Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

[FEATURE] Migrate to Capability Controllers #120

Closed
austinkline opened this issue Jul 10, 2023 · 1 comment
Closed

[FEATURE] Migrate to Capability Controllers #120

austinkline opened this issue Jul 10, 2023 · 1 comment

Comments

@austinkline
Copy link
Collaborator

Issue to be solved

There are a few potential issues called out in Hybrid Custody due to the nature of capabilities and how they are currently obtained. For instance, giving ownership of one account to another isn't guaranteed to actually revoke auth account access from the previous owner because they could obtain a capability to the cap which would be provisioned when ownership is given away.

Capability Controllers prevent this type of behavior, and is an upgrade we will have to do for stable cadence anyway some time down the line.

Suggest A Solution

Migrate all uses of capabilities on the Hybrid Custody contract to use Capability Controllers instead of the current getCapability access pattern. FLIP for capcons can be found here:
onflow/flow#798

What are you currently working on that this is blocking?

Nothing. This is not strictly needed, but would make HC more secure

@sisyphusSmiling
Copy link
Collaborator

Closed by #164

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

No branches or pull requests

2 participants