feat: Comprehensive Tests and Integration for NFT & Reputation Contracts

[aguilar1x]

Test Coverage for NFT and Reputation Contracts

• Closes Add Comprehensive Tests and Integration for NFT & Reputation Contracts #765

Description

Added the test suite for NFT and Reputation contracts, ensuring coverage of key functionalities.

Changes

• Reputation Contract Tests (apps/contract/contracts/reputation/src/test.rs)

  • Tests for storage operations and reputation management
  • Validation of NFT client integration
  • Verification of events and error handling

• NFT Contract Tests (apps/contract/contracts/nft-kindfi/src/test.rs)

  • Tests for minting and burning operations
  • Validation of metadata and ownership
  • Transfer and permissions verification

Summary by CodeRabbit

• New Features
  • Added KindFi NFT Contract supporting minting with metadata, burning tokens, and role-based access control
  • Introduced Reputation System for tracking user achievements through events and calculating five-tier levels (Rookie to Diamond)
  • Enabled NFT-Reputation integration with automatic level attribute synchronization
  • Updated core dependencies to latest Soroban SDK and Stellar libraries

_{✏️ Tip: You can customize this high-level summary in your review settings.}

[vercel]

The latest updates on your projects. Learn more about Vercel for GitHub.

1 Skipped Deployment

Project	Deployment	Review	Updated (UTC)
kindfi	Skipped		Jan 27, 2026 6:42pm

[coderabbitai]

Walkthrough

This PR introduces two new Soroban smart contracts for the KindFi platform: an NFT contract for minting and burning NFTs with metadata management, and a Reputation contract for tracking user reputation through events with automatic NFT level upgrades. It includes workspace dependency updates, build configuration adjustments, and comprehensive test suites for both contracts.

Changes

Cohort / File(s)	Summary
NFT Contract Implementation apps/contract/contracts/nft-kindfi/src/lib.rs, mint.rs, burn.rs, metadata.rs, types.rs, errors.rs, events.rs, test.rs	Complete OpenZeppelin-based NFT contract with minting, burning, metadata storage/updates, sequential token ID generation, role-based access control (minter, burner, metadata_manager roles), and comprehensive test coverage (~470 lines). Includes TTL extension mechanisms and event emission for all state changes.
NFT Contract Configuration apps/contract/contracts/nft-kindfi/Cargo.toml, README.md	New contract manifest with cdylib library configuration and workspace dependencies; comprehensive documentation covering architecture, access control, API functions, and usage examples.
Reputation Contract Implementation apps/contract/contracts/reputation/src/lib.rs, nft_client.rs, storage.rs, types.rs, errors.rs, events.rs, test.rs	Complete reputation system with event recording, level progression (5 tiers: Rookie→Bronze→Silver→Gold→Diamond), permission thresholds, and cross-contract NFT integration for automatic metadata updates on level ups. Includes TTL-backed storage and extensive test coverage (~588 lines).
Reputation Contract Configuration apps/contract/contracts/reputation/Cargo.toml, README.md	New contract manifest with cdylib configuration; documentation covering architecture, level system, event types, permission thresholds, and NFT integration workflow.
Workspace Configuration apps/contract/Cargo.toml	Removed academy-related workspace members (graduation, verifier, progress-tracker, badge-tracker); updated soroban-sdk from 22.0.6 to 23.4.0; consolidated stellar-* dependencies to v0.6.0; added workspace-level metadata block.
Build Configuration apps/contract/.cargo/config.toml, rust-toolchain.toml	Removed wasm32-unknown-unknown build target and rustflags; added rust-toolchain.toml specifying stable channel with wasm32v1-none target and standard components.

Sequence Diagram(s)

sequenceDiagram
    participant User
    participant ReputationContract as Reputation<br/>Contract
    participant NFTContract as NFT<br/>Contract
    participant Storage as Persistent<br/>Storage

    User->>ReputationContract: record_event(user, EventType)
    ReputationContract->>Storage: get_points(user)
    Storage-->>ReputationContract: current_points
    ReputationContract->>Storage: add_points(user, event_points)
    ReputationContract->>Storage: get_user_level(user)
    Storage-->>ReputationContract: current_level
    ReputationContract->>ReputationContract: calculate_level(new_points)
    alt Level Up
        ReputationContract->>Storage: get_user_nft_token_id(user)
        Storage-->>ReputationContract: token_id
        ReputationContract->>NFTContract: get_metadata(token_id)
        NFTContract->>Storage: fetch_metadata
        Storage-->>NFTContract: metadata
        NFTContract-->>ReputationContract: metadata
        ReputationContract->>ReputationContract: build_level_attribute(new_level)
        ReputationContract->>ReputationContract: update_attributes_with_level()
        ReputationContract->>NFTContract: update_metadata(token_id, new_metadata)
        NFTContract->>Storage: set_metadata(token_id, new_metadata)
        NFTContract-->>ReputationContract: success
        ReputationContract->>Storage: set_user_level(user, new_level)
        ReputationContract-->>User: LevelUpEventData emitted
    end
    ReputationContract-->>User: ReputationEventData emitted

Loading

sequenceDiagram
    participant Caller
    participant NFTContract as NFT<br/>Contract
    participant Base as OpenZeppelin<br/>Base
    participant Storage as Persistent<br/>Storage

