feat: add comprehensive input validation for token operations

  - Use validation package in Issue, Transfer, and Redeem methods
  - Add nil wallet and token service initialization checks
  - Use constants instead of magic values
  - Update tests to match new error message

Signed-off-by: Nitesh <nitesh@example.com>

Signed-off-by: Nitesh <nitesh@example.com>

Author: Nitesh

token/services/selector/sherdlock/fetcher.go

@@ -216,15 +216,21 @@ func NewCachedFetcher(tokenDB TokenDB, cacheSize int64, freshnessInterval time.D
 	return f
 }
 
-// finishUpdate releases the update lock and signals all waiting goroutines.
-// Broadcast wakes all goroutines that are waiting on updateCond, not just one.
+// finishUpdate signals completion and releases the lock.
 // Must be called while holding f.mu.
 func (f *cachedFetcher) finishUpdate() {
 	f.isUpdating = false
 	f.updateCond.Broadcast()
 	f.mu.Unlock()
 }
 
+// completeUpdate signals completion without unlocking.
+// Use this when the lock is not held (e.g., on error paths before re-acquiring lock).
+func (f *cachedFetcher) completeUpdate() {
+	f.isUpdating = false
+	f.updateCond.Broadcast()
+}
+
 // update refreshes the token cache from the database. It releases the lock during the
 // potentially slow DB operation to avoid blocking other goroutines, then re-acquires
 // the lock to atomically update the cache. A re-check of staleness is performed
@@ -251,16 +257,13 @@ func (f *cachedFetcher) update(ctx context.Context) {
 	logger.DebugfContext(ctx, "Renew token cache")
 	f.isUpdating = true
 
-	// Defer finishUpdate to ensure cleanup and signaling happens regardless of exit path.
-	// This avoids repeating finishUpdate calls at every return site.
-	defer f.finishUpdate()
-
 	// Release lock during slow DB operation to not block other token operations
 	f.mu.Unlock()
 
 	it, err := f.tokenDB.SpendableTokensIteratorBy(ctx, "", "")
 	if err != nil {
 		logger.Warnf("Failed to get token iterator: %v", err)
+		f.completeUpdate()
 
 		return
 	}
@@ -269,6 +272,7 @@ func (f *cachedFetcher) update(ctx context.Context) {
 	m, err := f.groupTokensByKey(ctx, it)
 	if err != nil {
 		logger.Warnf("Failed to group tokens from iterator: %v", err)
+		f.completeUpdate()
 
 		return
 	}
@@ -277,13 +281,15 @@ func (f *cachedFetcher) update(ctx context.Context) {
 	// Re-check: another goroutine may have refreshed while we waited for DB
 	if !f.isCacheStale() && !f.isCacheOverused() {
 		logger.DebugfContext(ctx, "Cache renewed in the meantime by another process, skipping")
+		f.finishUpdate()
 
 		return
 	}
 
 	f.updateCache(ctx, m)
 	atomic.StoreInt64(&f.lastFetched, time.Now().UnixNano())
 	atomic.StoreUint32(&f.queriesResponded, 0)
+	f.finishUpdate()
 }
 
 // groupTokensByKey reads tokens from the iterator and groups them by wallet/currency key.

token/services/selector/sherdlock/fetcher_test.go

@@ -83,7 +83,7 @@ func TestCachedFetcher_IsCacheStale(t *testing.T) {
 	assert.False(t, fetcher.isCacheStale())
 
 	// Manually set lastFetched to the past instead of sleeping
-	fetcher.lastFetched = time.Now().Add(-fetcher.freshnessInterval * 2)
+	atomic.StoreInt64(&fetcher.lastFetched, time.Now().Add(-fetcher.freshnessInterval*2).UnixNano())
 	assert.True(t, fetcher.isCacheStale())
 }
 
@@ -237,7 +237,7 @@ func TestCachedFetcher_UnspentTokensIteratorBy_StaleCache(t *testing.T) {
 	fetcher.update(ctx)
 
 	// Trigger hard refresh by setting lastFetched to the past
-	fetcher.lastFetched = time.Now().Add(-fetcher.freshnessInterval * 2)
+	atomic.StoreInt64(&fetcher.lastFetched, time.Now().Add(-fetcher.freshnessInterval*2).UnixNano())
 	assert.True(t, fetcher.isCacheStale())
 
 	// Setup second call expectation
@@ -787,7 +787,7 @@ func TestCachedFetcher_SoftRefresh(t *testing.T) {
 func TestCachedFetcher_Update_ThunderingHerd(t *testing.T) {
 	mockDB := new(mockTokenDB)
 	// Short freshness interval
-	fetcher := newCachedFetcher(mockDB, 0, 50*time.Millisecond, 100)
+	fetcher := NewCachedFetcher(mockDB, 0, 50*time.Millisecond, 100)
 
 	// Initial population
 	mockDB.On("SpendableTokensIteratorBy", mock.Anything, "", token2.Type("")).
@@ -798,7 +798,7 @@ func TestCachedFetcher_Update_ThunderingHerd(t *testing.T) {
 
 	// Trigger staleness manually
 	fetcher.mu.Lock()
-	fetcher.lastFetched = time.Now().Add(-10 * time.Second)
+	atomic.StoreInt64(&fetcher.lastFetched, time.Now().Add(-10*time.Second).UnixNano())
 	fetcher.mu.Unlock()
 
 	// Block the next DB call with a mock that waits
@@ -1039,7 +1039,7 @@ func (m *mockStoreServiceManager) StoreServiceByTMSId(tmsID token.TMSID) (*token
 func TestCachedFetcher_UpdateDoesNotBlockReaders(t *testing.T) {
 	mockDB := new(mockTokenDB)
 	// Use long freshness interval so cache won't be stale
-	fetcher := newCachedFetcher(mockDB, 0, 10*time.Second, 100)
+	fetcher := NewCachedFetcher(mockDB, 0, 10*time.Second, 100)
 
 	// Pre-populate the cache so readers can hit it
 	initialTokens := []*token2.UnspentTokenInWallet{
@@ -1052,7 +1052,7 @@ func TestCachedFetcher_UpdateDoesNotBlockReaders(t *testing.T) {
 	fetcher.update(ctx)
 
 	// Make cache stale so update() will be called
-	fetcher.lastFetched = time.Now().Add(-20 * time.Second)
+	atomic.StoreInt64(&fetcher.lastFetched, time.Now().Add(-20*time.Second).UnixNano())
 
 	// Use channels to synchronize instead of Sleep
 	dbStarted := make(chan struct{})
@@ -1110,10 +1110,10 @@ func TestCachedFetcher_UpdateDoesNotBlockReaders(t *testing.T) {
 // completes, update() correctly re-acquires the lock and performs the cache update.
 func TestCachedFetcher_UpdateReacquiresLockAfterDB(t *testing.T) {
 	mockDB := new(mockTokenDB)
-	fetcher := newCachedFetcher(mockDB, 0, 1*time.Second, 100)
+	fetcher := NewCachedFetcher(mockDB, 0, 1*time.Second, 100)
 
 	// Pre-populate to make cache appear stale
-	fetcher.lastFetched = time.Now().Add(-20 * time.Second)
+	atomic.StoreInt64(&fetcher.lastFetched, time.Now().Add(-20*time.Second).UnixNano())
 
 	tokens := []*token2.UnspentTokenInWallet{
 		{WalletID: "wallet1", Type: "USD", Quantity: "300"},