Skip to content

feat: implemented the SEP-10 challenge verification feature#662

Open
CollinsC1O wants to merge 3 commits into
NOVUS-X:mainfrom
CollinsC1O:SEP-10
Open

feat: implemented the SEP-10 challenge verification feature#662
CollinsC1O wants to merge 3 commits into
NOVUS-X:mainfrom
CollinsC1O:SEP-10

Conversation

@CollinsC1O

Copy link
Copy Markdown
Contributor

Summary

  • Added Storage Keys: Created AUTH_NONCE to handle replay protections against nonces being used multiple times and a NODE_REG map to accurately track node authorization sequences and timestamp states on-chain.

  • Implemented Verification Logic: Wrote the core verify_sep10_challenge function in lib.rs. The code builds a secure SHA-256 payload composed of the b"SEP10" prefix, node public key, challenge nonce, and timestamp prior to checking it against the node's provided signature via env.crypto().ed25519_verify(...).

  • Time Bounds Safety Check: Factored in bounds protection to throw an explicit ContractError::AuthTimeout if the timestamp on the challenge payload expires or passes an unacceptably delayed time window (timestamp +/- 300 seconds using env.ledger().timestamp()). This avoids permanently stalled, stale authorizations while restricting CPU load.

  • Analytics Support: Exposed an get_node_auth helper mapped with a corresponding standard env.events().publish((symbol_short!("node_auth"), node_pubkey), timestamp); event emitter to keep the off-chain/backend services optimally synced.

Closes #519

@coderabbitai

coderabbitai Bot commented Apr 23, 2026

Copy link
Copy Markdown
Contributor

Warning

Rate limit exceeded

@CollinsC1O has exceeded the limit for the number of commits that can be reviewed per hour. Please wait 58 minutes and 45 seconds before requesting another review.

Your organization is not enrolled in usage-based pricing. Contact your admin to enable usage-based pricing to continue reviews beyond the rate limit, or try again in 58 minutes and 45 seconds.

⌛ How to resolve this issue?

After the wait time has elapsed, a review can be triggered using the @coderabbitai review command as a PR comment. Alternatively, push new commits to this PR.

We recommend that you space out your commits to avoid hitting the rate limit.

🚦 How do rate limits work?

CodeRabbit enforces hourly rate limits for each developer per organization.

Our paid plans have higher rate limits than the trial, open-source and free plans. In all cases, we re-allow further reviews after a brief timeout.

Please see our FAQ for further information.

ℹ️ Review info
⚙️ Run configuration

Configuration used: defaults

Review profile: CHILL

Plan: Pro

Run ID: ac2ac504-8b9f-41f4-9e30-3dbde24ccb3d

📥 Commits

Reviewing files that changed from the base of the PR and between d72579d and b21b3e5.

📒 Files selected for processing (1)
  • contracts/game_contract/src/lib.rs
✨ Finishing Touches
🧪 Generate unit tests (beta)
  • Create PR with unit tests

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

Comment @coderabbitai help to get the list of available commands and usage tips.

@drips-wave

drips-wave Bot commented Apr 23, 2026

Copy link
Copy Markdown

@CollinsC1O Great news! 🎉 Based on an automated assessment of this PR, the linked Wave issue(s) no longer count against your application limits.

You can now already apply to more issues while waiting for a review of this PR. Keep up the great work! 🚀

Learn more about application limits

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

Contract: Implementation of SEP-10 challenge verification

1 participant