Add Stellar SEP Support (SEP-10 Web Auth and SEP-24 Hosted Transfers)

[Nanle-code]

Overview

StarForge is positioned as a full developer toolkit for Stellar, but the Stellar Ecosystem Proposals (SEPs) define the protocols every real Stellar application needs: SEP-10 (Web Authentication), SEP-24 (Hosted Deposits/Withdrawals), SEP-6, SEP-31, SEP-38. None of these are implemented. A developer building a Stellar app with StarForge has no tooling for the most important integration layer.

Resolution

Add a starforge sep command group. Start with the two most universally needed:

SEP-10: Implement starforge sep auth --anchor <domain> --wallet <name> — fetch the challenge transaction from <domain>/.well-known/stellar.toml → WEB_AUTH_ENDPOINT, parse the manage_data operations, verify the transaction meets SEP-10 requirements (correct source, time bounds, correct network passphrase), sign with the local wallet, and submit back to get a JWT. Store the JWT in ~/.starforge/data/sep10_tokens.json keyed by anchor domain.

SEP-24: Implement starforge sep deposit --anchor <domain> --asset USDC --amount 100 --wallet alice — initiate the interactive deposit flow by calling the anchor's /transactions/deposit/interactive endpoint with SEP-10 auth, follow the returned url in the system browser (open/xdg-open), and poll the transaction status endpoint until completion.

Both SEPs require parsing stellar.toml — implement a proper StellarToml parser as a shared utility in src/utils/.

[ZuLu0890]

I would like to work on this issue

[Emmy123222]

Hi, I'd like to work on this feature.

This is a high-impact addition because SEP-10 and SEP-24 are core building blocks for real-world Stellar integrations, and implementing them would significantly improve StarForge's usefulness for application developers.

My implementation plan:

• Add a new starforge sep command group.

• Create a reusable Stellar TOML parser in src/utils/ that:

  • Fetches and parses /.well-known/stellar.toml
  • Validates required fields
  • Exposes endpoints such as WEB_AUTH_ENDPOINT, TRANSFER_SERVER, and related anchor metadata

• Implement starforge sep auth:

  • Resolve the anchor's WEB_AUTH_ENDPOINT from stellar.toml
  • Request the SEP-10 challenge transaction
  • Verify challenge validity (source account, network passphrase, time bounds, required operations, etc.)
  • Sign using the selected local wallet
  • Submit the signed challenge
  • Store the returned JWT in ~/.starforge/data/sep10_tokens.json keyed by anchor domain

• Implement starforge sep deposit:

  • Retrieve and use the stored SEP-10 JWT
  • Call the SEP-24 interactive deposit endpoint
  • Launch the returned interactive URL using the system browser (open/xdg-open)
  • Poll the transaction status endpoint until completion or terminal state
  • Provide clear CLI status updates throughout the flow

• Add tests covering:

  • TOML parsing
  • SEP-10 challenge validation
  • JWT storage and retrieval
  • Interactive deposit flow
  • Error handling for invalid anchors, expired challenges, and failed authentication

Before submitting the PR, I'll verify that:

• SEP-10 authentication works end-to-end against compliant anchors.
• JWT tokens are securely stored and reused.
• SEP-24 deposit flows can be initiated directly from the CLI.
• The Stellar TOML utility is reusable for future SEP-6, SEP-31, and SEP-38 support.

Please assign this issue to me if it is available.

[grantfox-oss]

🦊 GrantFox — @Emmy123222 has been assigned to this issue as part of the Official Campaign campaign!

Next steps:

1. Open a Pull Request referencing this issue (e.g., Closes #19)
2. Your PR will be reviewed by the StarsForges maintainers

Good luck! Track your progress on GrantFox.

[grantfox-oss]

🎉 This issue has been marked as completed on GrantFox as part of the Official Campaign campaign!

@Emmy123222's PR #26 was approved and merged by @Nanle-code.

🏆 @Emmy123222: You earned 35 FoxPoints for this contribution! Your current tier: Explorer (223 total points). Track your full progress on GrantFox.

👏 Great work, @Emmy123222! Keep contributing to StarsForges.