Three new modules land in tests/ alongside the v0.1 pure-module
tests:
- test_store_protocol.py: InMemoryStore round-trips + Protocol
conformance. Covers create / get / update / list_by_status /
next_derivation_index / record_tx idempotency + defensive-copy
semantics.
- test_mint_metadata.py: mint_nft_cert end-to-end against a stubbed
ChainContext (no live Ogmios). Exercises the 2-of-2 native-script
policy shape, tx body construction, CIP-25 envelope CBOR
round-trip, and the oversize-asset-name guard.
- test_monitor_with_inmemory_store.py: monitor loop driven against
InMemoryStore with Koios + the oracle monkeypatched. Covers every
status transition the scheduler cares about (confirm, overpay,
underpay, stay-pending, record_tx, expiry skip) and the two
reprice code paths (successful reprice bumps expected_lovelace +
expires_at; max_repricings flips to EXPIRED).
All 42 tests pass on pycardano 0.16 with pytest-asyncio auto mode.
txbuild.py gets real: make_ogmios_context builds an
OgmiosChainContext pointed at 127.0.0.1:1337 by default (matches the
Rackham stack), get_protocol_parameters peeks at live params,
get_address_utxos powers the eventual refund path, submit_signed_tx
ships a cold-signed blob to the chain.
mint.py's mint_nft_cert now constructs the real tx body:
- mints exactly 1 of {policy_id}.{asset_name}
- sends it to recipient_address in its own UTxO padded with min-ADA
- attaches CIP-25 v2 metadata + the native script as aux data
- clamps TTL to policy.locked_after_slot when the policy is time-locked
Does NOT sign — matches the ADAMaps cold-signing pattern. Returns an
UnsignedMint bundle carrying body CBOR, aux CBOR, native-script CBOR,
required-signer hashes, and a human-readable summary. Operator moves
the bundle to the cold host (Lucy in Sulkta's pattern — 2-of-2
native-script under Cobb + Kayos skeys), signs offline, ships the
signed CBOR back. submit_signed_tx finishes the round-trip.
Rewrite monitor.py so it operates entirely through the
cardano_checkout.store.InvoiceStore Protocol — no more SQLAlchemy
imports, no more CardanoPayment / PlatformConfig coupling. Same
behavioural shape: same Koios URL, same 15s check cadence, same 2%
confirm / overpay tolerances, same 3-reprice cap.
Rewrite scheduler.py as a reusable InvoiceScheduler dataclass that
wires two APScheduler jobs (check_pending every 15s, reprice_expired
every 60s) against a consumer-supplied store. The subscription +
grace-period jobs are TradeCraft-specific and get lifted into
tradecraft_compat.py verbatim so TradeCraft can still import them
during the migration window without any code change.
Add InMemoryStore reference implementation to store.py — used by the
test suite and handy for local dev / ephemeral workflows.
Bump version to 0.2.0-dev.
pycardano >=0.11 doesn't ship HDPublicKey — the v0.1 extraction
imported a symbol that never existed in the installed version, which
meant every address-derivation test failed at import time.
Use HDWallet rooted at the account level with public-only fields set,
then soft-derive receive chain (0) and staking chain (2). Hash the
resulting verification keys through PaymentVerificationKey /
StakeVerificationKey to compose the Shelley base address.
Refresh the test-vector xpub with a real, deterministic CIP-1852
account xpub derived from the well-known "test ... junk" mnemonic so
validate_xpub + derive_address actually exercise the BIP32 math.
Drop the "random hex should be rejected" assertion — BIP32-ED25519
soft derivation doesn't enforce that the 32-byte pubkey half is a
point on the curve, so arbitrary well-shaped hex is accepted by the
underlying crypto.
