npm - @layerzerolabs/protocol-stellar-v2 - Versions diffs - 0.2.12 → 0.2.15 - Mend

@layerzerolabs/protocol-stellar-v2 0.2.12 → 0.2.15

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (319) hide show

package/contracts/endpoint-v2/src/tests/endpoint_v2/clear.rs CHANGED Viewed

@@ -1,18 +1,76 @@
+use soroban_sdk::{testutils::Address as _, Address, Bytes, BytesN};
+use utils::testing_utils::assert_event;
 use crate::{
+    errors::EndpointError,
     events::PacketDelivered,
-    storage,
+    tests::endpoint_setup::TestSetup,
     tests::{endpoint_setup::setup, mock::MockReceiver},
     util::{build_payload, keccak256},
     Origin,
 };
-use soroban_sdk::{
-    testutils::{MockAuth, MockAuthInvoke},
-    vec, Bytes, BytesN, IntoVal,
-};
-use utils::testing_utils::assert_event;
+fn build_payload_hash(env: &soroban_sdk::Env, guid: &BytesN<32>, message: &Bytes) -> BytesN<32> {
+    let payload = build_payload(env, guid, message);
+    keccak256(env, &payload)
+}
+fn verify_packet_with_auth(
+    context: &TestSetup,
+    receive_lib: &soroban_sdk::Address,
+    origin: &Origin,
+    receiver: &soroban_sdk::Address,
+    payload_hash: &BytesN<32>,
+) {
+    context.mock_auth(receive_lib, "verify", (receive_lib, origin, receiver, payload_hash));
+    context.endpoint_client.verify(receive_lib, origin, receiver, payload_hash);
+}
+fn clear_packet_with_auth(
+    context: &TestSetup,
+    caller: &soroban_sdk::Address,
+    origin: &Origin,
+    receiver: &soroban_sdk::Address,
+    guid: &BytesN<32>,
+    message: &Bytes,
+) {
+    context.mock_auth(caller, "clear", (caller, origin, receiver, guid, message));
+    context.endpoint_client.clear(caller, origin, receiver, guid, message);
+}
+fn try_clear_packet_with_auth(
+    context: &TestSetup,
+    caller: &soroban_sdk::Address,
+    origin: &Origin,
+    receiver: &soroban_sdk::Address,
+    guid: &BytesN<32>,
+    message: &Bytes,
+) -> Result<Result<(), soroban_sdk::ConversionError>, Result<soroban_sdk::Error, soroban_sdk::InvokeError>> {
+    context.mock_auth(caller, "clear", (caller, origin, receiver, guid, message));
+    context.endpoint_client.try_clear(caller, origin, receiver, guid, message)
+}
+fn arrange_verified_packet_with_auth(
+    context: &TestSetup,
+    src_eid: u32,
+    sender: &BytesN<32>,
+    receiver: &soroban_sdk::Address,
+    nonce: u64,
+    guid: &BytesN<32>,
+    message: &Bytes,
+) -> (soroban_sdk::Address, Origin, BytesN<32>) {
+    let receive_lib = context.setup_default_receive_lib(src_eid, 0);
+    let origin = Origin { src_eid, sender: sender.clone(), nonce };
+    let payload_hash = build_payload_hash(&context.env, guid, message);
+    verify_packet_with_auth(context, &receive_lib, &origin, receiver, &payload_hash);
+    (receive_lib, origin, payload_hash)
+}
+// Inbound payload hash storage / removal
 #[test]
-fn test_clear_success() {
+fn test_clear_removes_inbound_payload_hash() {
     let context = setup();
     let env = &context.env;
     let endpoint_client = &context.endpoint_client;
@@ -22,83 +80,48 @@ fn test_clear_success() {
     let receiver = env.register(MockReceiver, ());
     let nonce = 1u64;
-    // Setup receive library
-    let receive_lib = context.setup_mock_receive_lib(vec![env, src_eid]);
-    context.mock_owner_auth("register_library", (&receive_lib,));
-    endpoint_client.register_library(&receive_lib);
-    context.mock_owner_auth("set_default_receive_library", (&src_eid, &receive_lib, &0u64));
-    endpoint_client.set_default_receive_library(&src_eid, &receive_lib, &0);
-    // Create message and payload
     let message = Bytes::from_array(env, &[1, 2, 3, 4]);
