CIP-????: Script may want to refuse to accept wrong assets: `Acceptor` scripts

[mgajda]

Now smart contracts rely mostly on minting and redemption of previously setup transactions. This means that we may send assets to a smart contract, and they may be lost forever.

Ideal situation would be if smart contract could accept or reject such transactions. That means sending Ada to a smart contract would be a bit more expensive, since it would invoke "Acceptor" script, but would also be much safer, since user would know that script author expected to correctly handle the asset.

For example Uniswap trading pair script would only accept tokens from this trading pair. It would also mean that assets would not be accidentally burned by sending them to the wrong smart contract.

[mgajda]

Alternative would be to forbid transactions without Datum.

[matiwinnetou]

At first sight, I like Acceptor idea albeit I think that even transactions with Datum do not protect us. Acceptor is an interesting concept to explore.

[matiwinnetou]

isn't a bit like Contigent Transactions idea, where a transaction (e.g. multi sig) is accepted only if certain conditions are true (whatever is programmed)?

[rphair]

@mgajda

• Doesn't this indicate a CPS (rather than a CIP) due to the multiple ways this problem might be solved & implying an initially very broad definition of these Acceptor scripts?
• I assume the purpose of this issue is to propose & develop content for such a CIP/CPS (i.e. community discussion while you're drafting it)?