@layerzerolabs/protocol-stellar-v2 0.2.33 → 0.2.35

package/contracts/oapps/oft/integration-tests/utils.rs

@@ -2,6 +2,7 @@
 
 use crate::extensions::rate_limiter::{Direction, Mode, RateLimitConfig};
 use crate::integration_tests::setup::{decode_packet, ChainSetup};
+use crate::MintableClient;
 use endpoint_v2::{MessagingFee, Origin, OutboundPacket};
 use message_lib_common::packet_codec_v1;
 use oft_core::{OFTFeeDetail, OFTLimit, OFTReceipt, SendParam};
@@ -38,7 +39,11 @@ pub fn create_recipient_address(env: &Env) -> Address {
 // OFT Core Operations
 // ============================================================================
 
-pub fn quote_oft(chain: &ChainSetup<'_>, from: &Address, send_param: &SendParam) -> (OFTLimit, Vec<OFTFeeDetail>, OFTReceipt) {
+pub fn quote_oft(
+    chain: &ChainSetup<'_>,
+    from: &Address,
+    send_param: &SendParam,
+) -> (OFTLimit, Vec<OFTFeeDetail>, OFTReceipt) {
     chain.oft.quote_oft(from, send_param)
 }
 
@@ -61,7 +66,8 @@ pub fn quote_send(
     chain.oft.quote_send(sender, send_param, &pay_in_zro)
 }
 
-/// Send without fee (standard OFT send)
+/// Send without fee (standard OFT send).
+/// Sender authorizes OFT send (OFT debits by calling token burn directly) and SAC burn.
 pub fn send(
     env: &Env,
     chain: &ChainSetup<'_>,
@@ -308,6 +314,26 @@ pub fn mint_to(env: &Env, owner: &Address, token: &Address, to: &Address, amount
     sac.mint(to, &amount);
 }
 
+/// Mints the OFT token (via the Mintable wrapper) to the given address.
+/// Use when OFT is MintBurn; the wrapper calls the underlying SAC mint.
+pub fn mint_oft_token_to(env: &Env, chain: &ChainSetup<'_>, to: &Address, amount: i128) {
+    env.mock_auths(&[MockAuth {
+        address: &chain.owner,
+        invoke: &MockAuthInvoke {
+            contract: &chain.sac_wrapper,
+            fn_name: "mint",
+            args: (to, &amount, &chain.owner).into_val(env),
+            sub_invokes: &[MockAuthInvoke {
+                contract: &chain.oft_token,
+                fn_name: "mint",
+                args: (to, &amount).into_val(env),
+                sub_invokes: &[],
+            }],
+        },
+    }]);
+    MintableClient::new(env, &chain.sac_wrapper).mint(to, &amount, &chain.owner);
+}
+
 pub fn transfer_sac_admin(env: &Env, owner: &Address, token: &Address, new_admin: &Address) {
     env.mock_auths(&[MockAuth {
         address: owner,

package/contracts/oapps/oft/src/extensions/oft_fee.rs

@@ -122,6 +122,11 @@ pub trait OFTFee: OFTFeeInternal + Auth {
         Self::__effective_fee_bps(env, dst_eid)
     }
 
+    /// Returns true if the OFT has a fee rate greater than 0 for the specified destination
+    fn has_oft_fee(env: &soroban_sdk::Env, dst_eid: u32) -> bool {
+        Self::__effective_fee_bps(env, dst_eid) > 0
+    }
+
     /// Returns the fee deposit address.
     fn fee_deposit_address(env: &soroban_sdk::Env) -> Option<soroban_sdk::Address> {
         Self::__fee_deposit_address(env)

package/contracts/oapps/oft/src/interfaces/mintable.rs

@@ -0,0 +1,14 @@
+//! Mintable trait - the interface the OFT uses to mint tokens on credit (receive).
+
+use soroban_sdk::{contractclient, Address, Env};
+
+/// The mint interface for OFT MintBurn operations.
+///
+/// A contract that implements `mint` (e.g. SAC Manager or a token wrapper) is used
+/// for crediting; the OFT calls the token (SAC) directly for burn on debit.
+#[contractclient(name = "MintableClient")]
+pub trait Mintable {
+    /// Mints `amount` tokens to `to`. The `operation` address is the caller (e.g. OFT)
+    /// requesting the mint, for use by SAC wrappers that enforce authorization.
+    fn mint(env: &Env, to: &Address, amount: i128, operation: &Address);
+}

package/contracts/oapps/oft/src/interfaces/mod.rs

@@ -1,3 +1,3 @@
-mod mint_burnable;
+mod mintable;
 
