Update security docs #794
Update security docs #794
Conversation
src/security/pausable.cairo
Outdated
| fn _pause(ref self: ComponentState<TContractState>) { | ||
| fn pause(ref self: ComponentState<TContractState>) { |
There was a problem hiding this comment.
I assume this is for consistency, right? In the past, we followed the convention that underscored methods signified that it was potentially unsafe e.g. _mint. We should probably prioritize defining the new standard moving forward so that cases like this are clear. I don't love the idea of changing this without said standard
There was a problem hiding this comment.
Fair point. Agree is better wait for that discussion to happen.
src/security/initializable.cairo
Outdated
| trait ExternalTrait<TState> { | ||
| fn is_initialized(self: @TState) -> bool; | ||
| } |
There was a problem hiding this comment.
No strong opinions on including this trait. I suppose there may be cases where this is useful
There was a problem hiding this comment.
The name IPausable sounds a bit misleading IMO (for an interface with just the is_paused method), I think for this case is better to use a trait (like PublicKeyTrait in account), I selected the name ExternalTrait because no better name occurred to me for just is_paused. We should document this convention/pattern if we go along with it. What do you think @martriay ?
There was a problem hiding this comment.
The name IPausable sounds a bit misleading IMO (for an interface with just the is_paused method)
Good point. Here, it'd be IInitializable, but the point is the same. I can see it being misleading with just the getter
There was a problem hiding this comment.
We should document this convention/pattern if we go along with it.
I just wrote this recently in our style guide, which is something I recall we discussed maybe during a call. Let me know if you think it doesn't apply here
The name IPausable sounds a bit misleading IMO (for an interface with just the
is_pausedmethod)
I kindof see what you mean, but on the other hand "pausable" doesn't really mean I can pause it, but rather that it can be paused, so the getter is not really confusing to me. btw Contracts for Solidity's version has public pause/unpause methods
Co-authored-by: Andrew Fleming <fleming.andrew@protonmail.com>
…lo/cairo-contracts into feat/update-security-docs-#565
Co-authored-by: Andrew Fleming <fleming.andrew@protonmail.com>
…lo/cairo-contracts into feat/update-security-docs-#565
…eat/update-security-docs-#565
| @@ -1,4 +1,4 @@ | |||
| use openzeppelin::security::initializable::InitializableComponent::InternalImpl; | |||
| use openzeppelin::security::InitializableComponent::{InitializableImpl, InternalImpl}; | |||
There was a problem hiding this comment.
To call is_initialized later
There was a problem hiding this comment.
but why wasn't it failing?
src/security/initializable.cairo
Outdated
| trait ExternalTrait<TState> { | ||
| fn is_initialized(self: @TState) -> bool; | ||
| } |
There was a problem hiding this comment.
We should document this convention/pattern if we go along with it.
I just wrote this recently in our style guide, which is something I recall we discussed maybe during a call. Let me know if you think it doesn't apply here
The name IPausable sounds a bit misleading IMO (for an interface with just the
is_pausedmethod)
I kindof see what you mean, but on the other hand "pausable" doesn't really mean I can pause it, but rather that it can be paused, so the getter is not really confusing to me. btw Contracts for Solidity's version has public pause/unpause methods
Co-authored-by: Martín Triay <martriay@gmail.com>
Co-authored-by: Martín Triay <martriay@gmail.com>
Co-authored-by: Martín Triay <martriay@gmail.com>
Co-authored-by: Martín Triay <martriay@gmail.com>
…lo/cairo-contracts into feat/update-security-docs-#565
Co-authored-by: Martín Triay <martriay@gmail.com>
Co-authored-by: Martín Triay <martriay@gmail.com>
Co-authored-by: Martín Triay <martriay@gmail.com>
Co-authored-by: Martín Triay <martriay@gmail.com>
Co-authored-by: Martín Triay <martriay@gmail.com>
…lo/cairo-contracts into feat/update-security-docs-#565
Fixes #565
PR Checklist