    Caller->>NFTContract: mint_with_metadata(to, metadata)
    NFTContract->>Storage: get_token_counter()
    Storage-->>NFTContract: current_id
    NFTContract->>NFTContract: increment_token_counter()
    NFTContract->>Base: mint(to, token_id)
    Base->>Storage: update_owner(token_id, to)
    Base-->>NFTContract: success
    NFTContract->>Storage: set_metadata(token_id, metadata)
    NFTContract->>NFTContract: publish(MintedEventData)
    NFTContract-->>Caller: token_id returned
    
    Caller->>NFTContract: update_metadata(token_id, new_metadata)
    NFTContract->>Storage: get_metadata(token_id)
    Storage-->>NFTContract: current_metadata
    NFTContract->>Storage: set_metadata(token_id, new_metadata)
    NFTContract->>NFTContract: publish(MetadataUpdatedEventData)
    NFTContract-->>Caller: success

Loading

Estimated code review effort

🎯 4 (Complex) | ⏱️ ~55 minutes

Possibly related issues

• Add Comprehensive Tests and Integration for NFT & Reputation Contracts #765: Addresses comprehensive test and integration requirements for NFT & Reputation contracts—this PR implements complete test suites for both contracts covering unit tests, integration scenarios, and edge cases.
• Implement OpenZeppelin-Based KindFi NFT Contract #763: Directly implements the OpenZeppelin-based KindFi NFT contract with all required functionality (minting, burning, metadata, role-based access).
• Implement Reputation Contract for NFT Level Management #764: Directly implements the Reputation contract with event recording, level progression, and NFT integration as specified.

Possibly related PRs

• Implement OpenZeppelin-Based KindFi NFT Contract #763: Implements the foundational NFT contract structure and OpenZeppelin integration patterns used across the NFT contract modules.
• Implement Reputation Contract for NFT Level Management #764: Implements the Reputation contract with overlapping event types, level system, and NFT upgrade logic.
• Feat/fix nft contract #584: Modifies workspace dependencies for stellar-related crates, directly related to the dependency version consolidation in this PR's Cargo.toml changes.

Suggested labels

feature, contract, testing

Suggested reviewers

• Bran18
• AndlerRL

Poem

🌟 From Stellar's chains, two contracts bloom with care,
Reputation rises through the digital air,
NFTs glow as levels ascend on high,
KindFi's dreams now dance across the sky! 🚀

---

Constructive Observations

Strengths Observed:

• The implementation demonstrates thoughtful architecture with clear separation between NFT and Reputation contracts, each with focused responsibilities.
• Cross-contract integration via the NFT client module shows good abstraction for managing on-chain metadata updates without tight coupling.
• Comprehensive test suites (~470 + ~588 lines) indicate strong attention to quality and edge case handling.
• TTL management is consistently applied across storage operations, demonstrating awareness of Soroban's persistent storage patterns.

Areas for Enhancement:

• Consider documenting the rationale behind the new error code ranges (300–305 for NFT, 400–409 for Reputation) to help future maintainers avoid conflicts with extensions.
• We could enhance the NFT contract's metadata validation by adding more granular checks (e.g., maximum string lengths, valid URI formats) to catch issues earlier.
• The Reputation contract's NFT upgrade logic within try_upgrade_nft_internal could benefit from explicit fallback/retry strategies if cross-contract calls fail, improving robustness in production scenarios.
• Consider adding integration tests that simulate failure modes (e.g., NFT contract unavailable) to ensure reputation events are recorded gracefully even if NFT updates fail.

🚥 Pre-merge checks | ✅ 4 | ❌ 1

❌ Failed checks (1 inconclusive)

Check name	Status	Explanation	Resolution
Out of Scope Changes check	❓ Inconclusive	While test files are in scope, significant contract implementation changes and dependency updates (Cargo configs, workspace members, SDK upgrades to 23.4.0, stellar package versions to v0.6.0) appear alongside tests, making it difficult to isolate what is truly test-specific versus infrastructure/implementation changes.	Consider clarifying in PR description or commit messages which changes are infrastructure prerequisites versus the core test additions, or separate infrastructure changes into a distinct PR for clearer change tracking.

✅ Passed checks (4 passed)

Check name	Status	Explanation
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.
Linked Issues check	✅ Passed	The PR successfully implements comprehensive test suites addressing all coding requirements from #765: unit tests for constructor, minting, metadata, burning, and access control for NFT contract; unit tests for event recording, level calculation, thresholds, and role authorization for Reputation contract; and integration test scenarios covering minting, metadata updates, and role enforcement.
Docstring Coverage	✅ Passed	Docstring coverage is 100.00% which is sufficient. The required threshold is 80.00%.
Title check	✅ Passed	The title accurately reflects the primary purpose of this PR—adding comprehensive test suites and integration for NFT and Reputation contracts, which aligns with the main changes.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing touches

• 📝 Generate docstrings

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[coderabbitai]

Actionable comments posted: 14

🤖 Fix all issues with AI agents

In `@apps/contract/Cargo.toml`:
- Around line 33-38: Update the git dependencies (stellar-access,
stellar-macros, stellar-tokens, stellar-contract-utils) to pin to specific
commit revs instead of tags (or replace with crates.io versions) to ensure
reproducible builds, and then verify compatibility between soroban-sdk =
"23.4.0" and the stellar-* v0.6.0 set; specifically, change the dependency
entries to include rev = "<commit-hash>" for each stellar-* entry and run cargo
build/tests to confirm no breaking API or feature mismatches with soroban-sdk
23.4.0.

