0x1::TransactionPublishOptionTransactionPublishOption provide an option to limit:
whether user can use script or publish custom modules on chain.
TransactionPublishOptioninitializenew_transaction_publish_optionis_script_allowedis_module_alloweduse 0x1::Config;
use 0x1::CoreAddresses;
use 0x1::Errors;
use 0x1::Signer;
use 0x1::Timestamp;
TransactionPublishOptionDefines and holds the publishing policies for the VM. There are three possible configurations:
struct TransactionPublishOption has copy, drop, store
script_allowed: bool
module_publishing_allowed: bool
const EINVALID_ARGUMENT: u64 = 18;
The script hash already exists in the allowlist
const EALLOWLIST_ALREADY_CONTAINS_SCRIPT: u64 = 1002;
The script hash has an invalid length
const EINVALID_SCRIPT_HASH: u64 = 1001;
const EPROLOGUE_ACCOUNT_DOES_NOT_EXIST: u64 = 0;
const SCRIPT_HASH_LENGTH: u64 = 32;
initializeModule initialization.
public fun initialize(account: &signer, script_allowed: bool, module_publishing_allowed: bool)
public fun initialize(
account: &signer,
script_allowed: bool,
module_publishing_allowed: bool,
) {
Timestamp::assert_genesis();
assert!(
Signer::address_of(account) == CoreAddresses::GENESIS_ADDRESS(),
Errors::requires_address(EPROLOGUE_ACCOUNT_DOES_NOT_EXIST),
);
let transaction_publish_option = Self::new_transaction_publish_option(script_allowed, module_publishing_allowed);
Config::publish_new_config(
account,
transaction_publish_option,
);
}
aborts_if !Timestamp::is_genesis();
aborts_if Signer::address_of(account) != CoreAddresses::GENESIS_ADDRESS();
include Config::PublishNewConfigAbortsIf<TransactionPublishOption>;
include Config::PublishNewConfigEnsures<TransactionPublishOption>;
new_transaction_publish_optionCreate a new option. Mainly used in DAO.
public fun new_transaction_publish_option(script_allowed: bool, module_publishing_allowed: bool): TransactionPublishOption::TransactionPublishOption
public fun new_transaction_publish_option(
script_allowed: bool,
module_publishing_allowed: bool,
): TransactionPublishOption {
TransactionPublishOption { script_allowed, module_publishing_allowed }
}
aborts_if false;
is_script_allowedCheck if sender can execute script with
public fun is_script_allowed(account: address): bool
public fun is_script_allowed(account: address): bool {
let publish_option = Config::get_by_address<TransactionPublishOption>(account);
publish_option.script_allowed
}
include Config::AbortsIfConfigNotExist<TransactionPublishOption>{
addr: account
};
is_module_allowedCheck if a sender can publish a module
public fun is_module_allowed(account: address): bool
public fun is_module_allowed(account: address): bool {
let publish_option = Config::get_by_address<TransactionPublishOption>(account);
publish_option.module_publishing_allowed
}
include Config::AbortsIfConfigNotExist<TransactionPublishOption>{
addr: account
};
schema AbortsIfTxnPublishOptionNotExist {
include Config::AbortsIfConfigNotExist<TransactionPublishOption>{
addr: CoreAddresses::GENESIS_ADDRESS()
};
}
schema AbortsIfTxnPublishOptionNotExistWithBool {
is_script_or_package : bool;
aborts_if is_script_or_package && !exists<Config::Config<TransactionPublishOption>>(CoreAddresses::GENESIS_ADDRESS());
}
pragma verify = false;
pragma aborts_if_is_strict = true;
fun spec_is_script_allowed(addr: address) : bool{
let publish_option = Config::get_by_address<TransactionPublishOption>(addr);
publish_option.script_allowed
}
fun spec_is_module_allowed(addr: address) : bool{
let publish_option = Config::get_by_address<TransactionPublishOption>(addr);
publish_option.module_publishing_allowed
}