Implement per-payer payment cooldown with sliding window rate limiting

[Kingsman-99]

Description

Implement a sliding-window rate limiter for invoice payments. Each payer has a configurable cooldown period between payments on the same invoice. Additionally, implement a global per-invoice payment rate limit (max N payments within any rolling time window) to prevent coordinated payment flooding.

Acceptance Criteria

• InvoiceOptions accepts payment_cooldown_secs: Option<u64> and max_payments_per_window: Option<u32> and payment_window_secs: Option<u64>
• Per-payer cooldown: _pay stores last payment timestamp at key (symbol_short!("pcd"), invoice_id, payer) and panics with "payment cooldown active" if within window
• Global rate limit: _pay maintains a ring-buffer of recent payment timestamps in persistent storage, evicts entries older than payment_window_secs, and panics with "payment rate limit exceeded" if count >= max_payments_per_window
• Ring buffer must not grow unbounded — cap storage at 50 entries with eviction
• Cooldown and rate limit fields are stored in InvoiceExt (not InvoiceCore) to keep storage efficient
• get_invoice_ext returns both fields correctly
• Test test_cooldown_blocks_same_payer_within_window — same payer blocked, different payer succeeds
• Test test_rate_limit_blocks_after_n_payments — Nth+1 payment blocked regardless of payer
• Test test_rate_limit_window_resets — payments succeed again after window expires
• Test test_cooldown_and_rate_limit_independent — both can be active simultaneously

Context

• _pay is in contracts/split/src/lib.rs (~line 1313)
• InvoiceOptions, InvoiceCore, InvoiceExt are in contracts/split/src/types.rs
• Nonce storage pattern at nonce_key(invoice_id, payer) is a reference for per-payer keys
• env.ledger().timestamp() provides current time
• The ring buffer must use soroban_sdk::Vec (not std) and fit within Soroban storage constraints

[Sam-Rytech]

I’d love to take this on. I have strong experience writing secure Rust smart contracts and using storage patterns for time-gated mechanics. I will add payment_cooldown_secs to InvoiceOptions, enforce the check directly inside _pay using an atomic (invoice_id, payer) timestamp key, and include the explicit panic condition. I'll deliver the implementation along with both required expiry tests well within the deadline.

[blessedcodey-boy]

Hey Maintainer @name of maintainer!!!!
I just went gone through the details of the issue and i will be capable of resolving it, I would love to be assigned to work on it. Thanks

[0xNinx]

Hi, i just reviewed the issue description and will like to work on this. ETA: 6hours. Thanks

[olaleyeolajide81-sketch]

This is a great project and i would love to contribute to it by working on this issue. I have a comprehensive knowledge of this issue and i understood the requirements. i shall deliver on this with qualitative PR and promptly. LALA

[obedebuka41-dotcom]

i can solve this

[obedebuka41-dotcom]

i can solve this

[grantfox-oss]

🦊 GrantFox — @obedebuka41-dotcom has been assigned to this issue as part of the Official Campaign campaign!

Next steps:

1. Open a Pull Request referencing this issue (e.g., Closes #162)
2. Your PR will be reviewed by the Stellar-split maintainers

Good luck! Track your progress on GrantFox.