Summary:
Require explicit address authorization for any action that moves assets or mutates protected state.
Acceptance Criteria:
Use env.require_auth(&address).
Confirm authorization before mutation.
Tests include unauthorized caller attempts.
Notes:
Place authorization near the top of each transactional function.
Summary:
Require explicit address authorization for any action that moves assets or mutates protected state.
Acceptance Criteria:
Use env.require_auth(&address).
Confirm authorization before mutation.
Tests include unauthorized caller attempts.
Notes:
Place authorization near the top of each transactional function.