This guide explains how to use post-conditions to secure your smart contracts.
Post-conditions in Stacks transactions provide an additional layer of security. They ensure that transactions execute as expected without requiring the user to know the underlying smart contract code.
In Stacks.js, post-conditions can be constructed using the Pc helpers. These are inspired by Behavior Driven Development (BDD).
Start with the Pc.principal initializer to specify the address of the principal that will be verified in the post-condition. Then auto-complete the rest of the post-condition.
Post-conditions can be added to contract calls and FT/NFT transfers to ensure assets are transferred as specified.
For instance, the following post-condition ensures that the principal initiating the transaction must send exactly 1000 uSTX, or else the transaction will abort.
Essentially, the postConditionMode is what tells the Stacks node whether to require (Deny) or ignore (Allow) the post-conditions when evaluating the transaction.
Post-conditions can only ensure the transfer of assets and cannot guarantee the end-state after a transaction. To learn more, read the post-conditions guide.