[Backend] Trust API: back getTrustScore with Postgres identity repository instead of in-memory store

[Baskarayelu]

Description

The public trust-score endpoint GET /api/trust/:address is served by getTrustScore in src/services/reputationService.ts, which calls getIdentity from src/db/store.ts — an in-memory Map seeded with hardcoded development identities. This means production trust scores are computed from fake seed data and reset on every process restart, while the real identity data lives in Postgres (src/repositories/identities.repository.ts). The reputation engine must read from the durable identity repository so scores reflect on-chain bond and attestation state synced by the Horizon listeners. This is a correctness-critical gap that makes the headline API effectively non-functional in production.

Requirements and context

• Replace getIdentity usage in src/services/reputationService.ts with src/repositories/identities.repository.ts (and src/repositories/attestations.repository.ts for attestationCount).
• Convert getTrustScore to async and update src/routes/trust.ts to await it.
• Keep pure scoring functions (computeBondScore, computeDurationScore, computeAttestationScore) unchanged and unit-testable.
• Deprecate/remove the seed-only src/db/store.ts for the production path; keep it only behind test fixtures.

Suggested execution

Create branch feature/trust-score-postgres-backing.

• Modify src/services/reputationService.ts to inject an identity repository dependency.
• Update src/routes/trust.ts to await the async score and preserve the NotFoundError path.
• Add src/services/__tests__/reputationService.repository.test.ts covering hit/miss against a pg-mem or testcontainers Postgres.
• Update docs/api.md and docs/schema.md to reflect the data source.

Test and commit

Run npm run test and npm run test:coverage. Edge cases: address with no identity row, identity with null bondStart, very large bondedAmount BigInt values, address casing normalization. Security: ensure no seed/mock identities leak into production responses.

Example commit message

feat: back trust score endpoint with durable Postgres identity repository

Guidelines

• Minimum 95% test coverage
• Clear documentation of the data-source change in docs/api.md
• Timeframe: 96 hours

[Ayilojay]

@Ayilojay has applied to work on this issue as part of the Stellar Wave Program's 5th wave.

Hi Maintainer! I will like to work on this issue

ℹ️ Repo Maintainers: To accept this application, review their application or assign @Ayilojay to this issue.

[drips-wave]

Congratulations, @Ayilojay! 🎉 Your application was accepted by the repo's maintainers, and the issue is due on June 2, 2026.

🧑‍💻 @Ayilojay: Please resolve the issue such that the repo's maintainers have enough time to review your contribution before the due date. You'll earn Points for completing the issue on-time, which will make you eligible for a share of the Stellar Wave Program's reward pool.

Warning

When opening a PR, please link it to this issue to ensure it gets tracked accurately. Points are awarded when this issue is marked as completed by the maintainer.

🤠 Repo maintainers: Please keep an eye on the contributor's progress and review their work before the due date. You can manage this issue, including adjusting its complexity and points, here.

🌊 Happy Wave 🌊