You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
There are a few potential issues called out in Hybrid Custody due to the nature of capabilities and how they are currently obtained. For instance, giving ownership of one account to another isn't guaranteed to actually revoke auth account access from the previous owner because they could obtain a capability to the cap which would be provisioned when ownership is given away.
Capability Controllers prevent this type of behavior, and is an upgrade we will have to do for stable cadence anyway some time down the line.
Suggest A Solution
Migrate all uses of capabilities on the Hybrid Custody contract to use Capability Controllers instead of the current getCapability access pattern. FLIP for capcons can be found here: onflow/flow#798
What are you currently working on that this is blocking?
Nothing. This is not strictly needed, but would make HC more secure
The text was updated successfully, but these errors were encountered:
Issue to be solved
There are a few potential issues called out in Hybrid Custody due to the nature of capabilities and how they are currently obtained. For instance, giving ownership of one account to another isn't guaranteed to actually revoke auth account access from the previous owner because they could obtain a capability to the cap which would be provisioned when ownership is given away.
Capability Controllers prevent this type of behavior, and is an upgrade we will have to do for stable cadence anyway some time down the line.
Suggest A Solution
Migrate all uses of capabilities on the Hybrid Custody contract to use Capability Controllers instead of the current
getCapability
access pattern. FLIP for capcons can be found here:onflow/flow#798
What are you currently working on that this is blocking?
Nothing. This is not strictly needed, but would make HC more secure
The text was updated successfully, but these errors were encountered: