Test suite

The suite does well regarding happy-path correctness — every main flow (initiate → redeem, initiate → refund, instant refund) is exercised, and each custom abort code appears in at least one negative test.

What is missing is more of an adversarial lens. No test front-runs a pending swap with a 1-unit dust order to demonstrate the EDuplicateOrder denial of service, refund-signature replay, or extreme range timelocks (u256::MAX). Additionally, adding some lightweight fuzzing of secret_hash, amount, and timelock would move coverage from honest misuse to a more grounded real-world stress test.