A Rust-based smart contract for the Stellar ecosystem that implements Delegated Authentication (CAP-0071-01). This contract allows complex smart contract accounts to securely delegate specific transaction approvals to secondary addresses, optimizing gas fees and improving security for automated Web3 backend services.
- Overview
- Features
- Drips Wave Program
- Active Issues
- Global Acceptance Criteria
- Local Development Setup
- License
The AuthDelegator Contract enables master accounts to delegate scoped transaction permissions to sub-addresses, with configurable thresholds, time-bound expiry, and full event emission for off-chain indexers. Built with #![no_std] and optimized for the Soroban runtime, it meets strict gas-metering and WASM size constraints.
- Multi-Signature Delegation — Master accounts delegate permissions to up to 5 sub-addresses with configurable threshold verification (e.g., 3-of-5).
- Time-Bound Expiry — Delegated permissions automatically revoke after a predefined ledger count, enforced via persistent storage state.
- Event Emission — Standardized Soroban events (
env.events().publish()) emitted on delegation creation, update, and revocation for seamless backend indexing. - Gas-Optimized — No unbounded loops; compiled WASM binary remains under the 64 KB network limit.
- Tested — 95%+ test coverage using
soroban-sdk'stestutils, including integration tests for multi-sig success/failure and expiry edge cases.
This repository participates in the Drips Wave Program. Monthly 7-day sprints allow open-source contributors to merge PRs and earn a share of the Wave budget.
⚠️ Wave 5 Update: All contributors must complete upfront identity verification (KYC) through the Drips portal before claiming an issue. This ensures strict Sybil resistance and fair point distribution.
Requires advanced Rust knowledge and deep familiarity with the Soroban Env and authentication contexts.
Issue #42: Implement Multi-Signature Delegation Logic
Write the core Rust logic that allows a master account to delegate scoped transaction permissions to an array of up to 5 sub-addresses. The contract must verify that the sum of the signatures meets the required threshold before validating the execution context.
- Must use strict
#![no_std]and pass Soroban's gas-metered execution limits. - Include integration tests simulating a 3-of-5 signature success and a 2-of-5 signature failure.
Standard Soroban state management and lifecycle implementation.
Issue #45: Time-Bound Delegation Expiry
Implement a block-height tracking mechanism that automatically revokes a delegated address's permissions after a predefined ledger count.
- Update the contract's persistent storage state securely.
- Write mock tests verifying that transactions attempted exactly one block after expiry panic with a
DelegationExpiredcustom error.
Clear, bounded tasks ideal for developers new to Soroban.
Issue #51: Standardize Event Emitting for Indexers
Refactor the contract to emit standardized Soroban events (env.events().publish()) whenever a delegation is created, updated, or revoked.
- Ensure event topics are serialized correctly so external backend indexers can easily parse the exact addresses involved.
| Criterion | Requirement |
|---|---|
| Test Coverage | All new modules must achieve 95% test coverage using soroban-sdk's testutils. |
| Deterministic Gas | Unbounded loops are strictly prohibited. The compiled WASM binary must remain under the 64 KB network limit. |
| PR Reviews | Maintainers have a strict 48-hour SLA to review PRs to ensure fair interaction with the Drips AI points appeal system. |
- Rust toolchain with
wasm32-unknown-unknowntarget - Soroban CLI
git clone https://github.com/levi-soromto/soroban-authdelegator.git
cd soroban-authdelegator
cargo build --target wasm32-unknown-unknown --release
cargo testThis project is licensed under the MIT License — see the LICENSE file for details.