[BE-W3A-119] Web3 Signature Security and Auditing - Step 119

[soomtochukwu]

Configure Mock Wallet Signature Verification for Dev Sandbox

• Category: Backend: Web3 Auth & Stellar Signatures
• Task ID: BE-W3A-119

Description

This issue is dedicated to the technical design, implementation, and rigorous auditing of 'Configure Mock Wallet Signature Verification for Dev Sandbox' inside the Lance marketplace ecosystem, specifically focusing on the Backend: Web3 Auth & Stellar Signatures component. This involves managing complex user wallet session states, auto-reconnection events, and clean state recovery hooks. You must ensure that connection events gracefully propagate to all dependent UI components, and handle session timeouts, lock states, or signature rejections without breaking the interface. Ensure that your implementation strictly adheres to the project's architectural guidelines, features self-documenting code with comprehensive inline annotations, and provides solid verification proofs. Any modifications to state variables must undergo strict validation before commits.

Requirements

• Implement signature validation and session routing inside backend/src/routes/auth.rs for Configure Mock Wallet Signature Verification for Dev Sandbox.
• Decode and validate Stellar public addresses securely, checking checksum bytes using dynamic decoders.
• Integrate Redis client helpers or secure cookies parameters inside the Axum route state.
• Write comprehensive test mockups to verify signature validations and challenge timelines.

Acceptance Criteria

• Login succeeds with Freighter wallet signatures that conform to SEP-53 standard.
• Incorrect signatures or expired challenges are rejected with a strict 401 Unauthorized status.
• Redis blacklist lookups execute within 1ms and effectively block revoked sessions.

[broda-spendy]

@broda-spendy has applied to work on this issue as part of the Stellar Wave Program's 5th wave.

Hi, I am a software developer and I would love to fix this issue.

ℹ️ Repo Maintainers: To accept this application, review their application or assign @broda-spendy to this issue.

[somotochukwu-dev]

@somotochukwu-dev has applied to work on this issue as part of the Stellar Wave Program's 5th wave.

Please I would like to work on this issue
Thanks

ℹ️ Repo Maintainers: To accept this application, review their application or assign @somotochukwu-dev to this issue.

[Jayy4rl]

@Jayy4rl has applied to work on this issue as part of the Stellar Wave Program's 5th wave.

I would like to work on this please assign

ℹ️ Repo Maintainers: To accept this application, review their application or assign @Jayy4rl to this issue.

[drips-wave]

Congratulations, @Jayy4rl! 🎉 Your application was accepted by the repo's maintainers, and the issue is due on June 2, 2026.

🧑‍💻 @Jayy4rl: Please resolve the issue such that the repo's maintainers have enough time to review your contribution before the due date. You'll earn Points for completing the issue on-time, which will make you eligible for a share of the Stellar Wave Program's reward pool.

Warning

When opening a PR, please link it to this issue to ensure it gets tracked accurately. Points are awarded when this issue is marked as completed by the maintainer.

🤠 Repo maintainers: Please keep an eye on the contributor's progress and review their work before the due date. You can manage this issue, including adjusting its complexity and points, here.

🌊 Happy Wave 🌊

[drips-wave]

This issue has been completed by @Jayy4rl as part of the Stellar Wave Program's 5th Wave 🥳

😎 @Jayy4rl: You earned 200 Points for completing this issue! After the current Wave ends, you'll be eligible for a percentage of the Wave's reward pool based on the percentage of total points you've earned. Learn more here. You can also Leave a review to share your experience working on this issue.

🧑‍💻 Repo maintainers: How'd the contributor do? Leave a review to share your experience working with them.