You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
"Key should have been created before the current \
time instant!",
);
seconds_since_key_creation
> DISPOSABLE_KEY_LIFETIME_IN_SECONDS
},
)
})
.cloned()
.collect::<Vec<_>>();
for key_alias in disposable_keys_to_gc {
self.store.remove_alias(&key_alias);
}
Since we plan to use disposable keys more now, this logic can turn out to be quite dangerous: in general we should not remove keys (not even disposable ones) without an explicit consent from the user. We should remove this logic and replace it with a wallet command that checks the balance of disposable keys and remove (after receiving a confirmation from the user) those whose balance is 0. To achieve this we should probably associate a specific token to the disposable key to avoid the need to look for balances of arbitrary tokens (disposable keys are used with a single token anyways). We could also remove the timestamp from the alias since it would not be needed anymore.
As suggested by @sug0 we could also think of introducing first class support in the wallet for disposable keys, since at the moment they are recognized by just their aliases. By doing this we could, for example, avoid displaying them with namadaw list.
The text was updated successfully, but these errors were encountered:
We currently run a cleanup procedure of expired disposable keys when generating a new one:
namada/crates/wallet/src/lib.rs
Lines 808 to 834 in 47fc912
Since we plan to use disposable keys more now, this logic can turn out to be quite dangerous: in general we should not remove keys (not even disposable ones) without an explicit consent from the user. We should remove this logic and replace it with a wallet command that checks the balance of disposable keys and remove (after receiving a confirmation from the user) those whose balance is 0. To achieve this we should probably associate a specific token to the disposable key to avoid the need to look for balances of arbitrary tokens (disposable keys are used with a single token anyways). We could also remove the timestamp from the alias since it would not be needed anymore.
As suggested by @sug0 we could also think of introducing first class support in the wallet for disposable keys, since at the moment they are recognized by just their aliases. By doing this we could, for example, avoid displaying them with
namadaw list.The text was updated successfully, but these errors were encountered: