feat: harden recurring bill date arithmetic overflow handling

[Ceejaytech25]

PR Description

Title: feat: harden recurring bill date arithmetic overflow handling

Description

This PR addresses issue #268 by implementing safe date arithmetic and constraints for recurring bill generation. The current implementation used unchecked addition (+) and multiplication (*), which could have potentially overflowed u64 if due_date or frequency_days were extreme. This hardening prevents invalid future due dates and ensures contract robustness against boundary timestamp overflows.

Key Changes

• Constants: Added MAX_FREQUENCY_DAYS (36,500 days, or ~100 years) and SECONDS_PER_DAY (86,400) to bill_payments/src/lib.rs.
• Validation: Updated create_bill to enforce 0 < frequency_days <= MAX_FREQUENCY_DAYS, preventing absurdly long recurrence periods from being created.
• Safe Arithmetic: Replaced unchecked operations in pay_bill and pay_batch_bills with checked_add and checked_mul. Overflow cases now return Error::InvalidDueDate or Error::InvalidFrequency.
• Documentation:
  • Updated README.md with the new frequency constraints and error behaviors.
  • Added NatSpec-style comments to create_bill and pay_bill in lib.rs.

Testing

• Added internal tests in lib.rs:
  • test_create_bill_max_frequency_exceeded: Verifies frequency constraint enforcement.
  • test_pay_bill_date_overflow_protection: Confirms rejection of u64::MAX boundary overflows.
• Added stress tests in bill_payments/tests/stress_test_large_amounts.rs:
  • test_recurring_bill_max_frequency: Boundary-value check for 100 years.
  • test_recurring_bill_date_overflow_protection: Stress test for date overflow on recurrence.

Security Assumptions Validated

• No u64 overflow possible during recurring bill generation.
• Maximum recurrence period capped at 100 years to prevent absurd pattern creation.
• All date-related calculations use checked operations with proper error escalation.

Closes #268