Burn - Mismatch documentation #20
Description
The readme documentation indicates that there is no authentication witness in the mint and burn function
Mint and burn restrictions: There is no authentication witness in the mintandburn functions, as a third party is not allowed to mint or burn; only the issuer can perform these actions.
But the comment and code for the function burn indicates that authwit is required
An authwit from the 'from' address is required to burn tokens on their behalf.
#[private]
fn burn(from: AztecAddress, amount: u128, nonce: Field) {
assert(!storage.enforcement_module.is_frozen(from), "Frozen: Sender");
if (!from.eq(context.msg_sender())) {
assert_current_call_valid_authwit(&mut context, from);
}
CMTAToken::at(context.this_address())._burn_internal(from, amount).call(&mut context);
CMTAToken::at(context.this_address())._burn(context.msg_sender(), amount).enqueue(&mut context);
}