You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Currently, it's possible to call the ChainSignature contract using a FunctionCall key, allowing the dApp that holds the key to spend user funds. To prevent this, we propose adding a deposit fee to the contract call, ensuring only a FullAccess key can execute the contract.
The text was updated successfully, but these errors were encountered:
Pessina
changed the title
FunctionCall key should not be able to call ChainSignature contract
Prevent Unauthorized Fund Spending in ChainSignature Contract using FunctionCall key
Jun 5, 2024
Currently, it's possible to call the ChainSignature contract using a FunctionCall key, allowing the dApp that holds the key to spend user funds. To prevent this, we propose adding a deposit fee to the contract call, ensuring only a FullAccess key can execute the contract.
The text was updated successfully, but these errors were encountered: