Implement comprehensive access logging for security auditing

[Just-Bamford]

Summary

Implements a dedicated AccessLogger module providing a unified, tamper-evident audit trail for all significant contract invocations across the TeachLink smart contract workspace.

Problem

Access logging is currently insufficient for security auditing. Individual modules emit domain-specific events but there is no unified mechanism to:

• Record all access attempts with caller identity
• Distinguish successful operations from failures with error codes
• Capture temporal patterns for anomaly detection
• Support structured audit queries for compliance reporting

Changes

New Module: access_logger.rs

• AccessLogger::log_access — records every access attempt with caller, operation tag, outcome, and timestamp into persistent storage
• AccessLogger::get_log_entry — retrieves a single log entry by ID
• AccessLogger::get_total_log_count — returns total entries ever recorded
• AccessLogger::query_logs — conjunctive filter queries (caller, operation, outcome, time range) with most-recent-first ordering
• AccessLogger::get_temporal_pattern — returns per-address call count for a given hourly window

New Types (types.rs)

• AccessOutcome enum — Success / Failure { error_code: u32 }
• AccessLogEntry struct — immutable record per access attempt
• AuditQuery struct — filter parameters for audit queries

New Storage Keys (storage.rs)

• LOG_COUNTER (persistent) — monotonically increasing entry ID
• ACCESS_LOGS (persistent) — all log entries, survives TTL expiry
• ACCESS_TEMPORAL (instance) — per-address hourly call counts

New Events (events.rs)

• AccessAttemptEvent — emitted for every recorded entry
• AccessLogFailedEvent — emitted when a log write itself fails

New Errors (errors.rs)

• AccessLogError — StorageWriteFailed, InvalidOperationTag, InvalidLimit

Acceptance Criteria

• Log all access attempts — persistent, monotonic entry IDs
• Track success/failure — AccessOutcome with error code preservation
• Record temporal patterns — hourly window buckets per address
• Enable audit analysis — conjunctive query filters, most-recent-first ordering

Audit Trail Guarantees

• Append-only: no delete or modify functions exposed
• Read-open: query functions require no authorization
• Persistent storage: entries survive ledger TTL expiry
• Off-chain observable: events emitted for every attempt

Base

rinafcode/teachLink_contract:main

this pr Closes #274

[drips-wave]

@Just-Bamford Great news! 🎉 Based on an automated assessment of this PR, the linked Wave issue(s) no longer count against your application limits.

You can now already apply to more issues while waiting for a review of this PR. Keep up the great work! 🚀

Learn more about application limits