Description
Before committing any write, the store service should validate that the payload satisfies the structural and relational invariants of the target table: a TokenRequest payload must deserialize without error; a Transaction row must reference an existing Requests.tx_id; a TokenLock may only be created for a (tx_id, idx) that exists in Tokens and is not already held by a different consumer; a Wallet row's identity_hash must resolve to a registered identity. These checks prevent malformed, duplicate, or logically impossible records from corrupting vault state, audit trails, and balance calculations. Architects should be aware that exhaustive re-validation against large datasets (e.g., checking every existing token entry on each write) can impose significant latency penalties at scale. The recommended approach is to enforce cheap structural checks unconditionally, and to scope relational/cross-table checks to the minimum set of invariants whose violation would cause downstream correctness failures -- deferring expensive consistency sweeps to background reconciliation jobs rather than the hot write path.
*Short Summary
Table 1: Where Missing Checks Should Be Implemented
| Validation Type | DB Schema | Application Layer | Recommendation |
|----------------|-----------|-------------------|----------------|
| **Unique IDs** | ✅ Implemented | N/A | **Keep in DB** - Primary keys are perfect for this |
| **Referential Integrity** | ✅ Partial | N/A | **Add missing FKs in DB** - Cheap structural checks |
| **Required Fields** | ✅ Implemented | N/A | **Keep in DB** - NOT NULL is efficient |
| **Data Types** | ✅ Implemented | N/A | **Keep in DB** - Type system handles this |
| **TokenRequest Deserialization** | ❌ Can't do | ✅ **Add here** | **Application Layer** - Requires protobuf parser |
| **Signature Verification** | ❌ Can't do | ✅ **Add here** | **Application Layer** - Requires crypto library |
| **Identity Validation** | ❌ Can't do | ✅ **Add here** | **Application Layer** - Requires X.509/key parsing |
| **TokenLock Existence Check** | ✅ **Add FK** | ✅ **Add check** | **Both** - FK for structure, app for race conditions |
| **Cross-Table Consistency** | ❌ Too complex | ✅ **Add here** | **Application Layer** - Requires aggregations |
| **Business Logic** | ❌ Can't express | ✅ **Add here** | **Application Layer** - Requires custom rules |
| **PP Hash Validation** | ✅ **Add FK** | ✅ **Add check** | **Both** - FK for reference, app for hash matching |
Description
Before committing any write, the store service should validate that the payload satisfies the structural and relational invariants of the target table: a
TokenRequestpayload must deserialize without error; aTransactionrow must reference an existingRequests.tx_id; aTokenLockmay only be created for a(tx_id, idx)that exists inTokensand is not already held by a different consumer; aWalletrow'sidentity_hashmust resolve to a registered identity. These checks prevent malformed, duplicate, or logically impossible records from corrupting vault state, audit trails, and balance calculations. Architects should be aware that exhaustive re-validation against large datasets (e.g., checking every existing token entry on each write) can impose significant latency penalties at scale. The recommended approach is to enforce cheap structural checks unconditionally, and to scope relational/cross-table checks to the minimum set of invariants whose violation would cause downstream correctness failures -- deferring expensive consistency sweeps to background reconciliation jobs rather than the hot write path.*Short Summary
Table 1: Where Missing Checks Should Be Implemented