There is an authorize(other: Principal) function to add other principals but no deauthorize(principal: Principal) function which removes authorized principals. We would love to be able to have this functionality in the certified asset canister because we are building a DAO product where somebody could put their asset canister under control of the DAO.
One potential problem with this that if somebody who is malicious gains control of an authorized principal the deauthorize function could be used to lock everybody else out and upload a malicious frontend. Without a deauthorize function however somebody malicious could always spam the canister with a malicious frontend without someone stopping him/her.
My proposed solution would be to add a deauthorize function while making it so that the controllers of the canister are always authorized (they could wipe the canister and reupload anyways). This way somebody could hand over control to a DAO simply by changing the controller just like it normally works for other canisters.
I wouldn't mind making a pull request for this, but first I wanted to check if you would be open to the idea.
There is an
authorize(other: Principal)function to add other principals but nodeauthorize(principal: Principal)function which removes authorized principals. We would love to be able to have this functionality in the certified asset canister because we are building a DAO product where somebody could put their asset canister under control of the DAO.One potential problem with this that if somebody who is malicious gains control of an authorized principal the
deauthorizefunction could be used to lock everybody else out and upload a malicious frontend. Without adeauthorizefunction however somebody malicious could always spam the canister with a malicious frontend without someone stopping him/her.My proposed solution would be to add a
deauthorizefunction while making it so that the controllers of the canister are always authorized (they could wipe the canister and reupload anyways). This way somebody could hand over control to a DAO simply by changing the controller just like it normally works for other canisters.I wouldn't mind making a pull request for this, but first I wanted to check if you would be open to the idea.