-
Notifications
You must be signed in to change notification settings - Fork 2.6k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
[breaking][libra framework] decouple AccountLimits and Balance #5474
Conversation
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
That looks great, thanks a lot for that! Please ping me for any changes to the parent/child account creation/management scripts or constraints, it will be easier for us to track changes to our ceremonies and code.
Note that for breaking change you need to prefix commit headline as |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Love red diffs! This looks good to me. cc @moeziniaf for visibility about the removal of the two scripts in case it has AOS implications.
cb68776
to
94fcc1e
Compare
71f5438
to
55e9bef
Compare
3f30fe1
to
d47cc50
Compare
d47cc50
to
028d647
Compare
@@ -154,6 +146,9 @@ module VASP { | |||
global<ChildVASP>(addr).parent_vasp_addr | |||
} | |||
} | |||
define spec_has_account_limits<Token>(addr: address): bool { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
@emmazzz: I had to define a spec function for this because the prover wasn't happy with the purity of has_account_limits
. Do you know why? Is it because it's not happy with the purity of parent_address
?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
That's right. parent_address
has an abort
in it, which is currently not supported.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Is there a conceptual blocker to treating funs with abort
s as pure, or just an implementation one? I would guess the latter since @wrwg told me that spec functions can be partial, but wanted to make sure I understand.
I've seen this failure too after my PR(#5469 ) got merged, and I can't reproduce it locally. Can you reproduce it @sblackshear? |
I did do something
I did accidentally break |
028d647
to
6110cac
Compare
Thanks - which admin script will be used to add AccountLimits after this PR? |
We do not have a script for this yet, but it should be as simple as calling |
/land |
- Currently, a ParentVASP needs to have an AccountLimits<CoinType> resource before allowing a child to publish a balance in CoinType. This is confusing and not needed given that AccountLimits are U64_MAX at launch. - This PR removes the need to do this. Instead, LibraRoot can send an AdminScript to add AccountLimits to any VASP on which limits need to be imposed. - This simplifies the flows for creating new child accounts and adding new currencies (see smaller specs/fewer comments and error codes) - Also eliminated the tx scripts for updating account limits, since this can now be done via the admin script that installs them. Closes: diem#5474
6110cac
to
a9c78d1
Compare
Is there some limit address which holds default limits? I'm guessing there's a default and after MVP we will want to be able to create/modify new limits (but for now just publish and point an account window to the default limits address?) |
Breaking changes
add_currency_to_account
script andcreate_child_vasp
script will now succeed in some cases that would previously have failed (e.g., creating a child VASP withadd_all_currencies=true
from a parent that only has a balance in LBR. This convenience is the primary motivation for the change.