Skip to content

Decide whether KNOWN_ISSUER gates received-token issuers on inflow legs #39

Description

@christian-rogobete

The value descriptor records inflow legs (Blend withdraw/borrow proceeds, vault withdrawals) so every leg of a call is visible, but the counterparty KNOWN_ISSUER check scopes to debit legs only: receiving a token via a DeFi withdrawal is not gated against the issuer allowlist. This matches the pre-descriptor behavior (DeFi counterparty was never checked) and receiving tokens cannot drain funds, so the skip is deliberate — recorded here so it is a decision rather than an accident. If inflow gating is wanted (reject receipt of untrusted-issuer tokens), it is an additive expansion of the KNOWN_ISSUER semantics over non-debit legs. Assess after the descriptor migration completes.

Metadata

Metadata

Assignees

No one assigned

    Labels

    enhancementNew feature or request

    Type

    No type

    Fields

    No fields configured for issues without a type.

    Projects

    No projects

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions