Coding Standards & Best Practices

Smart Contracts (Solidity):

• Follow the Solidity Style Guide for naming conventions, visibility, and contract structure.

• Use OpenZeppelin libraries for ERC‑20/ERC‑721 standards and security utilities.

• Apply safety patterns: checks‑effects‑interactions, custom error types, explicit overflow checks.

• Document all public/external functions with NatSpec annotations (@param, @return, @notice).

Backend & API (TypeScript/Node.js):

• Enforce strict typing; avoid any type usages.

• Use RESTful or GraphQL schema definitions with explicit input validation (e.g., Zod schemas).

• Centralize environment configuration and secret management; never hardcode private keys.

• Log structured events (JSON) with correlation IDs for traceability.

Frontend (React/TypeScript):

• Adhere to React component best practices: functional components, hooks, and state management via Context or Redux.

• Enforce CSS-in-JS or Tailwind CSS utility classes for design consistency.

• Prioritize accessibility (ARIA roles, keyboard navigation) and responsive design.

• Write unit tests for all components and critical utility functions.

General Practices:

• Commit messages must follow the Conventional Commits specification.

• Perform dependency vulnerability audits regularly (npm audit, cargo audit).

• Maintain an up‑to‑date CHANGELOG.md with semantic versioning.