Expand Sui M1 Package Docs and Create Walkthrough #133
Draft
Conversation
✅ Deploy Preview for openzeppelin-docs-v2 ready!
To edit notification comments on pull requests, go to your Netlify project configuration. |
ericnordelo
reviewed
Mar 9, 2026
| ```move | ||
| module my_sui_app::admin; | ||
|
|
||
| use openzeppelin_access::two_step_transfer; |
Member
There was a problem hiding this comment.
Removing this empty lines hurts readability
ericnordelo
reviewed
Mar 9, 2026
| const MIN_DELAY_MS: u64 = 86_400_000; // 24 hours | ||
|
|
||
| public fun wrap_treasury_cap(cap: TreasuryCap, ctx: &mut TxContext): DelayedTransferWrapper<TreasuryCap> { | ||
| delayed_transfer::wrap(cap, MIN_DELAY_MS, ctx) |
Member
There was a problem hiding this comment.
This API is now different. It accepts a recipient and doesn't return the DelayedTransferWrapper
ericnordelo
reviewed
Mar 9, 2026
| <Callout type="warn"> | ||
| `two_step_transfer` records `ctx.sender()` as the cancel authority (`from`) when `initiate_transfer` is called. In normal single-owner usage, `ctx.sender()` is the wallet that holds the wrapper, the correct principal to hold cancel authority. | ||
|
|
||
| However, if `initiate_transfer` is invoked inside a shared-object executor, a module where any user can be the transaction sender, then the cancel authority becomes that arbitrary user's address, not the protocol's. A malicious user could call `initiate_transfer` targeting their own address as the recipient. They would become both the pending recipient and the only party with cancel authority, locking out the legitimate owner: no one but the attacker can cancel the transfer, and the attacker can choose to accept it at any time. |
Member
There was a problem hiding this comment.
A malicious user could call
initiate_transfertargeting their own address as the recipient
They don't even need to target their own address, they can target the right address and still get the inner object by cancelling later, as they are the cancel authority.
ericnordelo
reviewed
Mar 9, 2026
Member
ericnordelo
left a comment
ericnordelo
left a comment
There was a problem hiding this comment.
Looking good in general. Left some comments
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Documentation Pull Request
Summary
Type of Change
Related Issues
Fixes #
Relates to #
Checklist
pnpm run buildpnpm run checkAdditional Notes