core: implement reentrancy guard across all mutating functions

[EmeditWeb]

Problem

None of the StepFi contracts implement a reentrancy
guard. A malicious contract could call back into
a StepFi contract during execution, potentially
draining funds or corrupting state.

Context

Reentrancy is one of the most common and damaging
smart contract vulnerabilities. Soroban contracts
can call other contracts and those contracts can
call back. Without a guard this is exploitable.

What To Build

1. Create a ReentrancyGuard in each contract.

2. Apply to ALL mutating functions in all 5 contracts.

3. Write tests that verify reentrancy is rejected.

Files To Touch

All 5 contract lib.rs, storage.rs, errors.rs, tests.rs files

Acceptance Criteria

• Every mutating function has reentrancy guard
• Reentrant calls return ContractError::Reentrant
• Tests verify guard works
• All existing tests still pass
• cargo build passes

Mandatory Checks Before PR

• cargo build passes
• All tests pass
• PR references this issue

[BigElv]

I would love to work on this

[deslawson]

I would like to work on implementing a comprehensive reentrancy guard across all StepFi contracts to prevent reentrant attacks and ensure state integrity. I will apply the guard to every mutating function, return ContractError::Reentrant on reentrant calls, and write tests verifying the protection works. I will also ensure all existing tests continue to pass, cargo build succeeds, and the pull request references this issue while meeting all acceptance criteria.

[grantfox-oss]

🦊 GrantFox — @deslawson has been assigned to this issue as part of the Official Campaign campaign!

Next steps:

1. Open a Pull Request referencing this issue (e.g., Closes #11)
2. Your PR will be reviewed by the StepFi-app maintainers

Good luck! Track your progress on GrantFox.

[grantfox-oss]

🎉 This issue has been marked as completed on GrantFox as part of the Official Campaign campaign!

@deslawson's PR #28 was approved and merged by @EmeditWeb.

🏆 @deslawson: You earned 35 FoxPoints for this contribution! Your current tier: Explorer (153 total points). Track your full progress on GrantFox.

👏 Great work, @deslawson! Keep contributing to StepFi-app.