feat: contract payload validation rbac

[Oluwaseyi89]

Summary

Add validation layer for contract invocation payloads to prevent runtime failures and unsafe inputs, plus RBAC guards for privileged contract admin operations.

Linked Issue

Closes #854
Closes #853

Type of Change

• feat
• fix
• docs
• refactor
• test
• chore

Validation

• Lint passed for affected area(s)
• Tests passed for affected area(s)
• Manual verification completed (if applicable)

Documentation

• Documentation updated (or N/A with explanation)
• Screenshots/videos attached for UI changes

Checklist

• Branch name uses feat/, fix/, or docs/
• Commit messages follow Conventional Commits
• PR scope matches linked issue acceptance criteria

Closes #854
Closes #853