yagna
yagna copied to clipboard
Investigate how PaymentDriver::init and payment init should work
Concerns #2116 and #2118
During the preparation of the draft PR (#2167), a couple issues have surfaced:
- As of now, initializing the account as receiver-only protected the user from unintentional spending of funds. With
payment init
made implicit, this is now functionally a non-feature, as any attempt to allocate funds will automatically enable the capability to send funds. -
PaymentDriver::init
will be called on each allocation and invocation ofpayment fund
, and has always been capable of being used this way (i.e. multipleyagna payment init [--sender] [--receiver]
). Meaning there are undocumented semantics, that aren't exactly what one would call "initialization". These have been explained in more detail in the last commit of the PR (Add assumption comments). -
send
andreceive
(: bool
) properties of an account can't be simply removed to drop the support for protection mentioned in (1), as it is actually important to differentiate how an account has been initialized. That is, the initialization might do different things depending on those properties and these properties are not just a soft protection for the end-user.
It seems current version is ok