Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Suggestion: Add 2 methods for admin transfer in solana contracts #102

Open
dhruvja opened this issue Sep 17, 2024 · 1 comment
Open

Suggestion: Add 2 methods for admin transfer in solana contracts #102

dhruvja opened this issue Sep 17, 2024 · 1 comment

Comments

@dhruvja
Copy link

dhruvja commented Sep 17, 2024
edited
Loading

Right now there is only one method for transferring admin where the signing capability of the new admin is not verified. Though it doesnt pose a security risk in terms of funds, transferring admin capability to an address of which you dont have the signing capability can be risky.

So the solution for this would be having 2 methods with one setting an admin proposal and the other method where the new admin signs it. This makes sure that you always have the signing capability of the new admin.

The other solution could be where you have a method with 2 signers which wouldnt require the storing the new admin proposal and also make sure that you have the signing capability.
@dhruvja
Copy link
Author

dhruvja commented Sep 17, 2024

the interface can be smtg like this.

fn transfer_admin_proposal(ctx: Context<TransferAdminProposal>, new_admin: Pubkey) -> Result<()> {
     ...
     Ok(())
}

fn accept_admin_proposal(ctx: Context<AcceptAdminProposal>) -> Result<()> {
     // verify if signer is the one proposed in the state.
     Ok(())
}

pub struct TransferAdminProposal<'info> {
    #[account(mut)]
    pub struct admin: Signer<'info>,

    #[account(mut, has_one = admin)]
    pub struct common_state: Account<'info, CommonState>, // state where the admin info is stored.
}

pub struct AcceptAdminProposal<'info> {
    #[account(mut)]
    pub struct new_admin: Signer<'info>,

    #[account(mut)]
    pub struct common_state: Account<'info, CommonState>, // state where the admin info is stored.
}

or another interface could be where you have a single method with 2 signers. This would be better since you would not need to store it in the state.

fn transfer_admin(ctx: Context<TransferAdmin>) -> Result<()> {
    ...
    Ok(())
}

pub struct AcceptAdminProposal<'info> {
    #[account(mut)]
    pub struct admin: Signer<'info>,
    #[account(mut)]
    pub struct new_admin: Signer<'info>,

    #[account(mut, has_one = admin)]
    pub struct common_state: Account<'info, CommonState>, // state where the admin info is stored.
}

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@dhruvja