Add fuzz harness for process_partial_payment nonce-replay and ordering invariants

[Baskarayelu]

Description

settlement.rs::process_partial_payment accepts a (invoice_id, transaction_id, amount, nonce) and must reject replays while preserving monotonic cumulative-paid accounting. Add a proptest harness that interleaves valid and replayed payments, asserts the cumulative cap, monotonic count, and that transaction_id deduplication holds even under reordering. Persist failing seeds for regression.

Requirements and context

• Secure: ensure no overpayment past invoice amount.
• Tested: minimum 50,000 randomized sequences in CI.
• Documented: docs/partial-payment-fuzz.md.
• Reference: src/settlement.rs::process_partial_payment.

Suggested execution

git checkout -b feature/partial-payment-fuzz

• Add src/test_fuzz_partial_payment.rs.
• Persist seeds under proptest-regressions/partial_payment.txt.
• Docs: docs/partial-payment-fuzz.md.
• Rust doc comments on the action enum and oracle.
• Validate replay protection across transaction_id and nonce.

Test and commit

Run PROPTEST_CASES=50000 cargo test test_fuzz_partial_payment. Cover edge cases: zero-amount payment, exact-final payment, payment after finalization. Include security note about double-credit risk.

Example commit message

test(settlement): add fuzz harness for partial-payment replay and ordering

Guidelines

• Minimum 95% test coverage
• Clear documentation in docs/partial-payment-fuzz.md
• Timeframe: 96 hours

[canicefavour]

Please assign me this issue and I'll submit soon

[Ved-viraj]

Hi can i be assigned this issue please? I've gone through the description and I'm up for the task. Kindly assign me please.

[grantfox-oss]

🦊 GrantFox — @Ved-viraj has been assigned to this issue!

Next steps:

1. Open a Pull Request referencing this issue (e.g., Closes #1203)
2. Your PR will be reviewed by the QuickLendX maintainers

Good luck! Track your progress on GrantFox.

[grantfox-oss]

🎉 This issue has been marked as completed on GrantFox as part of the Official Campaign campaign!

@Ved-viraj's PR #1402 was approved and merged by @Baskarayelu.

🏆 @Ved-viraj: You earned 35 FoxPoints for this contribution! Your current tier: Explorer (366 total points). Track your full progress on GrantFox.

👏 Great work, @Ved-viraj! Keep contributing to QuickLendX.