In `@apps/contract/contracts/nft-kindfi/README.md`:
- Around line 45-50: In the README parameter list for base_uri (the `base_uri`
example) replace the bare URL "https://api.kindfi.org/nft/" with a wrapped form
(e.g., `<https://api.kindfi.org/nft/>` or `` `https://api.kindfi.org/nft/` ``)
so the `admin`, `name`, `symbol`, and `base_uri` example avoids MD034 bare-URL
lint failures; update the `base_uri` line accordingly.
- Around line 15-24: Update the README's architecture tree code block to include
a language tag for proper markdown linting and rendering: change the fenced
block from ``` to ```text so the listing (src/, lib.rs, mint.rs, burn.rs,
metadata.rs, events.rs, types.rs, errors.rs) is labeled; locate the block that
lists filenames (e.g., lib.rs, mint.rs, burn.rs, metadata.rs, events.rs,
types.rs, errors.rs) and add "text" immediately after the opening backticks.

In `@apps/contract/contracts/nft-kindfi/src/lib.rs`:
- Around line 118-150: The update_metadata function currently causes two events
to be emitted because metadata::set_metadata already publishes
MetadataSetEventData and update_metadata additionally publishes
MetadataUpdatedEventData; decide which single event you want and remove the
duplicate: either stop update_metadata from publishing MetadataUpdatedEventData
(remove the MetadataUpdatedEventData publish call in update_metadata) or add a
parameter to metadata::set_metadata (e.g., emit_event: bool) to control emission
and call it with emit_event=false from update_metadata, ensuring references to
MetadataSetEventData and MetadataUpdatedEventData and functions update_metadata
and metadata::set_metadata are updated accordingly.

In `@apps/contract/contracts/nft-kindfi/src/metadata.rs`:
- Around line 1-22: Replace the assert!-based validation with Soroban typed
errors: change require_valid_metadata signature to accept the Env (fn
require_valid_metadata(e: &Env, metadata: &NFTMetadata)) and replace both
assert! checks with panic_with_error!(e, Error::InvalidMetadata) when name or
image_uri are empty; update the set_metadata call to pass e into
require_valid_metadata(e, metadata). Ensure the Error enum contains
InvalidMetadata (use Error::InvalidMetadata) so the contract returns a typed
error code to clients.

In `@apps/contract/contracts/reputation/README.md`:
- Around line 14-25: Update the README fenced code blocks (starting with the
Architecture block in apps/contract/contracts/reputation/README.md) to include a
language identifier (e.g., "text" or "rust") and ensure there is a blank line
before and after each fenced block; specifically modify the architecture block
to use ```text and to have an empty line above the opening ``` and below the
closing ```, and apply the same pattern to other fenced blocks in the file for
consistent rendering and lint compliance.

In `@apps/contract/contracts/reputation/src/lib.rs`:
- Around line 334-356: The set_level_thresholds function should validate that
provided thresholds are non‑decreasing across levels before applying them:
gather thresholds for all defined levels (use Level::from_u32 to map keys and
iterate levels in the canonical order Rookie→Bronze→Silver→Gold→Diamond), check
each threshold is >= the previous one, and if any ordering violation is found
abort the update (do not call set_level_threshold or publish
ThresholdsUpdatedData); only after the monotonic check passes call
set_level_threshold for each level and then publish ThresholdsUpdatedData and
call Self::extend_instance_ttl. Ensure the validation logic lives in
set_level_thresholds and references Level::from_u32, set_level_threshold,
ThresholdsUpdatedData, and Self::extend_instance_ttl so it’s easy to locate.
- Around line 282-292: The current get_level_threshold(e: &Env, level: u32)
silently maps invalid numeric levels to Level::Rookie via
Level::from_u32(...).unwrap_or(...), which hides errors; change the function to
explicitly handle invalid input by returning Option<u32> or Result<u32, Error>,
e.g., call Level::from_u32(level) and if None return None (or Err with a clear
message) instead of unwrapping to Rookie, and update callers of
get_level_threshold(e, level_enum) to handle the new Option/Result return value
accordingly so invalid levels are surfaced rather than masked.
- Around line 429-448: register_user_nft currently writes the mapping
immediately; add a verification step that the NFT token exists and is owned by
`user` before calling set_user_nft_token_id and publishing
UserNFTRegisteredData. Use the NFT contract's on-chain entrypoint (e.g.,
owner_of or equivalent) via Env::invoke_contract or cross-contract call to check
token existence and ownership, aborting (returning an error or panicking) if the
token is missing or owned by someone else; then proceed to call
set_user_nft_token_id(e, &user, token_id), publish UserNFTRegisteredData{user,
token_id}, and call Self::extend_instance_ttl(e).
- Around line 384-402: Summary: Don't silently default invalid numeric levels to
Rookie; reject them. Change the method signature of the contract method
set_permission_threshold to return a Result (e.g., Result<(), Error>), validate
the incoming level using Level::from_u32(level).ok_or(Error::InvalidLevel)
instead of unwrap_or, propagate the error back to the caller when invalid, and
only call the internal set_permission_threshold(e, threshold_type, level_enum)
and Self::extend_instance_ttl(e) on Ok; add an Error::InvalidLevel variant if it
doesn't exist.
- Around line 73-98: Add explicit address validation in the __constructor: after
admin.require_auth() assert admin is not the zero/invalid address
(panic_with_error!(e, Error::InvalidAddress) or existing invalid-address error)
before calling set_admin, and for nft_contract when Some(nft_addr) verify
nft_addr is not the zero/invalid address before calling set_nft_contract; keep
the existing is_initialized and set_initialized logic and use the same error
helper macros for consistency.

