feat: ZK anonymous reviews, oracle price feed, reentrancy guard, and CQRS (#628, #634, #635, #636)#2
Open
Realericky wants to merge 6 commits into
Open
feat: ZK anonymous reviews, oracle price feed, reentrancy guard, and CQRS (#628, #634, #635, #636)#2Realericky wants to merge 6 commits into
Realericky wants to merge 6 commits into
Conversation
…CQRS (yosemite01#628, yosemite01#634, yosemite01#635, yosemite01#636) **yosemite01#628 – ZK Proofs for Anonymous Reviews (Frontend)** - Add `lib/zk-review-proof.ts`: WASM-backed proving circuit with SHA-256 nullifier derivation, local proof verification, and a deterministic mock fallback when the WASM binary is absent. - Add `components/forms/review-form.tsx`: review form with live proving status indicator (loading → proving → verified/failed) and disabled submit during proof generation. **yosemite01#634 – Decentralized Oracle for Fiat-Pegged Bounties (Contract)** - Add `backend/contracts/oracle/`: Soroban `OracleContract` with `update_price` (deviation guard, max 10 % swing), `get_price` (5-min staleness fallback to $0.12/XLM), and `value_in_tokens` for atomic USD→token valuation at execution time. - Register `contracts/oracle` in workspace `Cargo.toml`. **yosemite01#635 – Cross-Contract Reentrancy Protection (Contract)** - Add `backend/contracts/escrow/src/reentrancy.rs`: global reentrancy guard backed by temporary Soroban storage (TTL = 1 ledger), with `require_active_escrow` and `require_authorized_party` CEI helpers. - Rewrite `release_funds`, `refund_escrow`, and `release_milestone` in `escrow/lib.rs` to follow Checks-Effects-Interactions strictly — state is committed before any cross-contract token transfer. - Fix broken merge artifacts: duplicate function definitions, split import block, missing `DataKey` enum, and stale test helpers. **yosemite01#636 – Event Sourcing and CQRS Migration (Backend)** - Add `cqrs_write.rs`: typed `Command` enum, `DomainEvent` enum, and `handle_command` handler (one event per command, rating validation). - Add `cqrs_read.rs`: denormalised `ReadStore` projections (`BountyView`, `EscrowView`, `CreatorReputationView`) updated by `project_event`; incremental average for review ratings. - Extend `event_indexer.rs`: idempotent `apply_to_read_store` (skips already-applied sequences) and `append_event` for the in-process log. - Wire `mod cqrs_read` and `mod cqrs_write` into `main.rs`; fix the corrupted file that contained a previous AI response as plaintext. Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
…-181-183 fix: rating bounds/auth, token validation, completion workflow, merge conflicts (yosemite01#160 yosemite01#179 yosemite01#181 yosemite01#183)
…stream feat: core fee bps limit guards and identity social proof contract (yosemite01#516 yosemite01#517)
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
3 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
Implements four Stellar Wave features across the frontend, smart contract, and backend layers. Also repairs two corrupted files left by a previous unresolved merge conflict on the branch.
yosemite01#628 – ZK Proofs for Anonymous Job Reviews (Frontend)
lib/zk-review-proof.ts— WASM-backed proving circuit. Loads the binary lazily, derives a SHA-256 nullifier fromcredential || subjectId(prevents double-submission), writes the witness into WASM shared memory, and falls back to a deterministic mock proof when the binary is absent (e.g. in CI).components/forms/review-form.tsx— review form with a live status indicator (idle → loading_wasm → proving → verified / failed). The submit button is disabled while proving is in progress. LocalverifyProofLocallyruns before the network call.yosemite01#634 – Decentralized Oracle for Fiat-Pegged Bounties (Contract)
backend/contracts/oracle/src/lib.rs— SorobanOracleContractwith:update_price: rejects zero/negative prices and flags anomalous prices that deviate >10 % (1 000 bps) from the last accepted observation.get_price: returns the live price if fresh (≤5 min); otherwise falls back to the hardcoded conservative rate ($0.12/XLM).value_in_tokens: atomic USD→token conversion at exact execution time, reports whether the fallback was used.Cargo.toml.yosemite01#635 – Cross-Contract Reentrancy Protection (Contract)
backend/contracts/escrow/src/reentrancy.rs— global reentrancy guard stored in Soroban temporary storage (TTL = 1 ledger, so it cannot be permanently locked). RAII-styleReentrancyGuardpanics immediately on reentrant entry. Helper functionsrequire_active_escrowandrequire_authorized_partycentralise the "Checks" phase.backend/contracts/escrow/src/lib.rs—release_funds,refund_escrow, andrelease_milestonerewritten to follow strict Checks-Effects-Interactions: state is committed to storage before any cross-contracttoken.transfercall. Events are emitted after the transfer.use soroban_sdkimport block, duplicate function definitions (release,release_fundswrapper,refund_escrowfragment), missingDataKeyenum, and stale test helpers that referenced a deletedrelease()API.yosemite01#636 – Event Sourcing and CQRS Architecture (Backend)
backend/services/api/src/cqrs_write.rs— typedCommandenum (8 variants) andDomainEventenum (8 variants) with serde tags.handle_commandvalidates rating range and converts each command to its domain event(s).backend/services/api/src/cqrs_read.rs— denormalisedReadStorewithBountyView,EscrowView, andCreatorReputationViewprojections.project_eventapplies each event incrementally (incremental running average for ratings). Query helpers:open_bounties()(sorted newest-first),creator_reputation().backend/services/api/src/event_indexer.rs— extended with idempotentapply_to_read_store(skips already-applied sequence numbers) andappend_eventfor the in-process event log. Exponential back-off retry on RPC failures.backend/services/api/src/main.rs— addsmod cqrs_readandmod cqrs_write. Replaces the corrupted file content (a previous AI response pasted as plaintext) with the correct Rust source.Test plan
lib/zk-review-proof.ts:generateReviewProofruns in a browser without a WASM binary (mock path) and returns a non-empty proof + 64-char nullifier;verifyProofLocallyreturnstrue.components/forms/review-form.tsx: Submit button disabled whileisProving === true; status banner cycles through the correct labels; form submits only after proof is verified.update_pricerejects a price >10 % above/below last accepted;get_pricereturns fallback when no price is stored or when the stored price is >300 s old;value_in_tokensreportsused_fallback: trueon the fallback path.release_fundspanics on reentrancy (guard in temporary storage); state isReleasedbefore the token transfer completes;refund_escrowandrelease_milestonefollow the same CEI ordering. Double-release and unauthorised-caller tests still pass.handle_command(SubmitReview { rating: 0 })returnsErr;project_eventapplied twice with the same sequence number produces one bounty entry (idempotency test inevent_indexer.rs).cargo checkpasses on the backend workspace.next build(ortsc --noEmit) passes on the frontend.🤖 Generated with Claude Code