-pub use mint_burnable::*;
+pub use mintable::*;

package/contracts/oapps/oft/src/oft.rs

@@ -80,21 +80,22 @@ impl OFTInternal for OFT {
     /// Overrides default to add pausable check and fee calculation.
     ///
     /// Dust handling (consistent with EVM):
-    /// - fee = 0: dust stays with sender (amount_sent_ld has dust removed)
-    /// - fee > 0: dust is absorbed into the charged fee (amount_sent_ld is the full amount)
+    /// - no fee: dust stays with sender (amount_sent_ld has dust removed)
+    /// - has fee: dust is absorbed into the charged fee (amount_sent_ld is the full amount)
     fn __debit_view(env: &Env, amount_ld: i128, min_amount_ld: i128, dst_eid: u32) -> (i128, i128) {
         Self::__assert_not_paused(env);
 
         let conversion_rate = Self::__decimal_conversion_rate(env);
-        let fee = Self::__fee_view(env, dst_eid, amount_ld);
+        let has_fee = Self::has_oft_fee(env, dst_eid);
 
-        let (amount_sent_ld, amount_received_ld) = if fee == 0 {
+        let (amount_sent_ld, amount_received_ld) = if !has_fee {
             // No fee: dust stays with sender (default OFT behavior)
             let amount_sent_ld = oft_utils::remove_dust(amount_ld, conversion_rate);
             (amount_sent_ld, amount_sent_ld)
         } else {
             // With fee: match EVM OFTFee behavior
             // - sender pays full amount_ld (no dust removed), dust is absorbed into the charged fee
+            let fee = Self::__fee_view(env, dst_eid, amount_ld);
             let amount_received_ld = oft_utils::remove_dust(amount_ld - fee, conversion_rate);
             (amount_ld, amount_received_ld)
         };
@@ -110,8 +111,8 @@ impl OFTInternal for OFT {
             OftType::LockUnlock => {
                 lock_unlock::debit::<Self>(env, &Self::token(env), sender, amount_ld, min_amount_ld, dst_eid)
             }
-            OftType::MintBurn(mint_burnable) => {
-                mint_burn::debit::<Self>(env, &mint_burnable, sender, amount_ld, min_amount_ld, dst_eid)
+            OftType::MintBurn(_mintable) => {
+                mint_burn::debit::<Self>(env, &Self::token(env), sender, amount_ld, min_amount_ld, dst_eid)
             }
         };
 
@@ -133,7 +134,7 @@ impl OFTInternal for OFT {
         // Core credit logic (based on mode)
         let amount_credited = match Self::oft_type(env) {
             OftType::LockUnlock => lock_unlock::credit::<Self>(env, &Self::token(env), to, amount_ld, src_eid),
-            OftType::MintBurn(mint_burnable) => mint_burn::credit::<Self>(env, &mint_burnable, to, amount_ld, src_eid),
+            OftType::MintBurn(mintable) => mint_burn::credit::<Self>(env, &mintable, to, amount_ld, src_eid),
         };
 
         // Rate limit checks

package/contracts/oapps/oft/src/oft_types/mint_burn.rs

@@ -1,17 +1,17 @@
 //! MintBurn type implementation for OFT.
 //!
 //! This OFT type burns tokens on debit (send) and mints tokens on credit (receive).
-//! Used when the OFT contract has mint/burn authority over the token.
+//! Used when the OFT contract has mint authority over the token.
 
