feat(kyc): add revoke_kyc to clean up persistent storage on identity …

[Geff115]

Summary

Closes #251

Implements revoke_kyc, a new public function on the KycVerifier contract
that removes all persistent storage associated with a user's KYC identity when
it is revoked.

Motivation

Without explicit cleanup, revoked users leave behind a UserKyc(Address)
entry in Soroban's persistent storage indefinitely. This occupies rent-exempt
storage that is never reclaimed, growing the contract's ledger footprint
unnecessarily over time. This PR addresses that by calling
env.storage().persistent().remove() on revocation.

What changed

• lib.rs — Added revoke_kyc(env: Env, user: Address) to KycVerifier:

  • Retrieves admin from instance storage and calls admin.require_auth()
  • Guards against revoking a non-existent record (panics with a clear message)
  • Removes the UserKyc(Address) entry from persistent storage
  • Emits a kyc_rev event for auditability

• tests.rs — Added a test module covering:

  • ✅ test_revoke_kyc_removes_record — confirms is_kyc_valid returns false
    after revocation and the storage key is fully gone
  • ✅ test_revoke_kyc_panics_on_missing_record — confirms a helpful panic
    when no record exists for the given user
  • ✅ test_revoke_kyc_rejects_non_admin — confirms require_auth() blocks
    any caller that isn't the stored admin

Testing

cd src/kyc && cargo test

All 3 tests pass.

Notes

• The kyc_rev event symbol is 7 characters, within symbol_short!'s 9-char limit.
• Storage cleanup is immediate upon the call; no TTL extension is needed since
  the entry is being permanently deleted, not just left to expire.

[drips-wave]

@Geff115 Great news! 🎉 Based on an automated assessment of this PR, the linked Wave issue(s) no longer count against your application limits.

You can now already apply to more issues while waiting for a review of this PR. Keep up the great work! 🚀

Learn more about application limits