As Andrei points out in his book ("The D Programming Language") contracts are not used to validate/scrub user (or any external) input as they can be compiled out of the executable.Contracts are there to check sanity at compile time, or at the very least during testing.The contract is (or should be) part of the documentation.You are correct. I will have to check out his book.
Be sure to check out the errata page http://erdani.com/tdpl/errata/