-use crate::interfaces::MintBurnableClient;
+use crate::interfaces::MintableClient;
 use oft_core::OFTCore;
-use soroban_sdk::{Address, Env};
+use soroban_sdk::{token::TokenClient, Address, Env};
 
 /// Debit tokens using MintBurn OFT type (burns tokens from sender).
 ///
 /// # Parameters
 /// * `env` - The Soroban environment
-/// * `burnable` - Address of the contract responsible for burning tokens
+/// * `token` - Address of the token (SAC) to burn from
 /// * `sender` - Address of the token sender
 /// * `amount_ld` - Amount to debit in local decimals
 /// * `min_amount_ld` - Minimum amount that must be received (for slippage protection)
@@ -22,14 +22,14 @@ use soroban_sdk::{Address, Env};
 /// * `amount_received_ld` - The amount received in local decimals on the remote
 pub fn debit<T: OFTCore>(
     env: &Env,
-    burnable: &Address,
+    token: &Address,
     sender: &Address,
     amount_ld: i128,
     min_amount_ld: i128,
     dst_eid: u32,
 ) -> (i128, i128) {
     let (amount_sent_ld, amount_received_ld) = T::__debit_view(env, amount_ld, min_amount_ld, dst_eid);
-    MintBurnableClient::new(env, burnable).burn(sender, &amount_received_ld);
+    TokenClient::new(env, token).burn(sender, &amount_received_ld);
     (amount_sent_ld, amount_received_ld)
 }
 
@@ -37,7 +37,7 @@ pub fn debit<T: OFTCore>(
 ///
 /// # Parameters
 /// * `env` - The Soroban environment
-/// * `mintable` - Address of the contract responsible for minting tokens
+/// * `mintable` - Address of the contract responsible for minting tokens (e.g. SAC wrapper)
 /// * `to` - Address of the token recipient
 /// * `amount_ld` - Amount to credit in local decimals
 /// * `_src_eid` - Source endpoint ID (unused)
@@ -45,6 +45,6 @@ pub fn debit<T: OFTCore>(
 /// # Returns
 /// The amount credited
 pub fn credit<T: OFTCore>(env: &Env, mintable: &Address, to: &Address, amount_ld: i128, _src_eid: u32) -> i128 {
-    MintBurnableClient::new(env, mintable).mint(to, &amount_ld);
+    MintableClient::new(env, mintable).mint(to, &amount_ld, &env.current_contract_address());
     amount_ld
 }

package/contracts/oapps/oft/src/oft_types/mod.rs

@@ -4,9 +4,8 @@
 //!
 //! - **LockUnlock**: Locks tokens on send, unlocks on receive. Operates directly on the
 //!   token via standard SEP-41 `transfer`.
-//! - **MintBurn**: Burns tokens on send, mints on receive. Operates on any contract
-//!   that implements [`MintBurnable`](crate::interfaces::MintBurnable) —
-//!   whether it's a raw SAC or a token wrapper (e.g. SAC Manager).
+//! - **MintBurn**: Burns tokens on send (via TokenClient on the token), mints on receive
+//!   via a contract that implements [`Mintable`](crate::interfaces::Mintable).
 
 use soroban_sdk::{contracttype, Address};
 
@@ -20,6 +19,6 @@ pub enum OftType {
     /// Lock tokens on send, unlock on receive.
     LockUnlock,
     /// Burn tokens on send, mint on receive.
-    /// The address is the contract responsible for minting and burning tokens.
+    /// The address is the Mintable contract used for minting on credit
     MintBurn(Address),
 }

package/contracts/oapps/oft/src/tests/extensions/rate_limiter.rs

@@ -1,7 +1,9 @@
 extern crate std;
 
 use crate as oft;
-use crate::extensions::rate_limiter::{Direction, Mode, RateLimitConfig, RateLimitError, RateLimiter, RateLimiterInternal};
+use crate::extensions::rate_limiter::{
+    Direction, Mode, RateLimitConfig, RateLimitError, RateLimiter, RateLimiterInternal,
+};
 use soroban_sdk::{contract, contractimpl, testutils::Ledger as _, Address, Env};
 use utils::auth::Auth;
 
@@ -451,10 +453,10 @@ fn test_switching_from_net_to_gross_mode() {
 
     // Switch to Gross mode
     client.set_rate_limit(&direction, &eid, &Some(config_with_mode(100, 100, Mode::Gross)));
-    
+
     // in-flight should be checkpointed
     assert_eq!(client.rate_limit_in_flight(&direction, &eid), 40);
-    
+
     // Now releases should be no-op
     client.release(&direction, &eid, &20i128);
     assert_eq!(client.rate_limit_in_flight(&direction, &eid), 40, "Gross mode should not release");
@@ -474,10 +476,10 @@ fn test_switching_from_gross_to_net_mode() {
 
