search

onflow / nft-catalog

https://www.flow-nft-catalog.com/
The Unlicense
36 stars 13 forks source link

Anybody can withdraw someone's proposal. #15

Closed satyamakgec closed 2 years ago

satyamakgec commented 2 years ago

https://github.com/dapperlabs/nft-catalog/blob/8cb26110e41190316e718bb0797da338f0713662/cadence/contracts/NFTCatalog.cdc#L203

It can be called by anyone, I think it should take the proposal capability to make sure it can only be called by it.

bshahid331 commented 2 years ago

We do a check within the function to make sure that proposer for the specific proposal has set a flag in a private capability to withdraw the specific proposal. See: https://github.com/dapperlabs/nft-catalog/blob/8cb26110e41190316e718bb0797da338f0713662/cadence/contracts/NFTCatalog.cdc#L210-L212

aishairzay commented 2 years ago

No more actions to take here - closing