From runtime account doesn't have access to list of it's access keys

[ilblackdragon]

For example contracts like multisig want to know how many access keys are attached to the given account.
Without that, multisig can't check that it's in valid state.

[evgenykuzyakov]

We may not be able to expose it, because it's based on the iterator. But we should be able to check if the given key exists on the account.

But at the same time, the keys can't be changed during the contract execution, so you can't invalidate the iterator. The only issue is we can't return the total number of access keys until we iterate through them.

[evgenykuzyakov]

For example contracts like multisig want to know how many access keys are attached to the given account.

That's why I recommended to track it within contract using Set and add/remove keys only from the contract. This way the keys can be added using promises during new.

[lexfrl]

The only issue is we can't return the total number of access keys until we iterate through them.

Why not to track the number in the account storage?

[MaksymZavershynskyi]

The problem with iterator is that challenges for iterator are much more complex. We would like to avoid them, therefore it is preferable to track it inside the contract using Map or Set.

[ilblackdragon]

@evgenykuzyakov there is no way to determine how many keys were added outside of the contract calls. For example if user adds keys in the transaction that deploy contract or had a full access key first and added keys that way, etc.

[mikedotexe]

This would be quite helpful for an auction app that Trevor is building:
https://gitlab.com/TrevorJTClarke/nym-near/-/blob/master/USER_STORIES.md