In `@apps/contract/contracts/reputation/src/storage.rs`:
- Around line 86-95: Add a fixed bound when appending to user event history in
add_user_event: after retrieving events via get_user_events and pushing the new
ReputationEventRecord, prune the queue to keep only the last N entries (e.g.,
define MAX_USER_EVENTS constant) by popping from the front until length <=
MAX_USER_EVENTS, then persist with e.storage().persistent().set and extend_ttl
as before; reference StorageKey::UserEvents, add_user_event, get_user_events,
and introduce MAX_USER_EVENTS to control the limit so on-chain storage cannot
grow unbounded.

In `@apps/contract/contracts/reputation/src/test.rs`:
- Around line 29-38: The TestEnv::new_with_nft helper creates a fresh Env
(Env::default()) while accepting an nft_contract Address created in another Env,
causing Env/address mismatch; change new_with_nft to accept a reference to the
Env (e.g., new_with_nft(env: &Env, nft_contract: &Address)) or otherwise reuse
the caller's Env so the nft_contract and the Reputation client are created
against the same Env, update uses of Env::default() and Address::generate calls
inside new_with_nft to use the provided env, and ensure TestEnv construction
(env, admin, client) uses that same env instance.

In `@apps/contract/rust-toolchain.toml`:
- Around line 1-4: The toolchain file currently uses a floating channel
("stable") and an unusual target ("wasm32v1-none"); update the [toolchain] entry
so the channel is pinned to a specific Rust version (e.g., a concrete semver
like 1.xx.yy) instead of "stable", and verify/replace the targets value to the
intended Soroban target (confirm if "wasm32v1-none" should be
"wasm32-unknown-unknown" or another Soroban-supported target) so CI builds
reproducibly; adjust the components list only if Soroban requires different
components, run CI locally or in a branch to confirm the pinned version and
target work, and then commit the modified rust-toolchain.toml.

[coderabbitai]

⚠️ Potential issue | 🟡 Minor

Consider labeling the architecture tree code block.

Nice overview of the module layout. We could enhance this by adding a language tag (e.g., text) to satisfy MD040 and improve rendering consistency.

Proposed doc tweak

-```
+```text
 src/
 ├── lib.rs       # Main contract and implemented traits
 ├── mint.rs      # Minting logic with sequential IDs
 ├── burn.rs      # Burning logic with metadata cleanup
 ├── metadata.rs  # Metadata storage and retrieval
 ├── events.rs    # Contract event definitions
 ├── types.rs     # Data types (NFTMetadata, StorageKey)
 └── errors.rs    # Custom error codes
-```
+```

🧰 Tools

🪛 markdownlint-cli2 (0.18.1)

15-15: Fenced code blocks should have a language specified

(MD040, fenced-code-language)

🤖 Prompt for AI Agents

In `@apps/contract/contracts/nft-kindfi/README.md` around lines 15 - 24, Update
the README's architecture tree code block to include a language tag for proper
markdown linting and rendering: change the fenced block from ``` to ```text so
the listing (src/, lib.rs, mint.rs, burn.rs, metadata.rs, events.rs, types.rs,
errors.rs) is labeled; locate the block that lists filenames (e.g., lib.rs,
mint.rs, burn.rs, metadata.rs, events.rs, types.rs, errors.rs) and add "text"
immediately after the opening backticks.

[coderabbitai]

🧹 Nitpick | 🔵 Trivial

Update flow is clear; consider whether two events are intended.

Good role check and owner validation. Since metadata::set_metadata already emits MetadataSetEventData (apps/contract/contracts/nft-kindfi/src/metadata.rs lines 19-30), this method will also publish MetadataUpdatedEventData. Consider consolidating if you only want a single update signal.

🤖 Prompt for AI Agents

In `@apps/contract/contracts/nft-kindfi/src/lib.rs` around lines 118 - 150, The
update_metadata function currently causes two events to be emitted because
metadata::set_metadata already publishes MetadataSetEventData and
update_metadata additionally publishes MetadataUpdatedEventData; decide which
single event you want and remove the duplicate: either stop update_metadata from
publishing MetadataUpdatedEventData (remove the MetadataUpdatedEventData publish
call in update_metadata) or add a parameter to metadata::set_metadata (e.g.,
emit_event: bool) to control emission and call it with emit_event=false from
update_metadata, ensuring references to MetadataSetEventData and
MetadataUpdatedEventData and functions update_metadata and
metadata::set_metadata are updated accordingly.

