Skip to content

[7] Add initialize check to all contract functions #7

Open
Open
[7] Add initialize check to all contract functions#7
Labels
contractsmediumsafety

Description

@EmeditWeb
EmeditWeb
opened on May 13, 2026

Problem

Public functions that read from persistent storage will panic with a VM trap if invoked before initialize() has been called. There is no is_initialized() guard, so any deploy-without-init race condition produces opaque failures rather than a clear NotInitialized error.

Context

The API frontend retries on transient errors. A panic on uninitialized state looks transient — but it isn't. Wrapping every public read with a typed init check lets the API surface a clear "contract not initialized" message and stop retrying.

Before Starting

Read these context files first:

  • context/architecture-context.md
  • context/code-standards.md
  • context/progress-tracker.md
  • contracts/*/src/lib.rs

What To Build

  1. Add pub fn is_initialized(env: &Env) -> bool helper in each contract's lib.rs that checks env.storage().instance().has(&StorageKey::Admin).
  2. At the top of every public function (mutating or read-only) that touches persistent storage, add: if !Self::is_initialized(&env) { return Err(ContractError::NotInitialized); }.
  3. Exclude initialize() itself and any pure helper that doesn't read storage.
  4. Add ContractError::NotInitialized = 1 variant in errors.rs if missing.
  5. Write one regression test per contract that calls a getter before initialize and asserts NotInitialized.
  6. Document the convention in code-standards.md.

Files To Touch

  • All 5 contracts/*/src/lib.rs
  • All 5 contracts/*/src/errors.rs
  • All 5 contracts/*/src/tests.rs
  • context/code-standards.md

Acceptance Criteria

  • Every public function that reads storage starts with an is_initialized check
  • ContractError::NotInitialized exists in all 5 error enums
  • 5 regression tests pass
  • No existing tests fail
  • code-standards.md documents the convention

Mandatory Checks Before PR

  • cargo build passes with zero errors
  • cargo test — all 93 existing tests still pass
  • require_auth() is FIRST line of every mutating function
  • extend_ttl() called after EVERY persistent storage write
  • New unit tests written for every new function
  • context/progress-tracker.md updated

Metadata

Metadata

Assignees

No one assigned

    Labels

    contractsmediumsafety

    Type

    No type

    Fields

    No fields configured for issues without a type.

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions