How to ensure secure module object access and mutation?

Question

I developed a module with a DonutShop containing a Balance. I want to share this module without risking unauthorized manipulation of Balance. Can other modules directly alter the Balance if I only use getters/setters within the module?

Bolke · Answer

Correct. An object can be mutated only by a function existing in the same module where the object was created. However, simply having getters and setters within the same module is not enough to fully protect the objects state. You must also implement mechanisms to restrict access to these functions. One common approach is using an AdminCap pattern, which involves creating a capability-based access control system. This ensures that only authorized entities can invoke certain functions, thereby preventing unauthorized manipulation of the objects state. Check out the AdminCap pattern for more information.

帖子

分享您的知识。

How to ensure secure module object access and mutation?

答案

你知道答案吗？

赚取你的 1000 Sui 份额