[coderabbitai]

⚠️ Potential issue | 🟠 Major

🧩 Analysis chain

🏁 Script executed:

# First, let's check if the file exists and inspect the current state
find . -name "metadata.rs" -path "*/nft-kindfi/*" | head -20

Repository: kindfi-org/kindfi

Length of output: 113

---

🏁 Script executed:

# Check the error handling structure in the nft-kindfi contract
find . -path "*/nft-kindfi/src/*" -type f -name "*.rs" | head -20

Repository: kindfi-org/kindfi

Length of output: 460

---

🏁 Script executed:

# Search for Error enum definition in the contract
rg "enum Error|InvalidMetadata" --type rs apps/contract/contracts/nft-kindfi/ -A 2

Repository: kindfi-org/kindfi

Length of output: 87

---

🏁 Script executed:

# Check existing panic_with_error usage patterns in the codebase
rg "panic_with_error" --type rs apps/contract/contracts/ -B 2 -A 2 | head -50

Repository: kindfi-org/kindfi

Length of output: 87

---

🏁 Script executed:

# Check how assert is currently used in the nft-kindfi contract
rg "assert!" --type rs apps/contract/contracts/nft-kindfi/ -B 1 -A 1

Repository: kindfi-org/kindfi

Length of output: 87

---

🌐 Web query:

Soroban SDK 23.4.0 error handling panic_with_error vs assert recommended pattern

💡 Result:

Recommended pattern in Soroban SDK (incl. 23.4.0)

1) Prefer Result<_, E> for “expected”/business-logic failures (best UX for callers).
If the error is something an external caller (client or another contract) might reasonably handle (limits, authorization, missing state, invalid args, etc.), expose it in the contract interface by returning Result<T, ErrorEnum>. This makes the possible errors part of the contract spec and improves integration. [1]

2) Use panic_with_error! when you want to trap but still return a typed contract error.
This is the typed alternative to panic!()—the error value is propagated to the caller. It’s useful for “must not continue” situations or for convenience wrappers that don’t return Result. [2][1]
Also, Stellar docs explicitly recommend using panic_with_error!() instead of panic!() because panic!() messages typically aren’t available in Wasm builds (you often just see a generic failure). [4]

3) Use assert_with_error! for preconditions (it’s just a concise guard that panics with a typed error).
Treat it as the contract-friendly equivalent of assert!, but producing a contract error code rather than a string panic. [3]

---

Practical “best of both worlds” layout

#[contracterror]
#[derive(Copy, Clone, Debug, Eq, PartialEq)]
#[repr(u32)]
pub enum Error {
    Unauthorized = 1,
    LimitReached = 2,
}

pub fn do_thing(env: Env, x: u32) -> Result<u32, Error> {
    // expected failures => Result
    if x > 10 { return Err(Error::LimitReached); }
    Ok(x + 1)
}

// Optional convenience wrapper that traps with a typed error:
pub fn do_thing_or_panic(env: Env, x: u32) -> u32 {
    do_thing(env.clone(), x).unwrap_or_else(|e| soroban_sdk::panic_with_error!(&env, e))
}

---

Rule of thumb

• Caller-meaningful failure ⇒ Result (preferred). [1]
• Invariant/precondition check ⇒ assert_with_error!. [3]
• Abort execution but keep a typed error ⇒ panic_with_error! (avoid panic!()/assert!() for contract errors). [2][4]

Sources:
[1] https://developers.stellar.org/docs/build/smart-contracts/example-contracts/errors
[2] https://docs.rs/soroban-sdk/latest/soroban_sdk/macro.panic_with_error.html
[3] https://docs.rs/soroban-sdk/latest/soroban_sdk/
[4] https://developers.stellar.org/docs/learn/encyclopedia/errors-and-debugging/debugging-errors

---

🏁 Script executed:

# Read the errors.rs file to check for InvalidMetadata variant
cat -n apps/contract/contracts/nft-kindfi/src/errors.rs

Repository: kindfi-org/kindfi

Length of output: 890

---

🏁 Script executed:

# Read the metadata.rs file to see current implementation
cat -n apps/contract/contracts/nft-kindfi/src/metadata.rs

Repository: kindfi-org/kindfi

Length of output: 2276

---

🏁 Script executed:

# Check how require_valid_metadata is being used in the codebase
grep -r "require_valid_metadata" apps/contract/contracts/nft-kindfi/ --include="*.rs" -B 2 -A 2

Repository: kindfi-org/kindfi

Length of output: 1124

---

Consider using typed error codes for input validation.

Good to see validation in place. We could enhance this by using panic_with_error!(e, Error::InvalidMetadata) instead of assert! so clients receive the documented error code. This follows Soroban SDK best practices and ensures proper contract error semantics instead of generic panic messages.

