Gate price and registry mutations behind the pause flag

[mikewheeleer]

Harden the pause gate to cover all state-changing entrypoints

Description

Only record_usage and settle consult the Paused flag in contracts/escrow/src/lib.rs. Admin mutations — set_service_price, register_service/unregister_service, set_service_disabled, set_service_metadata, set_agent_allowed, the per-call bounds setters — all still execute while the contract is paused. A pause is meant to be a global emergency stop, so config can still drift during an incident. This issue extends the pause gate consistently.

Requirements and context

• Repository scope: Agentpay-Org/Agentpay-contracts only.
• Decide and document a clear policy: which entrypoints must respect pause (all state mutations) and which intentionally bypass it (e.g. unpause must always work; propose_admin_transfer may be argued either way).
• Add the ContractPaused (#4) guard to the entrypoints that should respect pause, via a shared ensure_not_paused helper to avoid drift.
• Keep unpause and read entrypoints unaffected.
• Document the matrix in docs/escrow/security.md.

Suggested execution

• Fork the repo and create a branch
• git checkout -b security/contracts-23-pause-gate-coverage
• Implement changes
  • Write code in: contracts/escrow/src/lib.rs — ensure_not_paused helper applied across admin mutations.
  • Write comprehensive tests in: contracts/escrow/src/test.rs — each gated entrypoint panics #4 while paused, and unpause still works.
  • Add documentation: document the pause matrix.
  • Include NatSpec-style doc comments (///) matching the existing style in lib.rs.
  • Validate security: emergency stop truly halts state drift.
• Test and commit

Test and commit

• Run cargo fmt --all -- --check, cargo build, and cargo test.
• Cover edge cases: pause then attempt each mutation, unpause still callable, reads unaffected.
• Include the full cargo test output and a short security notes section in the PR description.

Example commit message

security: extend pause gate to all state-changing entrypoints

Guidelines

• Minimum 95 percent test coverage for impacted modules.
• Clear, reviewer-focused documentation.
• Timeframe: 96 hours.

Community & contribution rewards

• 💬 Join the AgentPay community on Discord for questions, reviews, and faster merges: https://discord.gg/eXvRKkgcv
• ⭐ This is a GrantFox OSS / Official Campaign task and may be rewarded. When your PR is merged you'll be prompted to rate the project — if this issue and the maintainers helped you ship, we'd be grateful for a 5-star rating. Clear questions in Discord and tidy, well-tested PRs are the fastest path to a merge and a reward.