     let guid = BytesN::from_array(env, &[5u8; 32]);
-    let payload = build_payload(env, &guid, &message);
-    let payload_hash = keccak256(env, &payload);
-    let origin = Origin { src_eid, sender: sender.clone(), nonce };
-    // First verify the packet
-    env.mock_auths(&[MockAuth {
-        address: &receive_lib,
-        invoke: &MockAuthInvoke {
-            contract: &endpoint_client.address,
-            fn_name: "verify",
-            args: (&receive_lib, &origin, &receiver, &payload_hash).into_val(env),
-            sub_invokes: &[],
-        },
-    }]);
-    endpoint_client.verify(&receive_lib, &origin, &receiver, &payload_hash);
+    let (_receive_lib, origin, payload_hash) =
+        arrange_verified_packet_with_auth(&context, src_eid, &sender, &receiver, nonce, &guid, &message);
     // Verify payload hash exists before clear
-    let hash_before_clear = env.as_contract(&endpoint_client.address, || {
-        storage::EndpointStorage::inbound_payload_hash(env, &receiver, src_eid, &sender, nonce)
-    });
+    let hash_before_clear = endpoint_client.inbound_payload_hash(&receiver, &src_eid, &sender, &nonce);
     assert_eq!(hash_before_clear, Some(payload_hash.clone()), "Payload hash should exist before clear");
-    // Verify initial lazy inbound nonce
-    let initial_lazy_nonce = env.as_contract(&endpoint_client.address, || {
-        storage::EndpointStorage::lazy_inbound_nonce(env, &receiver, src_eid, &sender)
-    });
-    assert_eq!(initial_lazy_nonce, 0, "Initial lazy inbound nonce should be 0");
     // Now clear the payload
-    env.mock_auths(&[MockAuth {
-        address: &receiver,
-        invoke: &MockAuthInvoke {
-            contract: &endpoint_client.address,
-            fn_name: "clear",
-            args: (&receiver, &origin, &receiver, &guid, &message).into_val(env),
-            sub_invokes: &[],
-        },
-    }]);
-    endpoint_client.clear(&receiver, &origin, &receiver, &guid, &message);
-    // Verify PacketDelivered event was published
-    assert_event(env, &endpoint_client.address, PacketDelivered { origin: origin.clone(), receiver: receiver.clone() });
+    clear_packet_with_auth(&context, &receiver, &origin, &receiver, &guid, &message);
     // Verify payload hash was removed via public interface
     let stored_hash = endpoint_client.inbound_payload_hash(&receiver, &src_eid, &sender, &nonce);
     assert_eq!(stored_hash, None);
+}
-    // Assert storage change directly - payload hash removed
-    let stored_hash_direct = env.as_contract(&endpoint_client.address, || {
-        storage::EndpointStorage::inbound_payload_hash(env, &receiver, src_eid, &sender, nonce)
-    });
-    assert_eq!(stored_hash_direct, None, "Storage should have payload hash removed");
+// Event emission
+#[test]
+fn test_clear_emits_packet_delivered_event() {
+    let context = setup();
+    let env = &context.env;
+    let endpoint_client = &context.endpoint_client;
-    // Verify lazy inbound nonce was updated via public interface
-    let lazy_nonce = endpoint_client.lazy_inbound_nonce(&receiver, &src_eid, &sender);
-    assert_eq!(lazy_nonce, nonce);
+    let src_eid = 2u32;
+    let sender = BytesN::from_array(env, &[1u8; 32]);
+    let receiver = env.register(MockReceiver, ());
+    let nonce = 1u64;
+    let message = Bytes::from_array(env, &[1, 2, 3, 4]);
+    let guid = BytesN::from_array(env, &[5u8; 32]);
+    let (_receive_lib, origin, _payload_hash) =
+        arrange_verified_packet_with_auth(&context, src_eid, &sender, &receiver, nonce, &guid, &message);
+    clear_packet_with_auth(&context, &receiver, &origin, &receiver, &guid, &message);