Proposed fix

-use soroban_sdk::Env;
+use soroban_sdk::{panic_with_error, Env};

+use crate::errors::Error;
 use crate::events::MetadataSetEventData;
 use crate::types::{NFTMetadata, StorageKey};

 /// Validates that the metadata fields meet minimum requirements.
 /// Panics if validation fails.
-fn require_valid_metadata(metadata: &NFTMetadata) {
-    assert!(metadata.name.len() > 0, "name cannot be empty");
-    assert!(metadata.image_uri.len() > 0, "image_uri cannot be empty");
+fn require_valid_metadata(e: &Env, metadata: &NFTMetadata) {
+    if metadata.name.is_empty() || metadata.image_uri.is_empty() {
+        panic_with_error!(e, Error::InvalidMetadata);
+    }
 }
@@
 pub fn set_metadata(e: &Env, token_id: u32, metadata: &NFTMetadata) {
-    require_valid_metadata(metadata);
+    require_valid_metadata(e, metadata);
     let key = StorageKey::TokenMetadata(token_id);

🤖 Prompt for AI Agents

In `@apps/contract/contracts/nft-kindfi/src/metadata.rs` around lines 1 - 22,
Replace the assert!-based validation with Soroban typed errors: change
require_valid_metadata signature to accept the Env (fn require_valid_metadata(e:
&Env, metadata: &NFTMetadata)) and replace both assert! checks with
panic_with_error!(e, Error::InvalidMetadata) when name or image_uri are empty;
update the set_metadata call to pass e into require_valid_metadata(e, metadata).
Ensure the Error enum contains InvalidMetadata (use Error::InvalidMetadata) so
the contract returns a typed error code to clients.

[coderabbitai]

⚠️ Potential issue | 🟡 Minor

🧩 Analysis chain

🏁 Script executed:

find . -type f -name "test.rs" | head -20

Repository: kindfi-org/kindfi

Length of output: 357

---

🏁 Script executed:

fd -t f "test.rs" apps/contract/contracts/reputation

Repository: kindfi-org/kindfi

Length of output: 107

---

🏁 Script executed:

wc -l apps/contract/contracts/reputation/src/test.rs

Repository: kindfi-org/kindfi

Length of output: 111

---

🏁 Script executed:

cat -n apps/contract/contracts/reputation/src/test.rs | head -100

Repository: kindfi-org/kindfi

Length of output: 3614

---

🏁 Script executed:

rg "new_with_nft" apps/contract/contracts/reputation/src/test.rs

Repository: kindfi-org/kindfi

Length of output: 168

---

🏁 Script executed:

rg "new_with_nft" apps/contract/contracts/reputation/

Repository: kindfi-org/kindfi

Length of output: 262

---

🌐 Web query:

Soroban SDK Env Address cross-environment test usage

💡 Result:

In soroban-sdk, an Address is bound to the Env it was created in, so you generally can’t reuse the same Address value across two different Env::default() test environments (you’ll hit env/object mismatches).

What to do instead (cross-Env / cross-environment tests):

1. Create addresses inside each env (normal unit tests):

   • In tests, addresses are meant to be created with Address::generate(&env). [1]

2. If you must move an address between envs, serialize + rehydrate via StrKey (special case):

   • Convert in env A: let s = addr_a.to_string(); [1]
   • Recreate in env B: let addr_b = Address::from_str(&env_b, s.as_str()); [1]
   • This “string bridge” is explicitly intended only for special cases where addresses need to be shared between different environments (e.g., different chains). [1]

Minimal example:

use soroban_sdk::{Address, Env};

#[test]
fn cross_env_address() {
    let env_a = Env::default();
    let a = Address::generate(&env_a);

    let strkey = a.to_string(); // bridge format

    let env_b = Env::default();
    let b = Address::from_str(&env_b, strkey.as_str()); // new Address in env_b

    assert_eq!(b.to_string(), strkey);
}

Rule of thumb: keep Address values within a single Env; if you need to “share” between envs, share the StrKey string and reconstruct. [1]

Sources

1. soroban_sdk::Address docs (methods + guidance on tests and cross-environment sharing). [1]

---

🌐 Web query:

Soroban testutils Address generation different Env instances

💡 Result:

In Soroban tests, Address::generate(&env) is not globally unique across different Env instances. Each Env owns its own host/PRNG, and in local tests “the base PRNG of each host is seeded to zero when the host is constructed”, so PRNG-derived outputs are deterministic per-host (and thus can repeat across separate Env::default() instances that perform the same sequence of operations). [1]

Also, Address values are Env-hosted; you generally shouldn’t “move” an Address created in one Env into another. If you truly need to share an address across environments, convert it to a Stellar strkey and re-create it in the other Env using Address::from_str(...) (or from_string*). The Soroban docs explicitly call this out as a special-case for “sharing between different environments (e.g. different chains)”. [2]

Practical fixes

• Use one Env per test (or per fixture) and generate all addresses from that env.
• If you must pass an address between envs: let s = addr.to_string(); then let addr2 = Address::from_str(&env2, s.as_str()); [2]

Sources: [1] [2]

---

Align NFT contract Address with the same Env instance.

