These offer additional security to ensure a transaction was executed as expected.
More precisely, adding post-conditions to a transaction can ensure that:
STX tokens were transferred from an address
FTs/NFTs were transferred from an address
Post-conditions aren't perfect. They can't say anything about the end-state after a transaction. In other words, they can't guarantee the receipt of FTs/NFTs, since they only check for sending.
Here's an example of a post-condition where the principal must send 1000 uSTX, or else the transaction will abort:
In addition to the post-condition itself, we can also specify a mode for the transaction to verify asset transfers.
The mode can be either Allow or Deny.
Allow means that the transaction can transfer any asset (assuming no conflicting post-conditions).
Deny means the transaction will fail if any asset transfers (not specified in the post-conditions) are attempted.
In either case, all post-conditions will still be checked.
By default, transactions are set to Deny mode for additional security.