Bohao | Flow (2024-05-02)
I also have a question about Account Linking.
For a Public Account (accout reference by
getAccount) in a contract (that means unable to use specialized methods like getAuthAccount in script), is it possible to determine whether it has an existing linked Account Capability?
(The OwnedAccountPublic Capability can indeed be queried using forEachPublic, but using the link Account Capability does not mean using HybridCustody.)
Purpose: Determine if this address is under third-party control.30 Replies
I've created a thread for your message. Please continue any relevant discussion in this thread.
You can rename this thread using
/title <new title>
If this is a technical question that others may benefit from, considering also asking it on Stackoverflow: https://stackoverflow.com/questions/ask?tags=onflow-cadencecc @Austin | flowty.io @Bastian | Cadence @Giovanni S | Flow
Unknown User•6mo ago
Message Not Public
Sign In & Join Server To View
No, my goal is just the last sentence. As long as this goal is achieved, it's fine.
But this must be in the contract, it is a utility method in the contract.
This is a judgment of security requirements,
Sometimes you may want to know if the address is fully controlled by oneself.
Unknown User•6mo ago
Message Not Public
Sign In & Join Server To View
It's exactly what I'm worried about...
I can only determine whether it holds OwnedAccountPublic at most.
Unknown User•6mo ago
Message Not Public
Sign In & Join Server To View
Because it is a utility method in a contract...
Unknown User•6mo ago
Message Not Public
Sign In & Join Server To View
Yeah, making branch decisions based on the result of this judgment.
This is obviously a view fun.
Unknown User•6mo ago
Message Not Public
Sign In & Join Server To View
Yeah... The current limit is knowing whether HC is being used.
It is not possible to determine from the perspective of the Contract method whether the address is being used by a third party. (That means whether some account capabilities exist)
Do you want to be able to check this for any account, without it needing to be prepared for that check? Or is it sufficient that the owner of the account deployed a contract to their account that you can then use to check that account?
Unknown User•6mo ago
Message Not Public
Sign In & Join Server To View
Obviously we need to consider C1.0...
Unknown User•6mo ago
Message Not Public
Sign In & Join Server To View
I think it should be any account...
This is obviously a view fun type of query... and it is mainly used to determine the security status of the account...
Some DeFi-like business behaviors may require judging whether
self.owner has been controlled by a third party in resources to ensure security.
My use case here is that I hope this address is complete without keys and uncontrollable (in a completely uncontrollable state).Unknown User•6mo ago
Message Not Public
Sign In & Join Server To View
Yeah
This judgment needs to be completed in the contract.
It must be uncontrollable.
Unknown User•6mo ago
Message Not Public
Sign In & Join Server To View
This is a very common declaration of no control in other public chains.
You can understand it this way, this resource is safe at this address because the address cannot be controllable, so you can play freely.
For now you need to deploy a contract to the account, but we could also consider exposing this as a built-in, it seems valuable
Unknown User•6mo ago
Message Not Public
Sign In & Join Server To View
Sorry, what do you mean?
It could be part of the larger discussion around the functionality for locking down accounts more. For example, currently you can make contracts only immutable if you remove all keys. But with account capability controllers, there’s still a way to add back keys or change contracts
I'll put it in a different way.
This is more common in scenarios similar to memecoin on some other public chains. For example, I issued an asset and then moved all ownership or something like that.
Here corresponds to an address in Cadence where this resource is in a completely uncontrollable state.
In fact, it is only judged in the Resource contract whether the address (
self.owner) is uncontrollable.
This address also can be just a user address, but yeah, it is more about determining the service account and there may not be a contract deployed in it (Just need to have resources in the address).
This is where it differs from other public chains.
As long as there are resources in the address, any address can become a service address.
I found that this is also an advantage of Cadence compared to other public chains 😆
Other public chains require the address with deployed contracts to become a service address, but we can easily create a three-party service model.
Platform -> Building Contract -> Service Platform
Creator / Devs -> Use platform -> Setup Service Resource in an Account -> Act a Service provider
User -> use ServiceGood callout, anyone should be able to identify if an account can be controlled whether by key or account capability
Unknown User•6mo ago
Message Not Public
Sign In & Join Server To View
True. Still the pattern that currently exists for checking if an account cap exists has no analogue in 1.0. Might be worth adding a method on
Capabilities like
which should be possible to call on an unentitled account@Bohao | Flow could you please open a feature request issue for this in the Cadence GitHub repo?
I think it’s difficult to implement a truly complete solution for this, because even when knowing that there are no controllers, there still might be a contract in the account that provides equivalent functions
GitHub
Add an unentitled way to identify if an account be controlled by ac...
Issue to be solved The current exposed interface of the account cannot allow anyone to know whether the address has an Account Capability. This will make it impossible to implement some logic that ...