In Soroban, Address values are bound to the Env they're created in. The current implementation creates nft_contract in one Env (line 74) but uses it in a different Env::default() inside new_with_nft (line 30), which can cause env/object mismatches. Consider passing the Env to the function to keep both the address and environment from the same source:

🔧 Proposed fix to keep `Address` and `Env` aligned

-    fn new_with_nft(nft_contract: &Address) -> Self {
-        let env = Env::default();
-        env.mock_all_auths();
-
-        let admin = Address::generate(&env);
-
-        let contract_id = env.register(Reputation, (&admin, Some(nft_contract.clone())));
-        let client = ReputationClient::new(&env, &contract_id);
-
-        TestEnv { env, admin, client }
-    }
+    fn new_with_nft(env: Env, nft_contract: Address) -> Self {
+        env.mock_all_auths();
+
+        let admin = Address::generate(&env);
+
+        let contract_id = env.register(Reputation, (&admin, Some(nft_contract)));
+        let client = ReputationClient::new(&env, &contract_id);
+
+        TestEnv { env, admin, client }
+    }

-    let env = Env::default();
-    env.mock_all_auths();
-
-    let nft_contract = Address::generate(&env);
-    let _test = TestEnv::new_with_nft(&nft_contract);
+    let env = Env::default();
+    let nft_contract = Address::generate(&env);
+    let _test = TestEnv::new_with_nft(env, nft_contract);

📝 Committable suggestion

‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.

Suggested change

	fn new_with_nft(nft_contract: &Address) -> Self {
	let env = Env::default();
	env.mock_all_auths();
	let admin = Address::generate(&env);
	let contract_id = env.register(Reputation, (&admin, Some(nft_contract.clone())));
	let client = ReputationClient::new(&env, &contract_id);
	TestEnv { env, admin, client }
	fn new_with_nft(env: Env, nft_contract: Address) -> Self {
	env.mock_all_auths();
	let admin = Address::generate(&env);
	let contract_id = env.register(Reputation, (&admin, Some(nft_contract)));
	let client = ReputationClient::new(&env, &contract_id);
	TestEnv { env, admin, client }
	}

🤖 Prompt for AI Agents

In `@apps/contract/contracts/reputation/src/test.rs` around lines 29 - 38, The
TestEnv::new_with_nft helper creates a fresh Env (Env::default()) while
accepting an nft_contract Address created in another Env, causing Env/address
mismatch; change new_with_nft to accept a reference to the Env (e.g.,
new_with_nft(env: &Env, nft_contract: &Address)) or otherwise reuse the caller's
Env so the nft_contract and the Reputation client are created against the same
Env, update uses of Env::default() and Address::generate calls inside
new_with_nft to use the provided env, and ensure TestEnv construction (env,
admin, client) uses that same env instance.

[coderabbitai]

🧹 Nitpick | 🔵 Trivial

Consider pinning the toolchain version and confirming the target.
Nice to see a dedicated toolchain file. We could enhance reproducibility by pinning a specific Rust version, and please verify that wasm32v1-none is the intended build target for your Soroban toolchain in CI.

🤖 Prompt for AI Agents

In `@apps/contract/rust-toolchain.toml` around lines 1 - 4, The toolchain file
currently uses a floating channel ("stable") and an unusual target
("wasm32v1-none"); update the [toolchain] entry so the channel is pinned to a
specific Rust version (e.g., a concrete semver like 1.xx.yy) instead of
"stable", and verify/replace the targets value to the intended Soroban target
(confirm if "wasm32v1-none" should be "wasm32-unknown-unknown" or another
Soroban-supported target) so CI builds reproducibly; adjust the components list
only if Soroban requires different components, run CI locally or in a branch to
confirm the pinned version and target work, and then commit the modified
rust-toolchain.toml.

[Bran18]

Nice job with the test, all of them are running and proving the contracts are strongly build. LGTM

[Bran18]

@coderabbitai create a new issue to improve the operability with the 0050 standard

[coderabbitai]

Tip

For best results, initiate chat on the files or code changes.

🧩 Analysis chain

🏁 Script executed:

#!/bin/bash
# Get the repository owner and name
REPO_INFO=$(gh repo view --json nameWithOwner -q .nameWithOwner)
echo "Repository: $REPO_INFO"

# Get the PR URL
PR_URL="https://github.com/kindfi-org/kindfi/pull/774"
echo "PR URL: $PR_URL"

Length of output: 83

---

🌐 Web query:

Stellar SEP-0050 NFT standard Soroban

💡 Result:

SEP-0050 (often written “SEP-50”) is Stellar’s standard interface for Non-Fungible Tokens (NFTs) implemented as Soroban smart contracts, meant to make NFTs interoperable across wallets, marketplaces, and other contracts (similar in spirit to Ethereum’s ERC-721). [1]

Key points:

• It’s a Soroban contract standard (not a Classic/Stellar-Asset feature): ownership, transfers, approvals, and metadata live in Soroban contract logic, with a standardized interface so ecosystem tools can integrate consistently. [1]
• OpenZeppelin is a primary reference implementation: OpenZeppelin’s Stellar contracts include a NonFungibleToken module that is SEP-50 compliant, plus common extensions like burnable, enumerable, consecutive/batch minting, and royalties. [2]
• Ecosystem adoption examples: Stellar has highlighted SEP-50 as “Stellar’s new NFT standard” used in real deployments (e.g., Meridian 2025 + Freighter support), and projects like SorobanDomains cite SEP-0050 as the emerging NFT standard in late 2025. [3] [4]

Where to start building: Stellar’s docs point developers to OpenZeppelin-based example NFT contracts on Soroban that implement the standard interface. [5]