     // Switch to Net mode
     client.set_rate_limit(&direction, &eid, &Some(config_with_mode(100, 100, Mode::Net)));
-    
+
     // in-flight should be checkpointed
     assert_eq!(client.rate_limit_in_flight(&direction, &eid), 60);
-    
+
     // Now releases should work
     client.release(&direction, &eid, &20i128);
     assert_eq!(client.rate_limit_in_flight(&direction, &eid), 40, "Net mode should release");

package/contracts/oapps/sac-manager/src/errors.rs

@@ -0,0 +1,14 @@
+//! General errors for the SAC Manager contract.
+
+use common_macros::contract_error;
+
+/// General SacManagerError: 3220-3249
+#[contract_error]
+pub enum SacManagerError {
+    /// The address is already a minter
+    AlreadyMinter,
+    /// Minter address not in the minters list (e.g. when deactivating)
+    MinterNotFound,
+    /// Caller is not authorized for this operation
+    Unauthorized,
+}

package/contracts/{sac-manager → oapps/sac-manager}/src/lib.rs

@@ -1,12 +1,8 @@
 #![no_std]
 
-pub mod extensions;
-
 mod errors;
-mod interfaces;
 
 pub use errors::*;
-pub use interfaces::*;
 
 cfg_if::cfg_if! {
     // Include implementation when NOT in library mode, OR when testutils is enabled (for tests)

package/contracts/oapps/sac-manager/src/sac_manager.rs

@@ -0,0 +1,115 @@
+//! SAC Manager Contract - Manages a Stellar Asset Contract (SAC) as its admin.
+//!
+//! This contract becomes the admin of a SAC and provides:
+//! - Mintable interface for OFT (mint on credit only; OFT burns on the token directly)
+//! - Admin operations (clawback, set_admin, set_authorized)
+//! - Upgradeable (owner-authorized)
+//!
+//! ## Authorization Model
+//!
+//! - **Owner** (via Ownable): The admin address. Can do everything (upgrades, TTL, admin ops, set_minter).
+//! - **Minters**: Stored list of addresses. Only an address in Minters can call mint via Mintable with `operation: minter_address`.
+
+use crate::{errors::SacManagerError, storage::SacManagerStorage};
+use common_macros::{contract_impl, lz_contract, only_auth};
+use oft::Mintable;
+use soroban_sdk::{assert_with_error, token::StellarAssetClient, Address, Env, Vec};
+use utils::ownable::OwnableInitializer;
+
+// =========================================================================
+// SAC Manager Contract
+// =========================================================================
+
+/// SAC Manager Contract
+///
+/// Manages a SAC as its admin, forwarding token actions to
+/// the underlying SAC while enforcing access control.
+#[lz_contract(upgradeable(no_migration))]
+pub struct SacManager;
+
+#[contract_impl]
+impl SacManager {
+    /// Constructs the SAC manager contract.
+    ///
+    /// # Arguments
+    /// * `sac_token` - The underlying Stellar Asset Contract address
+    /// * `owner` - The initial owner address (for upgrades, owner ops)
+    ///
+    /// Minters can be set separately via `set_minter` after construction.
+    pub fn __constructor(env: &Env, sac_token: &Address, owner: &Address) {
+        Self::init_owner(env, owner);
+        SacManagerStorage::set_sac_token(env, sac_token);
+    }
+
+    // =========================================================================
+    // SAC Admin Operations
+    // =========================================================================
+
+    /// Delegates to the underlying SAC to clawback `amount` from `from` account.
+    #[only_auth]
+    pub fn clawback(env: &Env, from: &Address, amount: i128) {
+        sac_client(env).clawback(from, &amount);
+    }
+
+    /// Delegates to the underlying SAC `set_admin` to release the admin role from the current contract to `to`.
+    #[only_auth]
+    pub fn release_sac_admin(env: &Env, to: &Address) {
+        sac_client(env).set_admin(to);
+    }
+
+    /// Delegates to the underlying SAC `set_authorized` to set whether `id` is authorized to use its balance.
+    #[only_auth]
+    pub fn set_authorized(env: &Env, id: &Address, authorize: bool) {
+        sac_client(env).set_authorized(id, &authorize);
+    }
+
+    /// Adds (`active = true`) or removes (`active = false`) a minter.
+    #[only_auth]
+    pub fn set_minter(env: &Env, minter: &Address, active: bool) {
+        let mut minters = SacManagerStorage::minters(env);
+        let minter_index = minters.first_index_of(minter);
+        if active {
+            assert_with_error!(env, minter_index.is_none(), SacManagerError::AlreadyMinter);
+            minters.push_back(minter.clone());
+        } else {
+            minters.remove(minter_index.unwrap_or_panic(env, SacManagerError::MinterNotFound));
+        }
+        SacManagerStorage::set_minters(env, &minters);
+    }
+
+    // =========================================================================
+    // View Functions
+    // =========================================================================
+
+    /// Returns the underlying SAC (Stellar Asset Contract) address.
+    pub fn underlying_sac(env: &Env) -> Address {
+        SacManagerStorage::sac_token(env).unwrap()
+    }
+
+    /// Returns the list of addresses authorized to call mint.
+    pub fn minters(env: &Env) -> Vec<Address> {
+        SacManagerStorage::minters(env)
+    }
+}
+
+// =========================================================================
+// Mintable Implementation (OFT mint on credit)
+// =========================================================================
+
+#[contract_impl]
+impl Mintable for SacManager {
+    fn mint(env: &Env, to: &Address, amount: i128, operation: &Address) {
+        assert_with_error!(env, Self::minters(env).contains(operation), SacManagerError::Unauthorized);
+        operation.require_auth();
+
+        sac_client(env).mint(to, &amount);
+    }
+}
+
+// =========================================================================
+// Helper Functions
+// =========================================================================
+
+fn sac_client(env: &Env) -> StellarAssetClient<'_> {
+    StellarAssetClient::new(env, &SacManager::underlying_sac(env))
+}

