From cbab587604e5b40df5b45001717ab88bd3bddb08 Mon Sep 17 00:00:00 2001 From: Hongrui Fang Date: Mon, 24 Oct 2022 18:44:26 +0800 Subject: [PATCH] better doc string for `authorityTokensValidIn` --- agora/Agora/AuthorityToken.hs | 12 ++++++++---- 1 file changed, 8 insertions(+), 4 deletions(-) diff --git a/agora/Agora/AuthorityToken.hs b/agora/Agora/AuthorityToken.hs index 10d4605..c259272 100644 --- a/agora/Agora/AuthorityToken.hs +++ b/agora/Agora/AuthorityToken.hs @@ -39,7 +39,14 @@ import Plutarch.Extra.Value (psymbolValueOf) -------------------------------------------------------------------------------- {- | Check that all GATs are valid in a particular TxOut. - How this is checked: an AuthorityToken should never leave + + WARNING: As of version 1.0.0, this has been weakened in order to be + compatible with RATs. The token name is no loger checked, meaning that a + GAT can escape from its effect script, if the effect script is vulnerable. + In order to prevent this, all effect scripts should be implemented carefully, + and ideally use the trusted effect base. See also 'Agora.Effect'. + + (before 1.0.0) How this is checked: an AuthorityToken should never leave the Effect it was initially sent to, so we simply check that the script address the token resides in matches the TokenName. Since the TokenName was tagged upon mint with the Effect script @@ -47,9 +54,6 @@ import Plutarch.Extra.Value (psymbolValueOf) In other words, check that all assets of a particular currency symbol are tagged with a TokenName that matches where they live. - As of version 1.0.0, this has been weakened in order to be compatible - with RATs. - @since 1.0.0 -} authorityTokensValidIn :: forall (s :: S). Term s (PCurrencySymbol :--> PTxOut :--> PBool)