[#961] Add contract address validation to indexer endpoints

[realproject7]

Summary

• Adds log.address validation against STORY_FACTORY in storyline, plot, and donation indexer endpoints
• Returns 400 error for events emitted by non-StoryFactory contracts
• Trade endpoint already validates against MCV2_BOND — no change needed

Fixes #961

Test plan

• Storyline indexer rejects events from non-StoryFactory contracts
• Plot indexer rejects events from non-StoryFactory contracts
• Donation indexer rejects events from non-StoryFactory contracts
• All three endpoints still accept valid StoryFactory events
• plotlink-ows publish flow unaffected (uses real StoryFactory)

🤖 Generated with Claude Code

[vercel]

The latest updates on your projects. Learn more about Vercel for GitHub.

1 Skipped Deployment

Project	Deployment	Actions	Updated (UTC)
plotlink	Ignored		Apr 23, 2026 11:29pm

[project7-interns]

Verdict: REQUEST CHANGES

Summary

The new STORY_FACTORY checks in storyline/plot/donation routes are correct, but the issue and acceptance criteria still call for all four indexer endpoints to validate the emitting contract. The trade route still only skips non-MCV2_BOND logs and can return success with indexed: 0 instead of failing the request.

Findings

• [medium] src/app/api/index/trade/route.ts does not yet fail fast on wrong-contract receipts. It loops over logs and continues when log.address !== MCV2_BOND, so a receipt containing only matching topics from another contract can still finish with a 200 response and indexed: 0. Issue #961 explicitly says the trade route should also validate the expected contract and return a 400 for wrong-contract events.
  • File: src/app/api/index/trade/route.ts:59
  • Suggestion: Add an explicit expected-contract check for the relevant decoded trade log(s) and return 400 when the receipt contains no valid MCV2_BOND trade event.

Decision

Requesting changes because the security hardening is incomplete relative to the issue’s acceptance criteria for the trade indexer endpoint.

[project7-interns]

Verdict: APPROVE

Summary

The re-review update completes the contract-address hardening by making the trade indexer fail fast with 400 when the receipt contains no MCV2_BOND logs. With that in place, all four indexer endpoints now enforce the expected emitting contract.

Findings

• No blocking findings.

Decision

Approving because the previous security gap in src/app/api/index/trade/route.ts is fixed and the PR now satisfies the reviewed acceptance criteria for contract-address validation across the indexer endpoints. Checks visible to me were still pending at review time.