package/contracts/oapps/sac-manager/src/storage.rs

@@ -0,0 +1,20 @@
+//! Storage definitions for the SAC manager contract.
+//!
+//! This file contains the core storage.
+
+use common_macros::storage;
+use soroban_sdk::{Address, Vec};
+
+/// Core storage for the SacManager contract.
+/// Contains essential state.
+#[storage]
+pub enum SacManagerStorage {
+    /// The underlying SAC (Stellar Asset Contract) address
+    #[instance(Address)]
+    SacToken,
+
+    /// Addresses authorized to call mint (e.g. OFT or other minters).
+    #[persistent(Vec<Address>)]
+    #[default(Vec::new(env))]
+    Minters,
+}

package/contracts/{sac-manager → oapps/sac-manager}/src/tests/mod.rs

@@ -1,14 +1,10 @@
 //! Token Wrapper Tests
 //!
 //! Test modules organized by source module:
-//! - `supply_control`: Tests for supply control extension (controllers, mint, burn, rate limits)
-//! - `redistribution`: Tests for redistribution extension (feature flag settings)
 //! - `sac_manager`: Tests for the main SAC manager contract (admin, authorized, clawback, mint/burn, views)
 
 #![cfg(test)]
 
 mod test_helper;
 
-mod redistribution;
 mod sac_manager;
-mod supply_control;