-    // Assert storage change directly - lazy inbound nonce updated
-    let stored_lazy_nonce = env.as_contract(&endpoint_client.address, || {
-        storage::EndpointStorage::lazy_inbound_nonce(env, &receiver, src_eid, &sender)
-    });
-    assert_eq!(stored_lazy_nonce, nonce, "Storage should contain updated lazy inbound nonce");
+    assert_event(env, &endpoint_client.address, PacketDelivered { origin: origin.clone(), receiver: receiver.clone() });
 }
+// Lazy inbound nonce updates
 #[test]
-fn test_clear_updates_lazy_nonce() {
+fn test_clear_updates_lazy_inbound_nonce() {
     let context = setup();
     let env = &context.env;
     let endpoint_client = &context.endpoint_client;
@@ -108,56 +131,25 @@ fn test_clear_updates_lazy_nonce() {
     let receiver = env.register(MockReceiver, ());
     let nonce = 1u64;
-    // Setup receive library
-    let receive_lib = context.setup_mock_receive_lib(vec![env, src_eid]);
-    context.mock_owner_auth("register_library", (&receive_lib,));
-    endpoint_client.register_library(&receive_lib);
-    context.mock_owner_auth("set_default_receive_library", (&src_eid, &receive_lib, &0u64));
-    endpoint_client.set_default_receive_library(&src_eid, &receive_lib, &0);
-    // Create message and payload
     let message = Bytes::from_array(env, &[1, 2, 3, 4]);
     let guid = BytesN::from_array(env, &[5u8; 32]);
-    let payload = build_payload(env, &guid, &message);
-    let payload_hash = keccak256(env, &payload);
+    let (_receive_lib, origin, _payload_hash) =
+        arrange_verified_packet_with_auth(&context, src_eid, &sender, &receiver, nonce, &guid, &message);
-    let origin = Origin { src_eid, sender: sender.clone(), nonce };
-    // First verify the packet
-    env.mock_auths(&[MockAuth {
-        address: &receive_lib,
-        invoke: &MockAuthInvoke {
-            contract: &endpoint_client.address,
-            fn_name: "verify",
-            args: (&receive_lib, &origin, &receiver, &payload_hash).into_val(env),
-            sub_invokes: &[],
-        },
-    }]);
-    endpoint_client.verify(&receive_lib, &origin, &receiver, &payload_hash);
-    // Check initial lazy nonce
+    // Verify initial lazy inbound nonce
     let initial_lazy_nonce = endpoint_client.lazy_inbound_nonce(&receiver, &src_eid, &sender);
-    assert_eq!(initial_lazy_nonce, 0);
-    // Clear the payload
-    env.mock_auths(&[MockAuth {
-        address: &receiver,
-        invoke: &MockAuthInvoke {
-            contract: &endpoint_client.address,
-            fn_name: "clear",
-            args: (&receiver, &origin, &receiver, &guid, &message).into_val(env),
-            sub_invokes: &[],
-        },
-    }]);
-    endpoint_client.clear(&receiver, &origin, &receiver, &guid, &message);
-    // Verify lazy inbound nonce was updated
+    assert_eq!(initial_lazy_nonce, 0, "Initial lazy inbound nonce should be 0");
+    clear_packet_with_auth(&context, &receiver, &origin, &receiver, &guid, &message);
+    // Verify lazy inbound nonce was updated via public interface
     let lazy_nonce = endpoint_client.lazy_inbound_nonce(&receiver, &src_eid, &sender);
     assert_eq!(lazy_nonce, nonce);
 }
+// Sequential nonce behavior
 #[test]
-fn test_clear_sequential_nonces() {
+fn test_clear_success_sequential_nonces_update_lazy_nonce_to_latest() {
     let context = setup();
     let env = &context.env;
     let endpoint_client = &context.endpoint_client;
@@ -167,71 +159,262 @@ fn test_clear_sequential_nonces() {
     let receiver = env.register(MockReceiver, ());
     // Setup receive library
-    let receive_lib = context.setup_mock_receive_lib(vec![env, src_eid]);
