feat: add trust-based ERC-8183 evaluator example

[JhiNResH]

Summary

Adds a trust-based evaluator for ERC-8183 Agentic Commerce as an alternative to the UMA optimistic oracle. Uses on-chain trust scores for instant (~1 block) evaluation instead of the 30-minute liveness period.

Motivation

The current APEXEvaluator uses UMA's optimistic oracle, which provides strong cryptoeconomic guarantees but requires a 30-minute liveness period (and potentially 48-72h for disputes). For agents with established on-chain reputation, this delay is unnecessary.

A trust-based evaluator offers a complementary approach:

Approach	Evaluation Time	Best For
UMA (APEXEvaluator)	30 min + disputes	High-value jobs, unknown agents
TrustEvaluator	~1 block	Known agents, frequent small jobs

What's Included

• examples/trust-evaluator/contracts/src/TrustEvaluator.sol — Evaluator contract
• examples/trust-evaluator/contracts/test/TrustEvaluator.t.sol — Foundry test suite
• examples/trust-evaluator/README.md — Documentation + usage guide

Security Features

All based on patterns identified in issues #13 and #14:

1. Caller restriction (opt-in) — Prevents grief and front-running attacks on evaluate()
2. Job contract whitelist (opt-in) — Prevents attackers deploying fake ERC-8183 contracts with forged getJob() data
3. threatThreshold cannot be 0 — Prevents silent disabling of the threat system
4. CEI pattern — Events emitted before external complete()/reject() calls
5. Double-evaluation prevention — Each (jobContract, jobId) pair can only be evaluated once
6. ReentrancyGuard — Prevents reentrancy through hook callbacks

Testing

cd examples/trust-evaluator/contracts
forge install
forge test -vv

Compatibility

• Compatible with ERC-8183 complete() and reject() function signatures
• Works as a drop-in evaluator — agents set the TrustEvaluator address when creating jobs
• Does not conflict with UMA — agents can choose per-job which evaluator to use

[hashdit-bot]

Pull Request Review

This PR adds a new Solidity/Foundry example project implementing a trust-based ERC-8183 evaluator (TrustEvaluator) as a faster alternative to UMA-based evaluation, along with documentation and a comprehensive Foundry test suite. The contract introduces configurable trust-threshold logic, threat reporting, optional caller/job-contract restrictions, and single-evaluation tracking per (jobContract, jobId). Overall, the changes are focused on an example web3 smart contract flow and include security-oriented design patterns (CEI, nonReentrant, access-controlled admin functions).

Sensitive Content

No sensitive content detected.

Security Issues

No serious security issues detected.

---

Generated by Hashdit Bot. This tool can absolutely NOT replace manual audits.

[douglasborthwick-crypto]

@JhiNResH — same ITrustOracle pattern from hook-contracts #6, now on BNB APEX. The InsumerTrustOracle we posted there maps directly to this UserReputation struct too.

Our /v1/trust endpoint returns a signed profile across 36 checks (stablecoins, governance, NFTs, staking — up to 39 with Solana and XRPL), with a summary containing totalPassed and totalChecks. An oracle-relay contract can:

1. Accept the ECDSA-signed trust profile (ES256 / P-256, kid: "insumer-attest-v1")
2. Verify the signature on-chain (via RIP-7212 P-256 precompile where available, or an ecrecover wrapper)
3. Map (totalPassed / totalChecks) * 100 → reputationScore, totalChecks → totalReviews
4. Store as UserReputation for the TrustEvaluator to read

This gives agents a cold-start reputation signal from their wallet holdings — before they have any job history. An agent with stablecoins across multiple chains, governance tokens, and staked positions scores higher than an empty wallet — reasonable proxy for economic skin in the game.

The signature is verifiable via JWKS at https://api.insumermodel.com/v1/jwks — 32 chains, boolean per condition (not raw balances).

Happy to adapt the InsumerTrustOracle.sol (12 passing Foundry tests) for the BNB APEX UserReputation struct once #6 merges on hook-contracts.