Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Buy RAM for self buyramself ACTION #105

Closed
DenisCarriere opened this issue Jan 18, 2024 · 3 comments · Fixed by #112
Closed

Buy RAM for self buyramself ACTION #105

DenisCarriere opened this issue Jan 18, 2024 · 3 comments · Fixed by #112
Labels
👍 lgtm

Comments

@DenisCarriere
Copy link
Contributor

Purpose

Create buyramself ACTION where you can’t buyram for someone else.

Allows a smart contract to linkauth permission to buyramself thus preventing sending RAM outside of the custody of the smart contract or personal account, it would only be able to purchase RAM for itself.

buyram and buyrambytes can be a risk for contracts since it allows to transfer EOS outside of the account, essentially acting as a proxy for eosio.token::transfer.

Feedback provided by

buyramself ACTION

/**
 * Buy ram action for self, increases receiver's ram quota.
 * An inline transfer from receiver to system contract of tokens will be executed.
 *
 * @param owner - the ram buyer & receiver,
 * @param bytes - (optional) the quantity of ram to buy specified in bytes.
 * @param quantity - (optional) the quantity of tokens to buy ram with.
 */
[[eosio::action]]
void buyramself( const name& owner, const optional<asset> quantity, const optional<uint32_t> bytes );

Preconditions

  • require_auth(owner)
  • must provide values for either quantity or bytes
    • throw error if both are provided
    • throw error if none are provided
  • if bytes is provided, internally use buyrambytes action
  • if quantity is provided, internally use buyram action
@aaroncox
Copy link

aaroncox commented Jan 18, 2024
edited
Loading

Adding a return value to indicate the amount of RAM purchased (which is very useful when using the quantity field) would be a welcome addition too!

I think we talked about that for the modifications to buyram as well. It could just mirror that.

@DenisCarriere
Copy link
Contributor Author

DenisCarriere commented Jan 25, 2024
edited
Loading

  • Modify action params to only provide quantity as param, keep it consistent with buyram
  • Update description
/**
 * The buyramself action is designed to enhance the permission security by allowing an account to purchase RAM exclusively for itself.
 * This action prevents the potential risk associated with standard actions like buyram and buyrambytes,
 * which can transfer EOS tokens out of the account, acting as a proxy for eosio.token::transfer.
 *
 * @param account - the ram buyer and receiver,
 * @param quantity - the quantity of tokens to buy ram with.
 */
[[eosio::action]]
void buyramself( const name& account, const asset& quantity );

DenisCarriere added a commit to AntelopeIO/reference-contracts that referenced this issue Jan 25, 2024
@DenisCarriere
Implement buyramself action
9dd2717 
ref: eosnetworkfoundation/eos-system-contracts#105
@ericpassmore ericpassmore linked a pull request Feb 7, 2024 that will close this issue
New ram_actions to transfer ram between accounts #112
Merged
@ericpassmore
Copy link
Contributor

closed with PR

ericpassmore pushed a commit that referenced this issue Aug 9, 2024
@spoonincode
Merge pull request #105 from AntelopeIO/antelope-spring-dev.deb
c30e89e 
use `antelope-spring-dev.deb` instead of `spring-dev.deb`
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
👍 lgtm
Projects
ENF Engineering
Status: Done
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

New ram_actions to transfer ram between accounts eosnetworkfoundation/eos-system-contracts
4 participants
@DenisCarriere @aaroncox @ericpassmore @enf-ci-bot