Sources:
[1] Stellar Docs – SEPs list (includes SEP-0050: Non-Fungible Tokens) (developers.stellar.org)
[2] OpenZeppelin Stellar Contracts – Non-Fungible Token (SEP-50 compliant module + extensions) (docs.openzeppelin.com)
[3] Stellar blog – Meridian 2025 NFTs using SEP-50; Freighter SEP-50 support (stellar.org)
[4] SorobanDomains blog – notes SEP-0050 proposed by OpenZeppelin (sorobandomains.org)
[5] Stellar Dev Docs – Non-fungible token example using OpenZeppelin (developers.stellar.org)

Citations:

• 1: https://developers.stellar.org/docs/learn/fundamentals/stellar-ecosystem-proposals
• 2: https://docs.openzeppelin.com/stellar-contracts/0.4.0/tokens/non-fungible/non-fungible
• 3: https://stellar.org/blog/ecosystem/art-smart-contracts-nfts-at-meridian-2025?utm_source=openai
• 4: https://sorobandomains.org/blog/?utm_source=openai
• 5: https://developers.stellar.org/docs/build/smart-contracts/example-contracts/non-fungible-token?utm_source=openai

---

🏁 Script executed:

#!/bin/bash

# Create GitHub issue for SEP-0050 compliance improvements
gh issue create \
  --repo kindfi-org/kindfi \
  --title "Improve NFT Contract Operability with SEP-0050 Standard" \
  --body "## Context

SEP-0050 is Stellar's standard interface for Non-Fungible Tokens (NFTs) implemented as Soroban smart contracts, designed to ensure interoperability across wallets, marketplaces, and other contracts (similar to Ethereum's ERC-721).

## Current State

The KindFi NFT contract (\`apps/contract/contracts/nft-kindfi/\`) currently uses OpenZeppelin's Stellar contracts (stellar-tokens v0.6.0) which provides a NonFungibleToken module that is SEP-50 compliant.

## Objective

Improve the NFT contract's operability and full compliance with the SEP-0050 standard to ensure maximum compatibility with the Stellar ecosystem, including:

- Verify complete interface compliance with SEP-0050 specification
- Implement any missing optional features that enhance interoperability
- Ensure metadata format aligns with ecosystem expectations
- Add enumeration capabilities if needed for better discoverability
- Document SEP-0050 compliance clearly in contract documentation

## Resources

- [SEP-0050 Specification](https://developers.stellar.org/docs/learn/fundamentals/stellar-ecosystem-proposals)
- [OpenZeppelin Stellar Contracts - Non-Fungible Token](https://docs.openzeppelin.com/stellar-contracts/0.4.0/tokens/non-fungible/non-fungible)
- [Stellar NFT Example Contract](https://developers.stellar.org/docs/build/smart-contracts/example-contracts/non-fungible-token)

## Related

- PR `#774`: https://github.com/kindfi-org/kindfi/pull/774
- Requested by `@Bran18` in: https://github.com/kindfi-org/kindfi/pull/774#discussion_r

## Acceptance Criteria

- [ ] Review current implementation against SEP-0050 specification
- [ ] Identify and document any gaps or missing optional features
- [ ] Implement required improvements for full standard compliance
- [ ] Update contract documentation to clearly indicate SEP-0050 compliance
- [ ] Add tests to verify standard compliance" \
  --assignee Bran18 \
  --label enhancement

echo "Issue created successfully"

Length of output: 74

---

@Bran18, I've created issue #776 to track improvements for SEP-0050 standard compliance.

SEP-0050 is Stellar's standard interface for NFTs on Soroban smart contracts, designed to ensure interoperability across wallets, marketplaces, and other ecosystem tools (similar to Ethereum's ERC-721). OpenZeppelin provides a SEP-50 compliant NonFungibleToken module which your contract already uses via stellar-tokens v0.6.0.

The issue outlines objectives for verifying full compliance, implementing any missing optional features, ensuring metadata format alignment, and documenting SEP-0050 compliance clearly. I've included relevant resources from the Stellar documentation and OpenZeppelin to help guide the implementation.

Issue: #776

---

🧠 Learnings used

Learnt from: Bran18
Repo: kindfi-org/kindfi PR: 0
File: :0-0
Timestamp: 2025-02-12T22:34:18.818Z
Learning: The NFT contract implementation in Rust should include:
1. Admin-only access control for minting operations
2. Ownership verification for token transfers
3. Balance tracking per address
4. Custom error handling for unauthorized access and invalid transfers
File structure: src/contracts/nft.rs for implementation and src/contracts/tests/nft_test.rs for tests

---

Learnt from: Bran18
Repo: kindfi-org/kindfi PR: 0
File: :0-0
Timestamp: 2025-02-12T22:34:18.818Z
Learning: The KindFi NFT contract should be implemented in Rust using Soroban SDK with:
1. Contract structure in src/contracts/ directory
2. Separate files for contract (nft.rs) and tests (tests/nft_test.rs)
3. Custom error handling for access control and ownership verification
4. Complete test coverage for all scenarios including error cases

---

Learnt from: AndlerRL
Repo: kindfi-org/kindfi PR: 120
File: apps/contract/contracts/auth-contracts/contracts/account/src/test.rs:7-21
Timestamp: 2025-02-03T19:57:52.524Z
Learning: Test implementation for the Auth Contract will be handled separately from the contract creation PR to maintain focus on core functionality first.