[#78] Add `approveCAS` to ManagedLedger
Description
ManagedLedger
contract has approve
entrypoint as specified in
FA1.2. It sort of prevents
front running attack
by prohibiting changing allowance from non-zero to non-zero.
However, that's not a perfect solution for a couple of reasons:
- Sometimes it is convenient to change from non-zero to non-zero.
- If two transactions change allowance from
n
to 0 and then from 0 tom
, they will be accepted, but it can be dangerous if they get into the same block or adjacent blocks.
Sometimes one may want to have a safer version of approve
which
requires passing the expected current allowance value. Since our
managed ledger is a library for writing managed-ledger-alike contracts,
it makes sense to add approveCAS
there to let others add it to their
contracts if they want.
Here I implement approveCAS
and add it to ManagedLedger.
There seems to be no sense to extract some part of approve
into
a new function. In approveCAS
we only need setAllowance
. doc
usage should be different, AllowanceParams
is constructed from
another data type, non-zero to non-zero check is not needed.
Related issue(s)
Resolves #78 (closed)
✅ Checklist for your Merge Request
Related changes (conditional)
-
Tests (see short guidelines)
-
If I added new functionality, I added tests covering it. -
If I fixed a bug, I added a regression test to prevent the bug from silently reappearing again.
-
-
Documentation
Stylistic guide (mandatory)
-
My commits comply with the following policy. -
My code complies with the style guide.