This Smart Contract Agreement ("Agreement") governs the use of the OLIGHFT SMART COIN decentralized payment system deployed on the Stellar Soroban smart contract platform. By interacting with this contract, you agree to all terms herein.
Users must hold a funded Stellar account with a minimum trustline and sufficient XLM balance to cover Soroban resource fees. Users must be of legal age in their jurisdiction to engage in digital asset transactions.
The contract is compiled from Rust to WebAssembly (WASM) and deployed on the Stellar Soroban runtime. All state is stored in Soroban persistent and temporary storage entries.
use soroban_sdk::{contract, contractimpl, Address, Env, Symbol}; // Contract entry point #[contract] pub struct SmartCardCoin; #[contractimpl] impl SmartCardCoin { /// Initialize card contract with issuer + fee config pub fn initialize( env: Env, issuer: Address, fee_bps: u32, // basis points (e.g. 150 = 1.5%) card_tiers: Vec<CardTier>, ) -> Result<(), ContractError> { ... } /// Issue a new card to a user pub fn issue_card( env: Env, user: Address, tier: Symbol, ) -> Result<CardId, ContractError> { ... } /// Process a payment transaction pub fn process_payment( env: Env, from: Address, to: Address, amount: i128, asset: Address, ) -> Result<TxReceipt, ContractError> { ... } }
The contract uses Soroban's three storage types:
The contract interacts with Stellar Asset Contract (SAC) tokens via the soroban_sdk::token::Client interface. Supported assets include XLM, USDC (Centre), and custom Soroban tokens meeting the SEP-41 token standard.
| Function | Description | Auth Required |
|---|---|---|
| initialize | Deploy & configure contract parameters | Issuer only |
| issue_card | Mint a new virtual card for a Stellar address | User + Issuer |
| process_payment | Execute a payment between two addresses | Sender |
| deposit | Fund card balance from external wallet | User |
| withdraw | Withdraw funds to external Stellar address | User |
| stake | Lock tokens for yield rewards | User |
| claim_rewards | Claim accumulated staking rewards | User |
| upgrade_tier | Upgrade card to a higher tier | User |
| freeze_card | Temporarily disable card for security | User or Issuer |
| get_balance | Query card balance (read-only) | None |
All state-changing functions require Soroban's require_auth() from the invoking address. Multi-party operations (e.g., issue_card) require authorization from all involved parties within the same transaction envelope.
#[contracterror] pub enum ContractError { NotInitialized = 1, AlreadyInitialized = 2, Unauthorized = 3, InsufficientFunds = 4, CardNotFound = 5, CardFrozen = 6, InvalidTier = 7, RateLimited = 8, AmountOverflow = 9, InvalidAsset = 10, }
Every contract invocation consumes Soroban resources (CPU instructions, memory, storage reads/writes, transaction size). Fees are paid in XLM and are determined by the Stellar network's base fee + resource consumption.
| Operation | Est. CPU (instr) | Est. Fee (XLM) |
|---|---|---|
| issue_card | ~800K | ~0.015 XLM |
| process_payment | ~500K | ~0.008 XLM |
| deposit / withdraw | ~400K | ~0.006 XLM |
| stake / claim_rewards | ~600K | ~0.010 XLM |
| upgrade_tier | ~700K | ~0.012 XLM |
| get_balance (read) | ~100K | ~0.001 XLM |
| Fee Type | Rate | Recipient |
|---|---|---|
| Transaction Fee | 1.5% (150 bps) | Contract Reserve |
| Card Issuance (Gold+) | 5 XLM one-time | Issuer |
| Withdrawal Fee | 0.5% | Contract Reserve |
| Staking Exit (early) | 2% if <30 days | Reward Pool |
| Tier Upgrade | Varies by tier | Issuer |
Soroban persistent storage entries require periodic rent payments to prevent expiry. The contract auto-extends entry TTL (time-to-live) to a minimum of 120 days on each interaction. Users are responsible for ensuring sufficient XLM to cover rent bumps for their card data.
| Risk Category | Level | Mitigation |
|---|---|---|
| WASM bytecode vulnerability | MEDIUM | Third-party audit, formal verification |
| Soroban runtime bug | LOW | Stellar Core testing & protocol upgrades |
| Storage entry expiry | MEDIUM | Auto-extend TTL on every interaction |
| Key compromise (user) | HIGH | User responsibility; hardware key support |
| Key compromise (issuer) | HIGH | Multi-sig admin with 3-of-5 threshold |
| Economic exploit (flash loan) | LOW | No composable flash loan exposure on Stellar |
| Oracle manipulation | MEDIUM | Multi-source price feeds, TWAP averaging |
The issuer multi-sig can invoke freeze_card on compromised accounts. A global circuit breaker (pause_contract) exists for critical vulnerabilities โ requires 3-of-5 admin signatures and triggers a 48-hour cooldown before reactivation.
The smart contract is provided "AS IS" without warranty of any kind. The issuer makes no guarantees regarding uptime, transaction finality timing, or freedom from defects in the WASM bytecode.
Once deployed, the contract's WASM bytecode is immutable unless upgraded via the issuer's admin function upgrade_contract. Upgrades require multi-sig approval and a 7-day timelock. Users are notified via on-chain events before any upgrade takes effect.
Users are solely responsible for compliance with applicable laws and regulations in their jurisdiction. This contract does not constitute a financial product, investment advice, or a regulated payment service. The issuer may restrict access from sanctioned jurisdictions.
The contract issuer is a 3-of-5 multi-signature Stellar account. Critical operations (contract upgrade, fee changes, emergency pause) require threshold approval. Signer keys are distributed across geographically separate hardware security modules.
Application-level fee changes require multi-sig approval and a 14-day notice period. Fee changes are emitted as contract events. Maximum fee caps are hardcoded: transaction fee โค 3%, withdrawal fee โค 2%.
Disputes arising from contract interactions shall first be resolved through the on-chain dispute mechanism (raise_dispute). If unresolved within 30 days, disputes may be escalated to binding arbitration under the rules of the jurisdiction specified by the issuer.
By checking the boxes below and signing, you acknowledge that you have read, understood, and agree to all terms of this Soroban Smart Contract Agreement.