly.
| // Transfer works after unblock | ||
| client.transfer(&admin, &user, &100i128); | ||
| assert_eq!(client.balance(&user), 100i128); | ||
| } |
There was a problem hiding this comment.
Missing negative test: non-manager cannot block. This is the most security-critical access control boundary in the contract. Add a test that asserts a non-manager address calling block_user panics.
Similarly, there's no test that a non-admin calling mint is rejected. These two negative auth tests would significantly strengthen coverage.
|
|
||
| - name: Cache cargo | ||
| uses: actions/cache@v3 | ||
| with: |
There was a problem hiding this comment.
actions/cache@v3 is deprecated — GitHub recommends v4. The existing Foundry jobs don't use cache actions at all, so this would be the only v3 reference in the workflow.
| with: | |
| uses: actions/cache@v4 |
- Remove unused stellar-macros dependency - Add comment explaining why MuxedAddress/Symbol/Vec imports are needed (OZ macro expansions require them) - Add comment explaining soroban-sdk 23.5.3 pin (OZ 0.6.0 compatibility) - Upgrade actions/cache@v3 to v4 - Add auth tests: non-admin cannot mint, non-manager cannot block Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
1 participant
Summary
FungibleToken,BlockList,FungibleBurnable, andAccessControltraitsContract interface
transfer,approve,allowance,balance, etc.mint(to, amount)block_user(user, operator)unblock_user(user, operator)blocked(account)burn(from, amount)How to test
13 tests covering constructor, mint, transfer, block/unblock, blocked-transfer, blocked-approve, transfer_from, burn, and burn-from-blocked scenarios.
What's next
Track 2 (application compliance) —
predicate-registryandpredicate-clientcontracts — will come in a follow-up PR on thefeat/soroban-contractsbranch.🤖 Generated with Claude Code