Refs #42
PR: feat(cli): wire scanner → router → builder → simulator pipeline (feat/17-cli-e2e-pipeline)
Commit: latest on feat/17-cli-e2e-pipeline
File: crates/charon-cli/src/main.rs (env::var("BOT_SIGNER_KEY") call)
Problem:
All environment variable names used in this codebase follow the CHARON_ prefix convention (e.g. CHARON_CONFIG). PR #42 introduces BOT_SIGNER_KEY — unprefixed.
This creates three risks:
- Namespace collision in multi-service Docker compose environments where other services may export a generic BOT_SIGNER_KEY.
- Operator confusion — an operator configuring the bot expects CHARON_-prefixed names and will not find this in documentation or env discovery.
- The env var is not declared in config/default.toml as an ${ENV_VAR} placeholder per the project secret-substitution convention. A raw std::env::var call in main.rs bypasses the documented config surface and cannot be discovered by reading default.toml.
Impact: Operational misconfiguration risk; silent key collision in compose stacks; key absent from documented config surface.
Fix: Rename to CHARON_SIGNER_KEY. Add a reference as signer_key = "${CHARON_SIGNER_KEY}" to the [bot] section of config/default.toml and read it through the Config struct rather than a raw env lookup in main.
Refs #42
PR: feat(cli): wire scanner → router → builder → simulator pipeline (feat/17-cli-e2e-pipeline)
Commit: latest on feat/17-cli-e2e-pipeline
File: crates/charon-cli/src/main.rs (env::var("BOT_SIGNER_KEY") call)
Problem:
All environment variable names used in this codebase follow the CHARON_ prefix convention (e.g. CHARON_CONFIG). PR #42 introduces BOT_SIGNER_KEY — unprefixed.
This creates three risks:
Impact: Operational misconfiguration risk; silent key collision in compose stacks; key absent from documented config surface.
Fix: Rename to CHARON_SIGNER_KEY. Add a reference as signer_key = "${CHARON_SIGNER_KEY}" to the [bot] section of config/default.toml and read it through the Config struct rather than a raw env lookup in main.