[MEDIUM] Hardcoded testnet secret key in CI workflow

[DeFiVC]

Description

In .github/workflows/ci.yml:50, STELLAR_PLATFORM_SECRET is committed in plaintext. Even for testnet, secrets should use GitHub Actions encrypted secrets to follow security best practices.

Impact

Testnet private key exposed in repository history. If reused on mainnet, funds could be compromised.

File

.github/workflows/ci.yml:50

Suggested Fix

Use GitHub Actions encrypted secrets: ${{ secrets.STELLAR_PLATFORM_SECRET }}

[Menjay7]

Hi! I came across this issue and would love to work on it. I have experience with similar tasks and I'm confident I can investigate, implement a clean solution, and thoroughly test it before submitting a PR. If the issue is still open, I would appreciate it if you could assign it to me. Thank you!

[naninu123]

Hi, interested in tackling this one.

Been working through GrantFox. 9 PRs merged including security fixes and backend features.

Will check the codebase, identify the gap, and deliver a clean PR following existing conventions.

Good to start.

[GBOYEE]

/claim #35

[gloskull]

Hello, I have 4 years of experience delivering solutions for projects like this, covering backend, frontend, and smart contract development. After carefully reviewing your requirements, I have a clear understanding of the task and am confident in my ability to deliver a clean, efficient, and thoroughly tested solution on time. I prioritize code quality, maintainability, and industry best practices throughout the development process.
My PR will be submitted in under 10hours.

[stiven-skyward]

Hi! As an engineer accustomed to managing cloud infrastructure, securing CI/CD workflows and handling secrets is second nature to me. I can quickly remove the hardcoded testnet secret key and configure the pipeline to securely inject it via environment secrets. I'll submit a PR within 24 hours. Best, Stiven.