Skip to content
This repository has been archived by the owner on Jun 29, 2023. It is now read-only.

Modify TokenRegistry contract #677

Merged
merged 4 commits into from
Dec 30, 2021
Merged

Modify TokenRegistry contract #677

merged 4 commits into from
Dec 30, 2021

Conversation

max-sidorov
Copy link
Contributor

Simplify registration to one tx instead of two and prevent registering the same token twice.

@github-actions github-actions bot added the contracts This PR changes some contracts label Dec 21, 2021
msieczko
msieczko suggested changes Dec 21, 2021
View reviewed changes
Copy link

@msieczko msieczko left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I'd rename RegisteredToken -> TokenRegistered similarly as here #676 (review). Other than that LGTM.

msieczko
msieczko approved these changes Dec 22, 2021
View reviewed changes
Copy link

@msieczko msieczko left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM. @jacque006 could you take a look as well and merge the PR?

@jacque006
Copy link
Collaborator

Couple of things worth considering with these changes:

  • I believe it was a past intent to in some way limit the registration of tokens to either deploy time or some sort of access control (see tokenRegistry in Access control for contracts #584). For example, anyone might be able to request a token registration but only an owner/admin could finalize the registration.
  • With these changes (and even before), anyone can register a token to a Hubble network. This could be nice as it allows anyone to onboard at token at their own purview/cost, but also means more scammy/less reputable tokens can also be registered which could have impacts on the reputation of the network. If having token registration fully open is a concern, I would at the very least recommend adding @openzepplin/contracts's Ownable to the TokenRegistry and adding the onlyOwner modifier to the registerToken.

I have no strong opinion on either your changes or the access control schemes mentioned above as they all have their tradeoffs. Since you are the most active devs I will leave it at your discretion. Current changes look good 👍 assuming the above has been considered.

@msieczko
Copy link

Hey @jacque006, thanks for your answer 👍

Current changes look good 👍 assuming the above has been considered.

I agree that we should to protect TokenRegistry (and SpokeRegistry similarly), so that possibly-malicious tokens are not added arbitrarily. Optimally I think it should be the responsibility of a DAO to accept/reject token registrations.

We're not there yet though, so this PR is just meant to simplify the token registration to a single tx - it is open to anyone now and will still be. The second, more important change in this PR is preventing repeated registration of a token contract - currently finaliseRegistration can be called multiple times for the same token.

I suggest merging this PR now and tackling the issues that you mention in the future.

@jacque006 jacque006 merged commit 559fb78 into thehubbleproject:master Dec 30, 2021
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Reviewers

@msieczko msieczko msieczko approved these changes

Assignees
No one assigned
Labels
contracts This PR changes some contracts
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@max-sidorov @jacque006 @msieczko