All three contracts independently reimplement near-identical patterns: an assert_initialized guard checking a KEY_INIT symbol, an AlreadyInitialized/NotInitialized/Unauthorized/InvalidAmount/ArithmeticOverflow error enum with the same first five variants and discriminants, and a get_admin/require-auth-on-admin pattern (compare fee_collector/src/lib.rs lines 214-219, token_bridge/src/lib.rs lines 202-207).
Extracting a shared internal crate (or at least shared macros/helpers) for these common primitives would reduce triplicated logic, make future security fixes (like the missing-auth issue on collect_fee) apply consistently across contracts, and shrink each lib.rs. This is a refactor best scoped after the missing-auth and validation issues are resolved so the shared code captures the corrected behavior.
All three contracts independently reimplement near-identical patterns: an
assert_initializedguard checking aKEY_INITsymbol, anAlreadyInitialized/NotInitialized/Unauthorized/InvalidAmount/ArithmeticOverflowerror enum with the same first five variants and discriminants, and aget_admin/require-auth-on-admin pattern (comparefee_collector/src/lib.rslines 214-219,token_bridge/src/lib.rslines 202-207).Extracting a shared internal crate (or at least shared macros/helpers) for these common primitives would reduce triplicated logic, make future security fixes (like the missing-auth issue on collect_fee) apply consistently across contracts, and shrink each
lib.rs. This is a refactor best scoped after the missing-auth and validation issues are resolved so the shared code captures the corrected behavior.