-
Notifications
You must be signed in to change notification settings - Fork 9
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Stable cadence refactor #6
Conversation
Update: As of this writing, |
…able Add dependency audit contract
96be0ad
to
d00b755
Compare
d00b755
to
876e7d9
Compare
Codecov ReportAttention: Patch coverage is
Additional details and impacted files@@ Coverage Diff @@
## stable-cadence #6 +/- ##
=================================================
Coverage ? 83.89%
=================================================
Files ? 6
Lines ? 298
Branches ? 0
=================================================
Hits ? 250
Misses ? 48
Partials ? 0 ☔ View full report in Codecov by Sentry. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Seems pretty straightforward! Just had a couple questions
return self.delegatedUpdaters.keys | ||
} | ||
|
||
/// Allows for the delegation of contract updates as defined within the Updater resource | ||
/// | ||
access(all) fun delegate(updaterCap: Capability<&Updater>) { | ||
access(all) fun delegate(updaterCap: Capability<auth(UpdateContract) &Updater>) { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I'm assuming that the functions in this resource don't need entitlements since they require the capability to call, but I just wanted to flag just in case
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
That's right, only those that are currently entitled need to be privileged. delegate
and removeAsUpdater
can be public as they allow & remove delegation to this resource and those are necessarily called by the owner of the underyling Updater
since the caps are entitled.
let updaterPrivatePath = PrivatePath( | ||
identifier: "StagedContractUpdatesUpdater_".concat( | ||
let updaterCapStoragePath = StoragePath( | ||
identifier: "StagedContractUpdatesUpdaterCapability_".concat( |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Why did this string change?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
So here I replaced the deprecated private path with storage path. Since we no longer have private paths by which to manage issued capabilities, I instead store the issued capability in storage for easy traceability and revocation. Ultimately, what's stored at that path is no longer and Updater
but a capability on an Updater
, hence the change in path identifier.
Does that capability management scheme make sense or see any problems with that change?
Also, FWIW this contract isn't deployed on TN or MN but updating it here to diminish any tech debt and because the contract may be useful as reference.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
that all makes sense
Related: #1
This PR updates repo contents for Cadence 1.0 compatibility. While the
MigrationStagingContract
won't be used after 1.0 migration, staging and updating the contract will enhance auditability and transparency post-migration, enabling the migrated contracts can be validated against the code as staged. Migrating the contract also allows us to clean up the account after some time if need be.Refactors for
StagedContractUpdates
are also included. Although this contract was not used as a mechanism for migration as originally intended, others may still find it useful moving forward to coordinate updates to distributed contract system.