-    context.mock_owner_auth("register_library", (&receive_lib,));
-    endpoint_client.register_library(&receive_lib);
-    context.mock_owner_auth("set_default_receive_library", (&src_eid, &receive_lib, &0u64));
-    endpoint_client.set_default_receive_library(&src_eid, &receive_lib, &0);
+    let receive_lib = context.setup_default_receive_lib(src_eid, 0);
     // Verify and clear nonce 1
     let message1 = Bytes::from_array(env, &[1, 2, 3]);
     let guid1 = BytesN::from_array(env, &[1u8; 32]);
-    let payload1 = build_payload(env, &guid1, &message1);
-    let payload_hash1 = keccak256(env, &payload1);
+    let payload_hash1 = build_payload_hash(env, &guid1, &message1);
     let origin1 = Origin { src_eid, sender: sender.clone(), nonce: 1 };
-    env.mock_auths(&[MockAuth {
-        address: &receive_lib,
-        invoke: &MockAuthInvoke {
-            contract: &endpoint_client.address,
-            fn_name: "verify",
-            args: (&receive_lib, &origin1, &receiver, &payload_hash1).into_val(env),
-            sub_invokes: &[],
-        },
-    }]);
-    endpoint_client.verify(&receive_lib, &origin1, &receiver, &payload_hash1);
-    env.mock_auths(&[MockAuth {
-        address: &receiver,
-        invoke: &MockAuthInvoke {
-            contract: &endpoint_client.address,
-            fn_name: "clear",
-            args: (&receiver, &origin1, &receiver, &guid1, &message1).into_val(env),
-            sub_invokes: &[],
-        },
-    }]);
-    endpoint_client.clear(&receiver, &origin1, &receiver, &guid1, &message1);
+    verify_packet_with_auth(&context, &receive_lib, &origin1, &receiver, &payload_hash1);
+    clear_packet_with_auth(&context, &receiver, &origin1, &receiver, &guid1, &message1);
     // Verify and clear nonce 2
     let message2 = Bytes::from_array(env, &[4, 5, 6]);
     let guid2 = BytesN::from_array(env, &[2u8; 32]);
-    let payload2 = build_payload(env, &guid2, &message2);
-    let payload_hash2 = keccak256(env, &payload2);
+    let payload_hash2 = build_payload_hash(env, &guid2, &message2);
     let origin2 = Origin { src_eid, sender: sender.clone(), nonce: 2 };
-    env.mock_auths(&[MockAuth {
-        address: &receive_lib,
-        invoke: &MockAuthInvoke {
-            contract: &endpoint_client.address,
-            fn_name: "verify",
-            args: (&receive_lib, &origin2, &receiver, &payload_hash2).into_val(env),
-            sub_invokes: &[],
-        },
-    }]);
-    endpoint_client.verify(&receive_lib, &origin2, &receiver, &payload_hash2);
-    env.mock_auths(&[MockAuth {
-        address: &receiver,
-        invoke: &MockAuthInvoke {
-            contract: &endpoint_client.address,
-            fn_name: "clear",
-            args: (&receiver, &origin2, &receiver, &guid2, &message2).into_val(env),
-            sub_invokes: &[],
-        },
-    }]);
-    endpoint_client.clear(&receiver, &origin2, &receiver, &guid2, &message2);
+    verify_packet_with_auth(&context, &receive_lib, &origin2, &receiver, &payload_hash2);
+    clear_packet_with_auth(&context, &receiver, &origin2, &receiver, &guid2, &message2);
     // Verify lazy inbound nonce was updated to 2
     let lazy_nonce = endpoint_client.lazy_inbound_nonce(&receiver, &src_eid, &sender);
     assert_eq!(lazy_nonce, 2);
 }
+// Authorization
+#[test]
+fn test_clear_failure_unauthorized_caller() {
+    let context = setup();
+    let env = &context.env;
+    let src_eid = 2u32;
+    let sender = BytesN::from_array(env, &[1u8; 32]);
+    // Use MockReceiver (not MockReceiverReject) so verification succeeds
+    let receiver = env.register(crate::tests::mock::MockReceiver, ());
