Artinals Protocol
  • Introduction
    • What is Artinals?
    • Overview of the Modules
    • Key Concepts and Terminology
  • Getting Started
    • Prerequisites
    • Cloning the Repository
    • Building and Testing the Modules
  • ART20
    • Overview and Capabilities
    • Data Structures
      • NFT
      • CollectionCap
      • UserBalance
      • TokenIdCounter
      • Dual IDs
    • Events
      • NFTMintedEvent
      • CollectionCreatedEvent
      • MetadataUpdateEvent
      • BurnEvent
      • TransferEvent
      • Additional Events
    • Functions and Entry Points
      • Initializing the Module
      • Creating Collections
      • Minting ART20 NFTs
      • Updating Metadata
      • Transfer and Burn Operations
      • Batch Operations
      • Deny List Mechanics and Authority
      • Custom Transfers
    • Value Sources (API, Oracle)
    • Best Practices & Examples
  • SALE Module
    • Purpose and Functionality
    • Interdependence
    • Price Index Module
    • Liquidity Module
    • Data Structures
      • NFTSale
      • NFTListing
  • Events
    • SaleCreated
    • NFTPurchased
    • PriceUpdateEvent
    • CurrencyWithdrawn
    • DenyList & Related Events
    • PoolCreatedEvent
    • OrderCanceled
    • OrderExecuted
  • Functions and Entry Points
    • Creating a Sale
    • Adding NFTs to a Sale
    • Purchasing NFTs from a Sale
    • Withdrawing Proceeds
    • Managing Sale State
    • Core Trading Functionality
  • Integrating with ART20
  • Examples & Best Practices
  • MARKET Module
    • Introduction
    • Testnet (Beta)
    • Smart Contract Overview
    • Data Structures
      • Trade Ledger (TradeLedger)
      • Trade Offer (TradeOffer)
      • Buy Offer (BuyOffer)
      • Ledger Registry (LedgerRegistry)
    • Event Structures
      • Offer Created (OfferCreated)
      • Offer Accepted (OfferAccepted)
      • Buy Offer Created (BuyOfferCreated)
      • Buy Offer Accepted (BuyOfferAccepted)
      • Batch Transactions
    • Event Emissions
    • Functions and Entry Points
      • Trade Ledger Management
      • Register Ledger
      • Get Trade Ledger
      • Create Sell Offer
      • Accept Sell Offer
      • Cancel Sell Offer
      • Create Buy Offer
      • Accept Buy Offer
      • Cancel Buy Offer
      • Batch Accept Sell Offers
      • Batch Accept Buy Offers
  • Security Mechanisms
  • TRADE Module
    • Introduction
    • Purpose and Ecosystem Role
    • Data Structures
      • TradingPool
      • LiquidityPosition
      • PriceOracle
      • CollectionPool
    • Events
      • PoolCreated
      • LiquidityAdded
      • LiquidityRemoved
      • TradeExecuted
      • PoolStatusChanged
      • PoolFeesUpdated
    • Functions and Entry Points
      • Creating and Managing Liquidity Pools
      • Adding/Removing Liquidity
      • Swapping NFTs and Tokens
      • Fee Mechanics and Distribution
      • Emergency Operations and Recovery
  • Working with Price Oracles
  • Metrics and Statistics (24h Volumes, TWAP, Price Impact)
  • Integration with SALE and ART20
  • Integration and Workflows
    • Typical User Journeys
      • Creating a Collection and Minting Tokens (ART20)
      • Listing and Selling NFTs (SALE)
      • Providing Liquidity and Trading NFTs (TRADE)
    • Example Scripts and Transactions
    • Interactions Between Modules
  • Security, Permissions, and Deny Lists
    • Introduction
    • Role of Deny List in ART20
    • Creator vs. Owner Permissions
    • Fee Distribution and Authority
    • Best Practices for Secure Deployment
  • Testing and Troubleshooting
    • Running Unit Tests
    • Common Issues and Solutions
    • Debugging and Emitting Debug Events
  • Advanced Topics
    • Value Sources (API Endpoints and Oracle Addresses)
    • Batch Update Operations
    • Customizing Parameters (Fees, Supply, Price Ranges)
    • Extensibility and Future Integrations
  • Appendices
    • Move Language and Sui Concepts
    • Glossary of Terms
    • Code Style and Conventions
  • Building on Top of the Artinals Contract
    • Overview
    • Package ID
    • Import Modules
    • Commom Integration Patterns
    • Best Practices
    • Common Errors and Solutions
Powered by GitBook
On this page
  1. Security, Permissions, and Deny Lists

Creator vs. Owner Permissions

In the ART20 framework, there is a distinction between the creator of a collection and the owner of certain capabilities or objects:

  • Creator: Typically the address that initializes the collection via mint_art20(...). The creator has special privileges such as updating metadata (if is_mutable = true) and managing the deny list (if allowed).

  • Owner (of Specific Objects): Some functionalities rely on who currently owns a specific capability or object. For example, CollectionCap objects grant privileges to mint more NFTs, update value sources, or manage collection-level parameters.

Implications for Security:

  • Minting Control: Only the creator or an entity holding the CollectionCap can mint additional NFTs, preventing unauthorized expansion of supply.

  • Metadata Updates: If the collection is mutable, only the creator can perform updates, avoiding unauthorized changes to the NFT’s identity or valuable attributes.

  • Deny List Management: As long as the creator maintains deny list authority, they can dynamically respond to security threats or compliance needs.

PreviousRole of Deny List in ART20NextFee Distribution and Authority

Last updated 3 months ago