edut/web
1
0
Fork 0
Code Issues Pull Requests Actions 2 Packages Projects Releases Wiki Activity

Enforce USDC-only membership mint configuration

Browse Source
This commit is contained in:
Joshua 2026-02-19 05:47:57 -08:00
parent a8800ccb4c
commit f8e85eb675
4 changed files with 41 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
backend/secretapi/README.md
View File

@ -139,7 +139,7 @@ Policy gates:
- `SECRET_API_DOMAIN_NAME` - `SECRET_API_DOMAIN_NAME`
- `SECRET_API_VERIFYING_CONTRACT` - `SECRET_API_VERIFYING_CONTRACT`
- `SECRET_API_MEMBERSHIP_CONTRACT` - `SECRET_API_MEMBERSHIP_CONTRACT`
- `SECRET_API_MINT_CURRENCY` (default `USDC`) - `SECRET_API_MINT_CURRENCY` (must be `USDC` in v1)
- `SECRET_API_MINT_AMOUNT_ATOMIC` (default `100000000`) - `SECRET_API_MINT_AMOUNT_ATOMIC` (default `100000000`)
- `SECRET_API_MINT_DECIMALS` (default `6`) - `SECRET_API_MINT_DECIMALS` (default `6`)

12
backend/secretapi/config.go
View File

@ -2,6 +2,7 @@ package main
import ( import (
"fmt" "fmt"
"math/big"
"os" "os"
"strconv" "strconv"
"strings" "strings"
@ -76,6 +77,17 @@ func (c Config) Validate() error {
if c.ChainID <= 0 { if c.ChainID <= 0 {
return fmt.Errorf("SECRET_API_CHAIN_ID must be positive") return fmt.Errorf("SECRET_API_CHAIN_ID must be positive")
} }
if strings.ToUpper(strings.TrimSpace(c.MintCurrency)) != "USDC" {
return fmt.Errorf("SECRET_API_MINT_CURRENCY must be USDC")
}
if c.MintDecimals != 6 {
return fmt.Errorf("SECRET_API_MINT_DECIMALS must be 6")
}
amountRaw := strings.TrimSpace(c.MintAmountAtomic)
amount, ok := new(big.Int).SetString(amountRaw, 10)
if !ok || amount.Sign() <= 0 {
return fmt.Errorf("SECRET_API_MINT_AMOUNT_ATOMIC must be a positive base-10 integer")
}
if c.WalletSessionTTL <= 0 { if c.WalletSessionTTL <= 0 {
return fmt.Errorf("SECRET_API_WALLET_SESSION_TTL_SECONDS must be positive") return fmt.Errorf("SECRET_API_WALLET_SESSION_TTL_SECONDS must be positive")
} }

27
backend/secretapi/config_test.go
View File

@ -31,3 +31,30 @@ func TestConfigValidateRejectsNonPositiveChainID(t *testing.T) {
t.Fatalf("expected chain id validation failure") t.Fatalf("expected chain id validation failure")
} }
} }
func TestConfigValidateRejectsNonUSDCCurrency(t *testing.T) {
t.Parallel()
cfg := loadConfig()
cfg.MintCurrency = "ETH"
if err := cfg.Validate(); err == nil {
t.Fatalf("expected mint currency validation failure")
}
}
func TestConfigValidateRejectsNonSixMintDecimals(t *testing.T) {
t.Parallel()
cfg := loadConfig()
cfg.MintDecimals = 18
if err := cfg.Validate(); err == nil {
t.Fatalf("expected mint decimals validation failure")
}
}
func TestConfigValidateRejectsInvalidMintAmount(t *testing.T) {
t.Parallel()
cfg := loadConfig()
cfg.MintAmountAtomic = "not-a-number"
if err := cfg.Validate(); err == nil {
t.Fatalf("expected mint amount validation failure")
}
}

2
docs/api/secret-system.openapi.yaml
View File

@ -303,7 +303,7 @@ components:
type: integer type: integer
currency: currency:
type: string type: string
enum: [USDC, ETH] enum: [USDC]
amount: amount:
type: string type: string
amount_atomic: amount_atomic: