-
Notifications
You must be signed in to change notification settings - Fork 3.6k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
ADR 003 follow-up #5416
Comments
Will Agoric use this (Swingset = multiple module) or not (Swingset = single module)? |
I concur with @warner that namespacing should be scoped-keeper-local. I / we are undecided as to the questions of single/multi-owner and revokability/claimability. Which design patterns make sense depend a lot on the intended use-cases, and we don't understand those too concretely yet. I plan to update the ADR to reflect the namespacing change & these questions. I want to note that implementation of this ADR is not required for wire-compliant IBC, and we could elect to leave it out of the first live version if we don't think any SDK applications will need it. I think it is worth having a detailed design document either way, and we can subsequently choose whether we want to implement it, ideally with a bit more insight into initial usage by Agoric and any other possible SDK app developers. |
#5469 switches to local namespacing & irrevocable multi-owner capabilities. |
Notes from @warner:
C-list - some agent gets access to set of authorities. Agent's access to clist table not forgeable (currently this is in
app.go
).What we want @cwgoes : ability to give up capability ownership (e.g. give up channel).
@warner : Ocap world usually doesn't do this
@deantribble : There are models where you can.
For channels: tx/rx split should use separate capabilities.
Receive packet patterns (callback vs OpaquePacket receive) / how does this relate?
Sender will want ability to transfer where receiver can claim & where they cannot.
To-do:
The text was updated successfully, but these errors were encountered: