SEP-10 web authentication flow for anchor deposits

[Nanle-code]

Labels: anchors, security, advanced

Description

src/lib/anchors.js and AnchorIntegration.jsx compare anchors and methods, but there is no SEP-10 challenge/sign flow to authenticate with an anchor before deposit/withdraw.

Tasks

Implement SEP-10 client helpers in src/lib/anchors.js (challenge → sign with Freighter → token).
UI wizard in src/components/anchors/AnchorIntegration.jsx for “Connect to anchor”.
Audit log entries via src/lib/auditTrail.js (no token persistence in plaintext).
Acceptance criteria

User completes SEP-10 against a documented test anchor on testnet.

JWT/session stored encrypted or session-only per src/lib/encryption.js policy.
Files

src/lib/anchors.js
src/components/anchors/AnchorIntegration.jsx
src/lib/wallet/freighter.js
src/lib/auditTrail.js, src/lib/encryption.js
Reference: SEP-10

[Anieblin]

@Anieblin has applied to work on this issue as part of the Stellar Wave Program's 5th wave.

Hi Maintainer, I'd love to work on this project

ℹ️ Repo Maintainers: To accept this application, review their application or assign @Anieblin to this issue.

[drips-wave]

Congratulations, @Anieblin! 🎉 Your application was accepted by the repo's maintainers, and the issue is due on June 2, 2026.

🧑‍💻 @Anieblin: Please resolve the issue such that the repo's maintainers have enough time to review your contribution before the due date. You'll earn Points for completing the issue on-time, which will make you eligible for a share of the Stellar Wave Program's reward pool.

Warning

When opening a PR, please link it to this issue to ensure it gets tracked accurately. Points are awarded when this issue is marked as completed by the maintainer.

🤠 Repo maintainers: Please keep an eye on the contributor's progress and review their work before the due date. You can manage this issue, including adjusting its complexity and points, here.

🌊 Happy Wave 🌊