Payment Vault
Purpose
Hold consumer deposits and track spendable credits for network usage.
Scope
This contract manages deposits, balances, and authorized consumption. It does not compute provider rewards.
Actors and Roles
- Consumers deposit and authorize spending.
- Authorized gateways consume credits.
- Owner authorizes gateways.
State and Storage Model (High-Level)
- Credit balances per beneficiary.
- Gateway allowlist for credit consumption.
Core Flows (State Machine)
- Deposit tokens to establish credits.
- Consume credits for valid usage.
- Withdraw remaining balances under defined conditions.
Protocol Guarantees
- Credits cannot be spent without authorization.
- Balances reflect deposits minus valid consumption.
Security Invariants
- No double-spend of credits.
- Unauthorized actors cannot withdraw or consume on behalf of users.
Threat Model
- Reentrancy attempts during balance changes.
- Auth bypass or allowance escalation.
- Malicious token behavior.
Economic Constraints
- Credit usage is bounded by available balances.
- No hidden fees beyond documented policy.
Governance and Admin Controls
Owner can authorize or revoke gateway addresses.
Events (Optional)
CreditsDeposited,CreditsConsumed,CreditsWithdrawn,GatewayAuthorized
Integration Notes
- Treat balances as authoritative for usage limits.
- Confirm authorization pathways before consuming credits.
Test Coverage Map (No Code)
- Deposit, consume, and withdrawal flows.
- Authorization and reentrancy defenses.