Refactor code structure for improved readability and maintainability

[Stanley-Owoh]

SC-REP-049: Dynamic Rating Decay Parameters (Lambda Tuning)

Summary

Introduces configurable decay multipliers (slash_decay_bps, blacklist_decay_bps) for the reputation contract, completing the lambda-tuning scope for dynamic reputation scoring. Replaces hardcoded decay constants with admin-settable storage-backed parameters, validated within a safe BPS range. Also includes badge metadata mapping (SC-REP-052) and automated badge minting (SC-REP-048) on the same contract surface.

Files Changed

File	Change
contracts/reputation/src/lib.rs	Dynamic decay endpoints (set_slash_decay, set_blacklist_decay), submit_rating auth hardening, blacklist flow with decay, badge reflection, profile metadata, upgrade guard
contracts/reputation/src/storage.rs	Persistent Profile read/write with TTL management; safe default initialization
contracts/reputation/src/profile.rs	BadgeLevel / BadgeTier enums, RoleMetrics, ReviewAggregate, Profile struct with refresh_badges()

Key Features

• Lambda Tuning — Admin reconfigures slash (default 80%) and blacklist (default 10%) decay as basis points without redeployment
• Decay Validation — BPS clamped to [1_000, 10_000]; invalid values panic with InvalidInput
• Fixed-Point Arithmetic — Score operations use i128 checked math with SCORE_SCALE = 10_000 BPS precision
• Badge Auto-Refreshing — Badge level recomputed on every score mutation; exposed via get_badge and get_public_metrics
• Profile Blacklisting — Freezes scores to decayed values, sets badge_level = 0, blocks further reviews
• Authorized-Contract Gate — update_score / slash / blacklist_profile require an explicitly registered caller contract
• Event Emission — DecayParameterUpdated, ScoreAdjusted, ReputationUpdated, BlacklistUpdated, AuthorizedContractUpdated, ContractUpgraded
• Self-Service Metadata — Users may set their own metadata_hash via update_profile_metadata with require_auth

Badge Thresholds

Level	Score (BPS)	Numeric
None	< 4,000	0
Bronze	≥ 4,000	1
Silver	≥ 6,000	2
Gold	≥ 8,000	3
Platinum	≥ 9,500	4

Security Hardening

• Authorized-contract gate enforced on update_score, slash, blacklist_profile
• submit_rating validates caller is job participant; non-participants rejected
• Duplicate review prevention via persistent Reviewed(job_id, caller) key
• Blacklisted profiles block all further score mutations
• Decay parameters bounded to [1_000, 10_000] BPS
• upgrade requires admin auth with double-check pattern
• Profile metadata requires address.require_auth() — only owner may write
• initialize panics if Admin key already exists — prevents re-init attack
• Fixed-point score clamped to [0, 10_000] — prevents overflow manipulation

Testing (21 tests, all passing)

Run: cargo test -p reputation

Test	What It Covers
test_empty_profile_reads_are_safe	Default values, no panics on missing profiles
test_authorized_contract_updates_score	Authorized adjuster delta + badge reflection
test_slash_uses_fixed_point_decay	80% decay applied correctly, badge downgrade
test_badge_upgrades_reflect_immediately	Platinum → Gold → Platinum transitions via getters
test_blacklist_clears_badges_and_sets_flag	Score decay to 1,000, badge_level = 0, flag set
test_get_public_metrics_rejects_unknown_role	Invalid role name panics
test_submit_rating_updates_paths	Both client/freelancer rating paths validated
test_direct_score_adjustment_requires_authorized_contract	Unauthorized update_score rejected
test_direct_reviews_from_unverified_keys_rejected	Non-participant submit_rating rejected
test_profile_metadata	Owner-only metadata write + read
test_badge_starts_at_bronze / _to_silver / _to_gold	Threshold boundary verification
test_slash_downgrades_badge	Two slashes: Gold → Silver → Bronze
test_set_and_get_badge_metadata (4 tests)	Badge metadata CRUD correctness
test_default_slash_decay_matches_constant	Default 80% decay verified
test_admin_can_update_slash_decay / _blacklist_decay	Admin reconfiguration
test_non_admin_cannot_set_slash_decay / _invalid_values_rejected	Auth + range enforcement
test_upgrade_requires_admin	Non-admin upgrade rejected

Reviewer Notes

1. Decay direction: apply_decay_bps multiplies score by decay_bps / SCORE_SCALE. Slash (8,000 BPS = 0.8×) decreases scores; for increases use update_score with a positive delta.
2. Blacklist double-decay: Both client and freelancer roles are decayed independently on blacklist.
3. TTL on reads: storage::read_profile extends TTL on every read — active profiles stay fresh; cold ones may need re-initialization.
4. Metadata linear scan: get_badge_metadata iterates over the Vec; bounded to 4 entries so effectively O(1).
5. Review key domain: Reviewed(job_id, caller) prevents per-caller duplicates but allows both client and freelancer to review each other for the same job.

Closes #403

[vercel]

@Stanley-Owoh is attempting to deploy a commit to the mAzI's projects Team on Vercel.

A member of the Team first needs to authorize it.

[drips-wave]

@Stanley-Owoh Great news! 🎉 Based on an automated assessment of this PR, the linked Wave issue(s) no longer count against your application limits.

You can now already apply to more issues while waiting for a review of this PR. Keep up the great work! 🚀

Learn more about application limits

[soomtochukwu]

• If you could fix the merge conflict(s) ASAP
• see that the CI checks pass