Once you finished developing your smart contract please go through the following list in order to ensure everything is safe for the end user.
- All private methods are decorated as
signerare used correctly through the entire contract.
- Each time the state grows it is ensured that there is enough balance to cover it
- All collections (i.e. Vector, Map, Tree, etc) have an unique id
- Check for underflow and overflow!. In rust, you can do this by simply adding the
overflow-checks = trueflag in your
- When sending money, you leave enough in the contract to cover the storage cost
- If you are tracking user's fund, you deduct them before sending them back to the user.
- All private callbacks are marked as
- All cross-contract calls have a callback that checks for errors and rolls back the state if necessary
- All cross-contract calls have a callback that checks for errors and returns money to the
- All the callbacks are given enough GAS to execute entirely
- The contract is not left in a exploitable state between a cross-contract call and its callback