@gamarin2 came up with a cool idea, maybe we want to have a coinkeeper which has restricted access to certain tokens - heck while we're at it may be cool to have restricted accounts too..... not to mention explicit separation of read vs. read/write functionality
rigelrozanski
All 4 comments
Yep some mapper's function are more sensitive than others. It would be cool that module devs create "modes" for their mappers with more or less capabilities for each mode.
If a module requires access to another module's mapper, app developer will be able to only pass an instance of said mapper that makes sense for the module. For example gov module needs access to a read/write instance of bank module's mapper, but for Atom only. It also needs access to staking module's mapper, but read-only.
gamarin2
on 13 Mar 2018
Least-privilege for the win! https://en.wikipedia.org/wiki/Principle_of_least_privilege
ebuchman
on 13 Mar 2018
It would be cool that module devs create "modes" for their mappers with more or less capabilities for each mode.
It's beginning to sound a lot like objcap...
tarcieri
on 13 Mar 2018
Closed in favor of https://github.com/cosmos/cosmos-sdk/issues/802.
cwgoes
on 11 Apr 2018
Related issues
fedekunze
路
3Comments
kevlubkcm
路
3Comments
hendrikhofstadt
路
3Comments
ValarDragon
路
3Comments
cwgoes
路
3Comments
Most helpful comment
It's beginning to sound a lot like objcap...