Hi, maybe aesthetic issue. I wonder if it is good idea to let anyone to call transferFrom.
I think it is good idea to CheckWitness(t_to) to avoid unexpected assets flow. Since I can subscribe to OnApprove(), I can see all the approvals and that way I can do "rogue" transferFrom. It is not issue in the context of assets owner, but lets see simple example:
I have two NEO accounts. Family and personal. I want to have funds from family acc accessible to my personal account, if I need them, but still separated.
In case someone starts automatically transferring trough transferFrom (to make it more evil transfers in decimals), I would lost the separability and overview about flow of my funds. In the case, that multiple family members have approvals to that account, they would be cut from the family funds.
Definitely it is not critical, but I can imagine, that it can cause issues in specific situations.
Hi, maybe aesthetic issue. I wonder if it is good idea to let anyone to call transferFrom.
I think it is good idea to
CheckWitness(t_to)to avoid unexpected assets flow. Since I can subscribe toOnApprove(), I can see all the approvals and that way I can do "rogue" transferFrom. It is not issue in the context of assets owner, but lets see simple example:I have two NEO accounts. Family and personal. I want to have funds from family acc accessible to my personal account, if I need them, but still separated.
In case someone starts automatically transferring trough transferFrom (to make it more evil transfers in decimals), I would lost the separability and overview about flow of my funds. In the case, that multiple family members have approvals to that account, they would be cut from the family funds.
Definitely it is not critical, but I can imagine, that it can cause issues in specific situations.