Title: feat: apply CEI pattern, guardian pause, M-of-N verifiers, and lint config to accountability_vault

[Andreschuks101]

Summary

• closes Add reentrancy-safe state updates before token transfers in slash_on_miss and claim in accountability_vault #352: Apply checks-effects-interactions to slash_on_miss, claim, and withdraw — vault status and staked are zeroed in storage before any token::Client::transfer call, ensuring terminal state is committed even if the downstream token call panics.
• closes Add admin/pause guardian role with emergency_pause to halt slash_on_miss and claim in accountability_vault #357: Add guardian address and paused flag to Vault; introduce emergency_pause / emergency_unpause functions that block slash_on_miss, claim, and active-vault withdraw while paused. Only the guardian set at vault creation may toggle the flag.
• closes Add multi-verifier M-of-N approval to check_in in accountability_vault #364: Replace single verifier: Address with VerifierSet { verifiers: Vec<Address>, threshold: u32 }. check_in now accumulates per-milestone approvals in DataKey::MilestoneApprovals(index) and flips Milestone.verified only once threshold distinct addresses have approved. Double-approval by the same address returns Error::AlreadyApproved.
• closes Add rustfmt and clippy configuration and fix lints across the contracts workspace #380: Add contracts/rustfmt.toml with workspace formatting config; add [workspace.lints.clippy] all = "warn" to contracts/Cargo.toml and [lints] workspace = true to contracts/accountability_vault/Cargo.toml; fix the broken reclaim_after_settlement implementation (wrong type usage and incorrect field check); suppress pre-existing dead_code lint in test setup struct with #[allow(dead_code)].

Changes

contracts/accountability_vault/src/lib.rs

• Added VerifierSet contracttype struct (groups verifiers + threshold to stay within Soroban's 10-parameter limit)
• Added DataKey::MilestoneApprovals(u32) storage key
• Added Error variants: Paused = 18, AlreadyApproved = 19, NoVerifiers = 20, InvalidThreshold = 21, StakedRemaining = 22
• Added guardian: Address and paused: bool fields to Vault
• Replaced verifier: Address with verifiers: Vec<Address> and approval_threshold: u32 in Vault
• create_vault: accepts verifier_set: VerifierSet and guardian: Address; validates non-empty verifiers and valid threshold
• check_in: M-of-N approval tracking with double-approval guard
• extend_deadline: removed verifier parameter; all stored verifiers must co-sign via require_auth
• slash_on_miss, claim, withdraw: CEI reorder (state persisted before token transfer) + paused gate
• Added emergency_pause and emergency_unpause
• Fixed reclaim_after_settlement: load vault from storage, use vault.staked, use token::Client

contracts/accountability_vault/src/test.rs

• Updated setup / setup_with_oracle helpers and all create_vault call sites to use VerifierSet
• Updated extend_deadline calls to two-argument form
• Added CEI tests: test_cei_slash_on_miss_state_is_terminal_before_transfer, test_cei_claim_state_is_terminal_before_transfer, test_cei_slash_cannot_be_triggered_twice, test_cei_claim_cannot_be_triggered_twice
• Added pause tests: test_pause_blocks_slash_on_miss, test_pause_blocks_claim, test_pause_blocks_withdraw_active, test_unpause_allows_slash_on_miss, test_unpause_allows_claim, test_non_guardian_cannot_pause, test_pause_does_not_block_draft_withdraw
• Added M-of-N tests: test_multi_verifier_single_approval_insufficient_for_threshold_two, test_multi_verifier_both_approve_verifies_milestone, test_multi_verifier_double_approval_by_same_verifier_fails, test_multi_verifier_threshold_one_of_two_single_approval_sufficient, test_multi_verifier_2of2_full_claim_flow
• Added threshold validation tests: test_create_vault_invalid_threshold_exceeds_verifiers_fails, test_create_vault_zero_threshold_fails

contracts/README.md: documented CEI invariant, guardian role, M-of-N model, updated error table, added lint/format commands.

contracts/rustfmt.toml: new file with workspace formatting config.

contracts/Cargo.toml: added [workspace.lints.clippy] all = "warn".

contracts/accountability_vault/Cargo.toml: added [lints] workspace = true.

Test plan

• All 45 tests pass (cargo test — 0 failures, 0 warnings)
• CEI tests verify terminal state and prevent double-execution
• Pause tests cover block/unblock for each affected function and confirm draft-cancel is unaffected
• M-of-N tests cover partial threshold, full threshold, double-approval rejection, and a complete 2-of-2 claim flow

[drips-wave]

@Andreschuks101 Great news! 🎉 Based on an automated assessment of this PR, the linked Wave issue(s) no longer count against your application limits.

You can now already apply to more issues while waiting for a review of this PR. Keep up the great work! 🚀

Learn more about application limits