+    let nonce = 1u64;
+    // Create message and payload
+    let message = Bytes::from_array(env, &[1, 2, 3, 4]);
+    let guid = BytesN::from_array(env, &[5u8; 32]);
+    let payload_hash = build_payload_hash(env, &guid, &message);
+    let origin = Origin { src_eid, sender: sender.clone(), nonce };
+    // Setup receive library
+    let receive_lib = context.setup_default_receive_lib(src_eid, 0);
+    // First verify the packet successfully (so we have something to clear)
+    verify_packet_with_auth(&context, &receive_lib, &origin, &receiver, &payload_hash);
+    // Now try to clear with unauthorized caller - caller is not receiver and not delegate
+    // require_oapp_auth checks caller == receiver || caller == delegate first, then calls require_auth
+    // Since caller != receiver and no delegate is set, it should fail with Unauthorized (21)
+    let unauthorized_caller = soroban_sdk::Address::generate(env);
+    let result = try_clear_packet_with_auth(&context, &unauthorized_caller, &origin, &receiver, &guid, &message);
+    assert_eq!(result.err().unwrap().ok().unwrap(), EndpointError::Unauthorized.into());
+}
+#[test]
+fn test_clear_failure_wrong_delegate() {
+    let context = setup();
+    let env = &context.env;
+    let endpoint_client = &context.endpoint_client;
+    let src_eid = 2u32;
+    let sender = BytesN::from_array(env, &[1u8; 32]);
+    // Use a regular Address for receiver to avoid requiring a receiver contract implementation.
+    // We initialize the path via `skip` so `verify` doesn't need to call `allow_initialize_path`.
+    let receiver = Address::generate(env);
+    let nonce = 2u64;
+    // Set a delegate for receiver.
+    let delegate = Address::generate(env);
+    let delegate_opt = Some(delegate);
+    context.set_delegate_with_auth(&receiver, &delegate_opt);
+    // Initialize path by skipping nonce 1.
+    context.mock_auth(&receiver, "skip", (&receiver, &receiver, &src_eid, &sender, &1u64));
+    endpoint_client.skip(&receiver, &receiver, &src_eid, &sender, &1u64);
+    // Create message and payload
+    let message = Bytes::from_array(env, &[1, 2, 3, 4]);
+    let guid = BytesN::from_array(env, &[5u8; 32]);
+    let payload_hash = build_payload_hash(env, &guid, &message);
+    let origin = Origin { src_eid, sender: sender.clone(), nonce };
+    // Setup receive library
+    let receive_lib = context.setup_default_receive_lib(src_eid, 0);
+    // First verify the packet successfully (so we have something to clear)
+    verify_packet_with_auth(&context, &receive_lib, &origin, &receiver, &payload_hash);
+    // Now try to clear with wrong delegate - caller is not receiver and not the configured delegate.
+    let wrong_delegate = Address::generate(env);
+    let result = try_clear_packet_with_auth(&context, &wrong_delegate, &origin, &receiver, &guid, &message);
+    assert_eq!(result.err().unwrap().ok().unwrap(), EndpointError::Unauthorized.into());
+}
+#[test]
+fn test_clear_success_delegate_can_clear() {
+    let context = setup();
+    let env = &context.env;
+    let endpoint_client = &context.endpoint_client;
+    let src_eid = 2u32;
+    let sender = BytesN::from_array(env, &[1u8; 32]);
+    // Use a regular Address for receiver to avoid requiring a receiver contract implementation.
+    // We initialize the path via `skip` so `verify` doesn't need to call `allow_initialize_path`.
+    let receiver = Address::generate(env);
+    let delegate = Address::generate(env);
+    let nonce = 2u64;
+    let delegate_opt = Some(delegate.clone());
+    context.set_delegate_with_auth(&receiver, &delegate_opt);
+    // Initialize path by skipping nonce 1.
