mirror of
https://github.com/matrix-org/dendrite.git
synced 2026-01-16 18:43:10 -06:00
cade6d1de3
Impact: High Likelihood: Low According to the discussion with the team, it is expected that in Space contracts, only one Role can have the Permissions.Owner permission. Currently, multiple Roles can be created containing this permission. This is caused by Space.sol’s createRole() function allowing the OpenZeppelin owner to create new owner-permissioned roles without limit. Remediations to consider: Do not allow multiple roles to be created with the ownership permission. This could be done with something like: if Space.sol’s ownerRoleId is set, do not allow new roles to be created with the Permissions.Owner permission. Fixes HNT-703 as well |
||
|---|---|---|
| .. | ||
| contracts | ||
| contract_addresses.go | ||
| README.md | ||
| space_contract.go | ||
| space_contract_goerli.go | ||
| space_contract_localhost.go | ||
| store.go | ||
| store_types.go | ||
| user_identifier.go | ||
| util_converters.go | ||
| util_web3.go | ||
| zion.go | ||
| zion_authorization.go | ||
Purpose
Additional packages added for the Zion project, nothing in here should be in the Matrix Dendrite upstream, nor in the herenotthere/dendrite-fork.
The zion_space_manager_(mainnet|rinkeby|localhost).go files are generated as new versions of the smart contracts are build and deployed. The bindings are in this location so they can be built alongside the dendrite server in the build process.