From 54400763dbcc64bc955621298f0bada33b591f53 Mon Sep 17 00:00:00 2001
From: Armani Ferrante <armaniferrante@gmail.com>
Date: Sun, 27 Dec 2020 09:42:48 -0800
Subject: [PATCH] lockup, registry: Add zero address authorization check (#76)

---
 docs/lockups.md                             | 6 ++++--
 lockup/program/src/common/access_control.rs | 3 +++
 registry/src/access_control.rs              | 3 +++
 3 files changed, 10 insertions(+), 2 deletions(-)

diff --git a/docs/lockups.md b/docs/lockups.md
index 7702e37..19f7ab4 100644
--- a/docs/lockups.md
+++ b/docs/lockups.md
@@ -53,8 +53,10 @@ ahead of schedule, so it's important to take great care when whitelisting any pr
 
 This of course begs the question, who approves the whitelist? The **Lockup** program doesn't
 care. There simply exists an **authority** key that can, for example, be a democratic multisig,
-a single admin, or the program itself (in which case the authority ceases to exist). Whoever controls
-that key controls the whitelist. So when using the **Lockup** program, one should always be
+a single admin, or the zero address--in which case the authority ceases to exist, as the
+program will reject transactions signing from that address. Although the **authority** can never
+move a **Vesting** account's funds,  whoever controls the **authority** key
+controls the whitelist. So when using the **Lockup** program, one should always be
 cognizant of it's whitelist governance, which ultimately anchors one's trust in the program,
 if any at all.
 
diff --git a/lockup/program/src/common/access_control.rs b/lockup/program/src/common/access_control.rs
index c81d134..c284d4f 100644
--- a/lockup/program/src/common/access_control.rs
+++ b/lockup/program/src/common/access_control.rs
@@ -24,6 +24,9 @@ pub fn governance(
     if safe.authority != *safe_authority_acc_info.key {
         return Err(LockupErrorCode::Unauthorized.into());
     }
+    if safe.authority == Pubkey::new_from_array([0; 32]) {
+        return Err(LockupErrorCode::Unauthorized.into());
+    }
     Ok(safe)
 }
 
diff --git a/registry/src/access_control.rs b/registry/src/access_control.rs
index 286b404..dd66896 100644
--- a/registry/src/access_control.rs
+++ b/registry/src/access_control.rs
@@ -28,6 +28,9 @@ pub fn governance(
     if r.authority != *registrar_authority_acc_info.key {
         return Err(RegistryErrorCode::Unauthorized.into());
     }
+    if r.authority == Pubkey::new_from_array([0; 32]) {
+        return Err(RegistryErrorCode::Unauthorized.into());
+    }
     Ok(r)
 }