+    context.mock_auth(&receiver, "skip", (&receiver, &receiver, &src_eid, &sender, &1u64));
+    endpoint_client.skip(&receiver, &receiver, &src_eid, &sender, &1u64);
+    let message = Bytes::from_array(env, &[1, 2, 3, 4]);
+    let guid = BytesN::from_array(env, &[5u8; 32]);
+    let receive_lib = context.setup_default_receive_lib(src_eid, 0);
+    let origin = Origin { src_eid, sender: sender.clone(), nonce };
+    let payload_hash = build_payload_hash(env, &guid, &message);
+    verify_packet_with_auth(&context, &receive_lib, &origin, &receiver, &payload_hash);
+    clear_packet_with_auth(&context, &delegate, &origin, &receiver, &guid, &message);
+    // Sanity: payload hash for nonce was removed.
+    let stored_hash = endpoint_client.inbound_payload_hash(&receiver, &src_eid, &sender, &nonce);
+    assert_eq!(stored_hash, None);
+}
+// Payload hash validation
+#[test]
+fn test_clear_failure_wrong_payload_hash() {
+    let context = setup();
+    let env = &context.env;
+    let src_eid = 2u32;
+    let sender = BytesN::from_array(env, &[1u8; 32]);
+    let receiver = env.register(crate::tests::mock::MockReceiver, ());
+    let nonce = 1u64;
+    // Create message and payload
+    let message = Bytes::from_array(env, &[1, 2, 3, 4]);
+    let guid = BytesN::from_array(env, &[5u8; 32]);
+    let payload_hash = build_payload_hash(env, &guid, &message);
+    let origin = Origin { src_eid, sender: sender.clone(), nonce };
+    // Setup receive library
+    let receive_lib = context.setup_default_receive_lib(src_eid, 0);
+    // First verify the packet
+    verify_packet_with_auth(&context, &receive_lib, &origin, &receiver, &payload_hash);
+    // Try to clear with wrong message (different payload hash)
+    let wrong_message = Bytes::from_array(env, &[9, 9, 9, 9]);
+    let result = try_clear_packet_with_auth(&context, &receiver, &origin, &receiver, &guid, &wrong_message);
+    assert_eq!(result.err().unwrap().ok().unwrap(), EndpointError::PayloadHashNotFound.into());
+}
+#[test]
+fn test_clear_failure_duplicate_clear() {
+    let context = setup();
+    let env = &context.env;
+    let src_eid = 2u32;
+    let sender = BytesN::from_array(env, &[1u8; 32]);
+    let receiver = env.register(MockReceiver, ());
+    let nonce = 1u64;
+    let message = Bytes::from_array(env, &[1, 2, 3, 4]);
+    let guid = BytesN::from_array(env, &[5u8; 32]);
+    let (_receive_lib, origin, _payload_hash) =
+        arrange_verified_packet_with_auth(&context, src_eid, &sender, &receiver, nonce, &guid, &message);
+    // First clear succeeds.
+    clear_packet_with_auth(&context, &receiver, &origin, &receiver, &guid, &message);
+    // Second clear should fail because payload hash has been removed.
+    let result = try_clear_packet_with_auth(&context, &receiver, &origin, &receiver, &guid, &message);
+    assert_eq!(result.err().unwrap().ok().unwrap(), EndpointError::PayloadHashNotFound.into());
+}
+// Nonce ordering validation
+#[test]
+fn test_clear_failure_missing_intermediate_nonce() {
+    let context = setup();
+    let env = &context.env;
+    let src_eid = 2u32;
+    let sender = BytesN::from_array(env, &[1u8; 32]);
+    let receiver = env.register(crate::tests::mock::MockReceiver, ());
+    // Setup receive library
+    let receive_lib = context.setup_default_receive_lib(src_eid, 0);
+    // Verify and store nonce 1
+    let message1 = Bytes::from_array(env, &[1, 2, 3]);
+    let guid1 = BytesN::from_array(env, &[1u8; 32]);
+    let payload_hash1 = build_payload_hash(env, &guid1, &message1);
+    let origin1 = Origin { src_eid, sender: sender.clone(), nonce: 1 };
+    verify_packet_with_auth(&context, &receive_lib, &origin1, &receiver, &payload_hash1);
+    // Verify and store nonce 3 (skip nonce 2)
+    let message3 = Bytes::from_array(env, &[3, 3, 3]);
+    let guid3 = BytesN::from_array(env, &[3u8; 32]);
+    let payload_hash3 = build_payload_hash(env, &guid3, &message3);
+    let origin3 = Origin { src_eid, sender: sender.clone(), nonce: 3 };
+    verify_packet_with_auth(&context, &receive_lib, &origin3, &receiver, &payload_hash3);
+    // Clear nonce 1 first
+    clear_packet_with_auth(&context, &receiver, &origin1, &receiver, &guid1, &message1);
+    // Try to clear nonce 3 - should panic because nonce 2 is missing
+    let result = try_clear_packet_with_auth(&context, &receiver, &origin3, &receiver, &guid3, &message3);
+    assert_eq!(result.err().unwrap().ok().unwrap(), EndpointError::InvalidNonce.into());
+}
+#[test]
+fn test_clear_does_not_advance_lazy_nonce_when_clearing_older_nonce() {
+    let context = setup();
+    let env = &context.env;
+    let endpoint_client = &context.endpoint_client;
+    let src_eid = 2u32;
+    let sender = BytesN::from_array(env, &[1u8; 32]);
+    let receiver = env.register(MockReceiver, ());
+    // Setup receive library once for the path.
