Solution: LP-0013 — Token Program Improvements: Authorities

[Tranquil-Flow]

Implementation of LP-0013: mint authority lifecycle for the LEZ Token program, with a proven on-chain semantic deployment under RISC0_DEV_MODE=0.

Repository: https://github.com/Tranquil-Flow/lp0013-token-suite (public, MIT + Apache-2.0)

Narrated demo video: https://youtu.be/3hQd2G8O-UM

What's implemented:

• admin-authority-core — runtime-agnostic authority state, authorization checks, rotation, and revocation (RFP-001 reusable primitive)
• mint-core / mint-program — token state transitions and instruction-level harness
• mint-sdk — evaluator-facing Rust client API (create/mint/rotate/revoke/query)
• mint-cli — offline demo CLI
• Three runnable examples: variable-supply, fixed-supply, config-PDA-gated (RFP-001 demonstration)
• SPEL guest source (spel-spike/admin_authority_guest.rs) deployed to the live local LEZ sequencer
• Canonical hand-written IDL + real spel generate-idl output checked in alongside
• 31 unit tests + 3 example tests + 1 docs-validator test, CI green

On-chain evidence (RISC0_DEV_MODE=0):

• Live four-transaction lifecycle proven on a local LEZ sequencer (deploy + create_mint + mint_to(100) + set_mint_authority(None) + post-revoke mint_to rejection)
• Independently re-verified ~22 minutes later with a fresh set_mint_authority rejected on chain at Program error 2008: authority has been revoked — the canonical require_authority panic from the guest body, observed live on the sequencer
• Per-operation Risc0 zkVM executor time captured: create_mint 8.38 ms, mint_to 7.58 ms, set_mint_authority (rotate/revoke shares one code path) 6.76 ms; rejected post-revoke operations ~50% less (4.21–4.43 ms) — deterministic-rejection visible in the CU profile
• All txhashes in docs/LEZ_PROOF_LOG.md; CU breakdown in docs/BENCHMARKS.md

See solutions/LP-0013.md for the full spec compliance map and architecture notes.

[github-actions]

✅ Validation passed

A reviewer will assess against the prize criteria.
ℹ️ Solution submission for LP-0013.
ℹ️ Checking repo: https://github.com/Tranquil-Flow/lp0013-token-suite

---

Automated check. See solution template and TERMS.

[weboko]

Hi @Tranquil-Flow! Appreciate your submissions to the LP.

I reviewed this one and here are things we need you to address.

• Supportability: e2e tests vs a LEZ sequencer (standalone) included in CI. Currently absent.
• Supportability: a reproducible e2e demo script that runs against a real local sequencer with RISC0_DEV_MODE=0 from a clean clone, without modification. Currently offline-only; the live variant needs external machine state.
• Supportability - deployment that is independently verifiable (the SPEL program/scaffold must live in the repo and be deployable by an evaluator; local-only hashes on a private laptop are not evidence).
• Performance - real CU costs measured reproducibly on LEZ (not single-run executor-ms on an unverifiable local node).
• Reliability - demonstrate the revoked-authority mint rejection on-chain via the authority guard, not via the AccountAlreadyInitialized side effect; fix the init-only holding PDA so repeat/variable-supply minting actually works on chain.
• Usability - an SDK/IDL that targets the deployed program (SPEL-generated IDL that actually carries accounts/types/errors; a client that talks to LEZ, not the in-memory harness).

Given then I have to reject this submission. Please, re-open once points above are fixed and I will be happy to re-review.