# Creator vs. Owner Permissions In the ART20 framework, there is a distinction between the **creator** of a collection and the **owner** of certain capabilities or objects: * **Creator**:\ Typically the address that initializes the collection via `mint_art20(...)`. The creator has special privileges such as updating metadata (if `is_mutable = true`) and managing the deny list (if allowed). * **Owner (of Specific Objects)**:\ Some functionalities rely on who currently owns a specific capability or object. For example, `CollectionCap` objects grant privileges to mint more NFTs, update value sources, or manage collection-level parameters. **Implications for Security**: * **Minting Control**: Only the creator or an entity holding the `CollectionCap` can mint additional NFTs, preventing unauthorized expansion of supply. * **Metadata Updates**: If the collection is mutable, only the creator can perform updates, avoiding unauthorized changes to the NFT’s identity or valuable attributes. * **Deny List Management**: As long as the creator maintains deny list authority, they can dynamically respond to security threats or compliance needs. --- # Agent Instructions: Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter: ``` GET https://docs.artinals.com/artinals-protocol/security-permissions-and-deny-lists/creator-vs.-owner-permissions.md?ask= ``` The question should be specific, self-contained, and written in natural language. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.