Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

feat: As a developer, I or portal owner should be able to revoke or replace the attestation #547

Open
wants to merge 1 commit into
base: dev
Choose a base branch
from
Open

feat: As a developer, I or portal owner should be able to revoke or replace the attestation #547

wants to merge 1 commit into from

Conversation

satyajeetkolhapure
Copy link
Collaborator

@satyajeetkolhapure satyajeetkolhapure commented Jan 24, 2024
edited

What does this PR do?

Along with the portal owner, an attester who attested the attestation should be able to revoke or replace his attestation too.

Related ticket

Fixes #546

Type of change

  • Chore
  • Bug fix
  • New feature
  • Documentation update

Check list

  • Unit tests for any smart contract change
  • Contracts and functions are documented

@satyajeetkolhapure satyajeetkolhapure self-assigned this Jan 24, 2024
@github-actions GitHub Actions
Copy link
Contributor

🚀 Deployed on https://65b10f17908bae008054ddfa--resilient-starburst-d5d6d9.netlify.app

@github-actions github-actions bot temporarily deployed to pull request January 24, 2024 13:22 Inactive
orbmis
orbmis reviewed Jan 24, 2024
View reviewed changes
contracts/src/AttestationRegistry.sol
*/
function bulkReplace(
bytes32[] calldata attestationIds,
AttestationPayload[] calldata attestationPayloads,
address attester
address replacer
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Will this introduce breaking changes for existing portals?

contracts/src/AttestationRegistry.sol
*/
function revoke(bytes32 attestationId) public {
function revoke(bytes32 attestationId, address revoker) public {
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

If the revoker argument is being specified by the contract calling this method, then surely it can be spoofed? Am I wrong?

Copy link
Collaborator Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Actually, the Attestation registry will always be called from the portal that has implemented the abstract portal. The abstract portal has revoke and replace methods that cannot be overridden. The abstract portal has getAttester method which returns msg sender.

As it is recommended not to use tx origin, the best way is to get the attester from the Abstract portal.

I will still have a look if there is any possibility of it.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@orbmis orbmis orbmis left review comments

@alainncls alainncls Awaiting requested review from alainncls alainncls is a code owner

@0xEillo 0xEillo Awaiting requested review from 0xEillo 0xEillo is a code owner

At least 1 approving review is required to merge this pull request.

Assignees

@satyajeetkolhapure satyajeetkolhapure

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

[US] As a developer, I or portal owner should be able to revoke or replace the attestation
3 participants
@satyajeetkolhapure @orbmis @kolhapuresatyajeet