lockup, registry: Add zero address authorization check (#76)
This commit is contained in:
parent
278f2d9be1
commit
54400763db
|
@ -53,8 +53,10 @@ ahead of schedule, so it's important to take great care when whitelisting any pr
|
|||
|
||||
This of course begs the question, who approves the whitelist? The **Lockup** program doesn't
|
||||
care. There simply exists an **authority** key that can, for example, be a democratic multisig,
|
||||
a single admin, or the program itself (in which case the authority ceases to exist). Whoever controls
|
||||
that key controls the whitelist. So when using the **Lockup** program, one should always be
|
||||
a single admin, or the zero address--in which case the authority ceases to exist, as the
|
||||
program will reject transactions signing from that address. Although the **authority** can never
|
||||
move a **Vesting** account's funds, whoever controls the **authority** key
|
||||
controls the whitelist. So when using the **Lockup** program, one should always be
|
||||
cognizant of it's whitelist governance, which ultimately anchors one's trust in the program,
|
||||
if any at all.
|
||||
|
||||
|
|
|
@ -24,6 +24,9 @@ pub fn governance(
|
|||
if safe.authority != *safe_authority_acc_info.key {
|
||||
return Err(LockupErrorCode::Unauthorized.into());
|
||||
}
|
||||
if safe.authority == Pubkey::new_from_array([0; 32]) {
|
||||
return Err(LockupErrorCode::Unauthorized.into());
|
||||
}
|
||||
Ok(safe)
|
||||
}
|
||||
|
||||
|
|
|
@ -28,6 +28,9 @@ pub fn governance(
|
|||
if r.authority != *registrar_authority_acc_info.key {
|
||||
return Err(RegistryErrorCode::Unauthorized.into());
|
||||
}
|
||||
if r.authority == Pubkey::new_from_array([0; 32]) {
|
||||
return Err(RegistryErrorCode::Unauthorized.into());
|
||||
}
|
||||
Ok(r)
|
||||
}
|
||||
|
||||
|
|
Loading…
Reference in New Issue