Skip to content

feat(#58): add rate limiting to verify_and_register#187

Open
Peolite001 wants to merge 8 commits into
Bitcoindefi:mainfrom
Peolite001:feat/58-rate-limit-verify-credential
Open

feat(#58): add rate limiting to verify_and_register#187
Peolite001 wants to merge 8 commits into
Bitcoindefi:mainfrom
Peolite001:feat/58-rate-limit-verify-credential

Conversation

@Peolite001

@Peolite001 Peolite001 commented Jun 30, 2026

Copy link
Copy Markdown
Contributor

Summary

Adds ledger-based rate limiting to the verify_and_register contract entry point. Each caller address is tracked with a 10-ledger rolling window (~1 minute). Exceeding 10 calls returns the new RateLimitExceeded error. Admin can adjust the limit via set_rate_limit. The off-chain SDK wrapper surfaces this as a typed RateLimitError with retryAfterLedgers.

Checklist

  • Security: No private keys or sensitive data exposed. ZK circuit logic remains sound.
  • Tests: New/modified logic is covered by tests (cargo test passes).
  • Scope: Changes are within the scope of the issue/feature.
  • Documentation: Updated README or other docs if necessary.

Related Issues

Closes #58

- Track call count per caller per 10-ledger window via DataKey::RateLimit(Address)
- Add RateLimitExceeded error variant
- Add set_rate_limit admin setter
- Reject 11th call within window; counter auto-resets after 10 ledgers
- SDK: expose RateLimitError with retryAfterLedgers
- Soroban test covering rate limit path
@Peolite001 Peolite001 requested a review from leocagli as a code owner June 30, 2026 23:56
Add RateLimitError class and enhance error handling
Removed introductory comments and restructured exports.
Added detailed documentation for the PassportClient class and its methods, including verifyCredential, verifyBatch, and isRevoked.
Added documentation header for the Agent Passport client.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

Add rate limiting to verify_credential endpoint (max 10 req/min per caller)

1 participant