OffchainLabs / stylus-sdk-rs

Rust Smart Contracts on Arbitrum
249 stars 81 forks source link

Is it okay to `unsafe impl TopLevelStorage for X`? #119

Open alexfertel opened 8 months ago

alexfertel commented 8 months ago

Whenever you try to use the Call::new_in API, Self must be bound by TopLevelStorage + BorrowMut<Self>, which means that you end up with a lot of &mut (impl TopLevelStorage + BorrowMut<Self>) instead of a receiver argument.

This is not great, and would definitely be surprising to devs. It is my understanding that it is safe to do unsafe impl TopLevelStorage for X where X is used as a field of the entrypoint contract, and is marked as #[borrow]. I think this is safe because when routing calls to the "sub-contract" (?), it effectively becomes the top-level storage because of #[borrow].

Is this mental model correct? Should this unsafe impl block be handled by #[borrow]?