package/contracts/oapps/sac-manager/src/tests/sac_manager/clawback.rs

@@ -0,0 +1,86 @@
+//! Clawback Integration Tests
+//!
+//! Tests for admin-initiated clawback functionality via `clawback`.
+//! The clawback operation uses SAC clawback, which requires AUTH_CLAWBACK_ENABLED
+//! flag on the SAC issuer.
+
+use super::test_helper::mock_clawback_auth;
+use crate::tests::test_helper::{mock_oft_mint_auth, TestSetup};
+use soroban_sdk::testutils::IssuerFlags;
+
+// =========================================================================
+// clawback Tests (owner only)
+// =========================================================================
+
+#[test]
+fn test_clawback_by_owner() {
+    let setup = TestSetup::new().with_manager_as_sac_admin().build();
+    let user = setup.generate_address();
+
+    setup.sac_contract.issuer().set_flag(IssuerFlags::RevocableFlag);
+    setup.sac_contract.issuer().set_flag(IssuerFlags::ClawbackEnabledFlag);
+
+    mock_oft_mint_auth(&setup, &user, 1000_i128);
+    setup.sac_manager_client.mint(&user, &1000, &setup.minter);
+    assert_eq!(setup.sac_client.balance(&user), 1000);
+
+    mock_clawback_auth(&setup, &setup.owner, &user, 500_i128);
+    setup.sac_manager_client.clawback(&user, &500);
+    assert_eq!(setup.sac_client.balance(&user), 500);
+}
+
+#[test]
+fn test_clawback_full_balance() {
+    let setup = TestSetup::new().with_manager_as_sac_admin().build();
+    let user = setup.generate_address();
+
+    setup.sac_contract.issuer().set_flag(IssuerFlags::RevocableFlag);
+    setup.sac_contract.issuer().set_flag(IssuerFlags::ClawbackEnabledFlag);
+
+    mock_oft_mint_auth(&setup, &user, 1000_i128);
+    setup.sac_manager_client.mint(&user, &1000, &setup.minter);
+
+    mock_clawback_auth(&setup, &setup.owner, &user, 1000_i128);
+    setup.sac_manager_client.clawback(&user, &1000);
+    assert_eq!(setup.sac_client.balance(&user), 0);
+}
+
+#[test]
+fn test_clawback_fails_when_amount_exceeds_balance() {
+    let setup = TestSetup::new().with_manager_as_sac_admin().build();
+    let user = setup.generate_address();
+
+    setup.sac_contract.issuer().set_flag(IssuerFlags::RevocableFlag);
+    setup.sac_contract.issuer().set_flag(IssuerFlags::ClawbackEnabledFlag);
+
+    mock_oft_mint_auth(&setup, &user, 100_i128);
+    setup.sac_manager_client.mint(&user, &100, &setup.minter);
+
+    mock_clawback_auth(&setup, &setup.owner, &user, 200_i128);
+    let result = setup.sac_manager_client.try_clawback(&user, &200);
+    assert!(result.is_err());
+}
+
+#[test]
+fn test_clawback_by_non_owner_fails() {
+    let setup = TestSetup::new().with_manager_as_sac_admin().build();
+    let user = setup.generate_address();
+    let random = setup.generate_address();
+
+    mock_clawback_auth(&setup, &random, &user, 500_i128);
+    let result = setup.sac_manager_client.try_clawback(&user, &500);
+    assert!(result.is_err());
+}
+
+// =========================================================================
+// clawback Auth Tests
+// =========================================================================
+
+#[test]
+#[should_panic(expected = "Error(Auth, InvalidAction)")]
+fn test_clawback_fails_without_auth() {
+    let setup = TestSetup::new().build();
+    let user = setup.generate_address();
+
+    setup.sac_manager_client.clawback(&user, &300);
+}

package/contracts/oapps/sac-manager/src/tests/sac_manager/mint.rs

@@ -0,0 +1,58 @@
+//! Mint (Mintable) Integration Tests
+//!
+//! Tests minter-originated mint via Mintable::mint(..., operation: minter),
+//! authorization (operation must be in minters, operation must auth), and error cases.
+
+use crate::errors::SacManagerError;
+use crate::tests::test_helper::{mock_auth, mock_oft_mint_auth, TestSetup};
+
+// =========================================================================
+// Mint success — minter calls mint
+// =========================================================================
+
+#[test]
+fn test_mint_by_minter() {
+    let setup = TestSetup::new().with_manager_as_sac_admin().build();
+    let recipient = setup.generate_address();
+
+    mock_oft_mint_auth(&setup, &recipient, 1000_i128);
+    setup.sac_manager_client.mint(&recipient, &1000, &setup.minter);
+    assert_eq!(setup.sac_client.balance(&recipient), 1000);
+}
+
+// =========================================================================
+// Mint error cases — operation not in minters / non-minter
+// =========================================================================
+
+#[test]
+fn test_mint_fails_when_operation_not_in_minters() {
+    let setup = TestSetup::new().with_empty_minters().build();
+    let recipient = setup.generate_address();
+
+    let result = setup.sac_manager_client.try_mint(&recipient, &1000, &setup.minter);
+    assert_eq!(result.err().unwrap().unwrap(), SacManagerError::Unauthorized.into());
+}
+
+#[test]
+fn test_mint_by_non_minter_fails() {
+    let setup = TestSetup::new().with_manager_as_sac_admin().build();
+    let recipient = setup.generate_address();
+    let random = setup.generate_address();
+
+    mock_auth(&setup.env, &setup.sac_manager, &random, "mint", (&recipient, 1000_i128, &random));
+    let result = setup.sac_manager_client.try_mint(&recipient, &1000, &random);
+    assert_eq!(result.err().unwrap().unwrap(), SacManagerError::Unauthorized.into());
+}
+
+// =========================================================================
+// Mint auth tests — operation must authorize
+// =========================================================================
+
+#[test]
+#[should_panic(expected = "Error(Auth, InvalidAction)")]
+fn test_mint_fails_without_minter_auth() {
+    let setup = TestSetup::new().with_manager_as_sac_admin().build();
+    let recipient = setup.generate_address();
+
+    setup.sac_manager_client.mint(&recipient, &1000, &setup.minter);
+}

