Had a long talk with the Agoric team, this made sense as contract signatures is very ocap-ish.
They pointed out that these “contract signatures” can do a lot more than what I described above. For instance, the pattern I’ve described for a token contract went as follow:
- The contract registered as the owner of some amount of XYZcoin in the XYZ token contract creates a “signed” message asking for the transfer of n XYZ coins to a dex.
- This message is passed to the dex which then uses it to retrieve n XYZ coins.
Here’s a far better pattern:
A contract (or some account) asks the XYZcoin contract to create an account for it, the XYZcoin contract creates an account entry, signs it, and sends it to the contract. This storable value is now a key that represents the right to access the XYZcoin contract. It can be kept as is, passed to another contract, etc.
The contract calls XYZcoin, and passes its account key as a parameter… there is no need to rely on the SENDER opcode.
The contract requests that XYZcoin gives it a sign receipt for “n XYZ coins”. The XYZ contract debits n coins from the balance of the requester and returns a “signed” receipt for n coins. This is now a portable representation of the coins that can be passed around between contracts.
The contract sends the receipt to the dex, which can store it, cash it out, send it to another account, etc.
This basically replicates the experience of having assets as first class. Coins from token contracts can be sent just like tez, without expensive callbacks.
In fact, some (maybe not all) token contracts can completely dispense with the notion of mapping accounts to balances, and simply issue signed notes, stored by other contracts on the network, as well as a service to convert a list of notes into a list of other notes with the same sum of balances. As is, this would clash with implicit accounts, but there’s likely some way around it.
In the limit, it starts looking like the asset model that was (once) part of the code-base, where an asset is just a pair between a nat and a contract address, and can be automatically cut up, etc.