- Add integration test `token_rotate_authority_then_new_authority_can_mint`:
create with self-authority, rotate to external key, verify new authority
mints as rest account, verify old authority is rejected (RFP-001 end-to-end)
- Fix README error table: 'must sign' -> 'must authorize' (matches mint.rs:36)
- Fix guest doc comments for mint/set_authority to describe the 0-or-1
external authority model correctly
- Fix example scripts: new-fungible-definition-with-authority -> new-fungible-definition,
--initial-supply -> --total-supply (align to token-idl.json and demo-full-flow.sh)
Second review round on PR #125 (LP-0013):
- set_authority now rejects foreign-owned definitions. It takes the
ProgramContext and asserts definition_account.program_owner ==
self_program_id, matching mint and initialize_account. Without this a
foreign-owned account with token-shaped data could have its authority
field rewritten. Added test_set_authority_rejects_foreign_owned_definition.
- demo-full-flow.sh now calls instruction and flag names that exist in
the regenerated token IDL: new-fungible-definition (was the nonexistent
new-fungible-definition-with-authority), --total-supply (was
--initial-supply), and drops --authority-account for the self-authority
mint/set-authority path (the rest account is --authority-accounts and is
empty when the definition is its own authority).
- Stripped a trailing-space lint nit in docs/LP-0013-README.md.
- set_authority rejects all-zero new_authority on rotation (matches creation guard)
- SetAuthority/Mint doc comments now list the required authority signer account
- README: add --authority-account to mint/set-authority CLI examples,
correct error-code table to actual panic strings, make program ID build-dependent