package/contracts/{sac-manager → oapps/sac-manager}/src/tests/sac_manager/mod.rs

@@ -1,9 +1,7 @@
 mod clawback;
-mod admin_mint;
-mod burn;
 mod mint;
 mod set_admin;
 mod set_authorized;
-mod set_oft_address;
+mod set_minter;
 mod test_helper;
 mod view_functions;

package/contracts/oapps/sac-manager/src/tests/sac_manager/set_minter.rs

@@ -0,0 +1,69 @@
+//! set_minter Integration Tests
+
+use super::test_helper::mock_set_minter_auth;
+use crate::errors::SacManagerError;
+use crate::tests::test_helper::TestSetup;
+
+// =========================================================================
+// set_minter Tests
+// =========================================================================
+
+#[test]
+fn test_set_minter_add_when_empty() {
+    let setup = TestSetup::new().with_empty_minters().build();
+    let new_minter = setup.generate_address();
+
+    mock_set_minter_auth(&setup, &new_minter, true);
+    setup.sac_manager_client.set_minter(&new_minter, &true);
+    let stored = setup.sac_manager_client.minters();
+    assert_eq!(stored.len(), 1);
+    assert_eq!(stored.get(0), Some(new_minter));
+}
+
+#[test]
+fn test_set_minter_add_then_remove() {
+    let setup = TestSetup::new().build();
+    let new_minter = setup.generate_address();
+
+    mock_set_minter_auth(&setup, &new_minter, true);
+    setup.sac_manager_client.set_minter(&new_minter, &true);
+    assert_eq!(setup.sac_manager_client.minters().len(), 2);
+
+    mock_set_minter_auth(&setup, &new_minter, false);
+    setup.sac_manager_client.set_minter(&new_minter, &false);
+    let stored = setup.sac_manager_client.minters();
+    assert_eq!(stored.len(), 1);
+    assert_eq!(stored.get(0), Some(setup.minter.clone()));
+}
+
+#[test]
+fn test_set_minter_add_fails_if_already_active() {
+    let setup = TestSetup::new().build();
+
+    mock_set_minter_auth(&setup, &setup.minter, true);
+    let result = setup.sac_manager_client.try_set_minter(&setup.minter, &true);
+    assert_eq!(result.err().unwrap().unwrap(), SacManagerError::AlreadyMinter.into());
+}
+
+#[test]
+fn test_set_minter_remove_fails_if_not_minter() {
+    let setup = TestSetup::new().build();
+    let random = setup.generate_address();
+
+    mock_set_minter_auth(&setup, &random, false);
+    let result = setup.sac_manager_client.try_set_minter(&random, &false);
+    assert_eq!(result.err().unwrap().unwrap(), SacManagerError::MinterNotFound.into());
+}
+
+// =========================================================================
+// set_minter Auth Tests
+// =========================================================================
+
+#[test]
+#[should_panic(expected = "Error(Auth, InvalidAction)")]
+fn test_set_minter_without_auth() {
+    let setup = TestSetup::new().with_empty_minters().build();
+    let new_minter = setup.generate_address();
+
+    setup.sac_manager_client.set_minter(&new_minter, &true);
+}