[Security] Strict Environment Variable Structuring and Startup Validation

[AlAfiz]

Description: The application currently attempts to boot up even if essential operational environment variables (e.g., DATABASE_URL, STELLAR_RPC_URL, JWT_SECRET) are missing or incorrectly formatted, causing hard-to-debug runtime panics much later down the line.
Context / Motivation: Forcing a fast, descriptive crash during the boot sequence prevents unstable, partially configured server containers from executing in production environments.
Acceptance Criteria:

• Implement an initialization environment validation script that executes immediately upon server launch (npm run start).
• Define precise typing parameters for each expected variable (e.g., ensuring PORT is a valid number, DATABASE_URL matches a valid connection URI protocol).
• Gracefully exit the Node process with an explicit error log if any critical configuration value is missing.
  Technical Pointers: Use a tool like envalid or build a clean Zod schema configuration object (process.env parsing script) that parses and exports a strictly frozen, safe configuration object for use throughout the system.

[YfengJ]

Hi maintainers, I would like to apply for this issue if it is available.\n\nIf assigned, I will keep the change focused on startup configuration validation: define a typed env parsing layer for required operational variables, validate numeric/URL/secret formats with descriptive errors, fail fast before the server starts when critical config is missing or malformed, and update the app bootstrap to consume the validated config without spreading raw process.env access further. I will include focused tests for valid, missing, and malformed env cases.\n\nI will wait for maintainer or GrantFox assignment/confirmation before cloning, implementing, or opening a PR.

[nanaabdul1172]

Hello,
I'd like to work on this. I can add a startup-time environment validation layer using a Zod schema (or similar) that validates all required variables like DATABASE_URL, STELLAR_RPC_URL, JWT_SECRET, and ensures proper typing for values such as PORT.
The server will fail fast on boot with clear, actionable error logs if any configuration is missing or invalid, preventing delayed runtime failures. I’ll also export a strictly typed, frozen config object for safe usage across the application.
Kindly assign

[gloskull]

Hi, I would love to work on this Issue.
I have 4 years of experience delivering solutions for projects like this, covering backend, frontend, full-stack and smart contract development. After carefully reviewing your requirements, I have a clear understanding of the task and am confident in my ability to deliver a clean, efficient, and thoroughly tested solution on time. I prioritize code quality, maintainability, and industry best practices throughout the development process.
My PR will be submitted in under 10hours.