Comments (2)
I think one of the safe guards intended in the original ERC-1155 is against the operator submitting "wrong" originated address for the transaction.
Proposed approach might work, but it does not safeguard from the operator mistake. The operator still can submit originated contract as destination, by providing its hash.
from smart-contracts.
I'm not sure I understand. A user-agent should not allow a KT1 contract address to be provided as a key_hash, under normal circumstances.
Are you suggesting that a user might know how to base58check-reencode KT1 addresses as tz1/2/3, yet might not realize that this is a completely unconventional thing to do?
IMO we can expect that the meaning of the key_hash
type is understood (either by users or by user-agents.) Note that one can already send tez to a bogus key_hash! Of course, for tez, there is no other way it could be, while for tokens you could decide to only support contracts as receivers.
I do think the position that a safety check should always be performed is interesting, and possibly viable. The downside, of course, is that everyone must deploy (or at least interact with) a receiver contract.
from smart-contracts.
Related Issues (20)
- Passing lambda into Balance_of entry point can be exploited to spoof a receiver
- Multi_asset safety check in spec, LIGO HOT 17
- Implement a new multisig contract
- MAC specifications - Milestones
- add_operator should handle implicit accounts
- Make implicit account whitelisting part of the explicit specification HOT 1
- Forwarder with whitelist and transfer check HOT 1
- FA1.4 HOT 2
- FA2 Documentation Review HOT 1
- Write up wrapper
- Write up wrapper examples and other FA2 details
- Make `pause` more fine grained on multi assets implementation
- Integrate TZIP-20 off-chain events for Mint / Burn / Origination
- publish as a node package? HOT 1
- Path issue when running tests HOT 2
- Can't Seem To Find Entrypoint for fa2_nft_asset
- Missing Example/Test-Case: Mint NFTs with Different Sets of Metadata and Retrieve That Metadata HOT 5
- Support for JsLIGO, PascaLIGO, and/or ReasonLIGO HOT 1
- FA2 update
- Calling `Balance_of` (or `get_balance`) from CameLIGO test HOT 10
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from smart-contracts.