From 84ab4b8d98f811b2c89c392589df7f6ea3116d51 Mon Sep 17 00:00:00 2001 From: "BT.Wood(Tang Bo Hao)" Date: Thu, 28 Sep 2023 04:10:56 +0800 Subject: [PATCH] Fix: rotateAuthAccount failed when called twice (#154) When `giveOwnership` and `addOwnedAccount` are executed in the same transaction `rotateAuthAccount` will be called twice. However, during the second call, since authAcctPath is the same, it will cause `acct.linkAccount` to return `nil` as a result. Personal opinion, it would be better to change `HybridCustody` overall to CapCons coding style. --------- Co-authored-by: Giovanni Sanchez <108043524+sisyphusSmiling@users.noreply.github.com> --- .github/workflows/integration-tests.yml | 2 +- contracts/HybridCustody.cdc | 5 ++++- 2 files changed, 5 insertions(+), 2 deletions(-) diff --git a/.github/workflows/integration-tests.yml b/.github/workflows/integration-tests.yml index 957eb53..5b78929 100644 --- a/.github/workflows/integration-tests.yml +++ b/.github/workflows/integration-tests.yml @@ -20,7 +20,7 @@ jobs: with: go-version: 1.18 - name: Install Flow CLI - run: bash -ci "$(curl -fsSL https://raw.githubusercontent.com/onflow/flow-cli/master/install.sh)" -- v1.3.4 + run: bash -ci "$(curl -fsSL https://raw.githubusercontent.com/onflow/flow-cli/master/install.sh)" -- v1.4.4 - name: Run tests run: sh ./test.sh - name: Normalize coverage report filepaths diff --git a/contracts/HybridCustody.cdc b/contracts/HybridCustody.cdc index 5d526e2..139de49 100644 --- a/contracts/HybridCustody.cdc +++ b/contracts/HybridCustody.cdc @@ -1037,7 +1037,10 @@ pub contract HybridCustody { // NOTE: This path cannot be sufficiently randomly generated, an app calling this function could build a // capability to this path before it is made, thus maintaining ownership despite making it look like they // gave it away. Until capability controllers, this method should not be fully trusted. - let authAcctPath = "HybridCustodyRelinquished".concat(HybridCustody.account.address.toString()).concat(getCurrentBlock().height.toString()) + let authAcctPath = "HybridCustodyRelinquished_" + .concat(HybridCustody.account.address.toString()) + .concat(getCurrentBlock().height.toString()) + .concat(unsafeRandom().toString()) // ensure that the path is different from the previous one let acctCap = acct.linkAccount(PrivatePath(identifier: authAcctPath)!)! self.acct = acctCap