lockup, registry: Add zero address authorization check (#76)

docs/lockups.md

@@ -53,8 +53,10 @@ ahead of schedule, so it's important to take great care when whitelisting any pr
 
 This of course begs the question, who approves the whitelist? The **Lockup** program doesn't
 care. There simply exists an **authority** key that can, for example, be a democratic multisig,
-a single admin, or the program itself (in which case the authority ceases to exist). Whoever controls
-that key controls the whitelist. So when using the **Lockup** program, one should always be
+a single admin, or the zero address--in which case the authority ceases to exist, as the
+program will reject transactions signing from that address. Although the **authority** can never
+move a **Vesting** account's funds,  whoever controls the **authority** key
+controls the whitelist. So when using the **Lockup** program, one should always be
 cognizant of it's whitelist governance, which ultimately anchors one's trust in the program,
 if any at all.
 

lockup/program/src/common/access_control.rs

@@ -24,6 +24,9 @@ pub fn governance(
     if safe.authority != *safe_authority_acc_info.key {
         return Err(LockupErrorCode::Unauthorized.into());
     }
+    if safe.authority == Pubkey::new_from_array([0; 32]) {
+        return Err(LockupErrorCode::Unauthorized.into());
+    }
     Ok(safe)
 }
 

registry/src/access_control.rs

@@ -28,6 +28,9 @@ pub fn governance(
     if r.authority != *registrar_authority_acc_info.key {
         return Err(RegistryErrorCode::Unauthorized.into());
     }
+    if r.authority == Pubkey::new_from_array([0; 32]) {
+        return Err(RegistryErrorCode::Unauthorized.into());
+    }
     Ok(r)
 }