Currently, it's possible to call the ChainSignature contract using a FunctionCall key, allowing the dApp that holds the key to spend user funds. To prevent this, we propose adding a deposit fee to the contract call, ensuring only a FullAccess key can execute the contract.
Currently, it's possible to call the ChainSignature contract using a FunctionCall key, allowing the dApp that holds the key to spend user funds. To prevent this, we propose adding a deposit fee to the contract call, ensuring only a FullAccess key can execute the contract.