+    let receive_lib = context.setup_default_receive_lib(src_eid, 0);
+    // Verify nonce 1 and nonce 2.
+    let message1 = Bytes::from_array(env, &[1, 2, 3]);
+    let guid1 = BytesN::from_array(env, &[1u8; 32]);
+    let payload_hash1 = build_payload_hash(env, &guid1, &message1);
+    let origin1 = Origin { src_eid, sender: sender.clone(), nonce: 1 };
+    verify_packet_with_auth(&context, &receive_lib, &origin1, &receiver, &payload_hash1);
+    let message2 = Bytes::from_array(env, &[4, 5, 6]);
+    let guid2 = BytesN::from_array(env, &[2u8; 32]);
+    let payload_hash2 = build_payload_hash(env, &guid2, &message2);
+    let origin2 = Origin { src_eid, sender: sender.clone(), nonce: 2 };
+    verify_packet_with_auth(&context, &receive_lib, &origin2, &receiver, &payload_hash2);
+    // Clear nonce 2 first (this advances lazy nonce to 2 because nonce 1..=2 are present).
+    clear_packet_with_auth(&context, &receiver, &origin2, &receiver, &guid2, &message2);
+    assert_eq!(endpoint_client.lazy_inbound_nonce(&receiver, &src_eid, &sender), 2);
+    // Clearing an older nonce should not change lazy nonce.
+    clear_packet_with_auth(&context, &receiver, &origin1, &receiver, &guid1, &message1);
+    assert_eq!(endpoint_client.lazy_inbound_nonce(&receiver, &src_eid, &sender), 2);
+}

package/contracts/endpoint-v2/src/tests/endpoint_v2/delegate.rs CHANGED Viewed

@@ -1,9 +1,6 @@
-use crate::tests::endpoint_setup::setup;
-use soroban_sdk::{
-    testutils::{Address as _, MockAuth, MockAuthInvoke},
-    Address, IntoVal,
-};
+use soroban_sdk::{testutils::Address as _, Address};
+use crate::tests::endpoint_setup::setup;
 #[test]
 fn test_delegate_when_not_set() {
     let context = setup();
@@ -26,16 +23,7 @@ fn test_delegate_when_set() {
     let delegate = Address::generate(env);
     let delegate_option = Some(delegate.clone());
-    env.mock_auths(&[MockAuth {
-        address: &oapp,
-        invoke: &MockAuthInvoke {
-            contract: &endpoint_client.address,
-            fn_name: "set_delegate",
-            args: (&oapp, &delegate_option).into_val(env),
-            sub_invokes: &[],
-        },
-    }]);
-    endpoint_client.set_delegate(&oapp, &delegate_option);
+    context.set_delegate_with_auth(&oapp, &delegate_option);
     let actual_delegate = endpoint_client.delegate(&oapp);
     assert_eq!(actual_delegate, Some(delegate), "Delegate should be set");