New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Make it possible to not have an init method, so the zkApp private key holder can't reset the state #575
Comments
This is a misunderstanding - the init method doesn't change anything about the permissions, which solely determine whether the private key owner can reset the state. By default, the permissions for setting state are If there were no init method, then a transaction similar to the following would be sufficient to reset the state: Mina.transaction(() => {
// reset permissions
let update = AccountUpdate.create(zkappAddress);
update.account.permissions.set({ editState: Permissions.signature() });
update.requireSignature();
// reset state and change permission back
let update2 = AccountUpdate.create(zkappAddress);
update2.account.appState.map(state => state.set(Field(0)));
update2.account.permissions.set({ editState: Permissions.proof() });
update2.requireSignature();
}) The init method is nothing more than the line which wipes out the state. So, with an init method, the owner could do the same transaction with // reset state and change permission back
- let update2 = AccountUpdate.create(zkappAddress);
- update2.account.appState.map(state => state.set(Field(0)));
+ let zkapp = new MyContract(zkappAddress);
+ zkapp.init();
+ update2 = zkapp.self;
update2.account.permissions.set({ editState: Permissions.proof() });
update2.requireSignature(); |
Closing since this is a misunderstanding -- feel free to open more issues if you find other issues |
I guess I was seeing the init method as a way that a zkApp creator could reset state, but it sounds like maybe not? (was reading original RFC; no because its not an @method right?) Want to confirm, if one wanted to make a zkApp where the creator couldn't reset the state, sounds like that is separate in that case? @mitschabaude |
To make the creator unable to reset state for good, he needs to remove his ability to change the permissions -- there's a permission for that: That, plus |
Thanks, super helpful. Could one then have |
Yes, you can have that! |
At the moment, all zkApps are given an init method, which the holder of the private key can call to reset state.
It should be possible to create a zkApp where the private key holder can't reset the state.
Would advocate for removing the init method, instead performing initialization inside deploy, to have fewer special functions for developers to learn how to use
The text was updated successfully, but these errors were encountered: