New garbage purse persisted forever during every vault transfer
Description
As spoted by @Dominik Zajkowski:
While doing a rev transfer, we split purses (at least once) to maintain OCAP safety. The newly-created purse can't be reused by the receiver though (OCAP safety!) and instead is only used as a transfer medium. This transfer medium though lingers forever in the tuplespace (we don't have garbage collection yet).
We should provide a method in purse contract allowing for moving part of the funds into a one-time-use-only 'transfer purse', that listens *only once* for a 'deposit' call. The deposit call should most likely not take an "amount" argument. Rather, the whole transfer purse should be absorbed by the transfer target.
See RevVault.rho:152 nad RevVault.rho:171 for context.
Search for other usages of purse "split" method and audit them for similar issues
As spoted by @Dominik Zajkowski:
While doing a rev transfer, we split purses (at least once) to maintain OCAP safety. The newly-created purse can't be reused by the receiver though (OCAP safety!) and instead is only used as a transfer medium. This transfer medium though lingers forever in the tuplespace (we don't have garbage collection yet).
We should provide a method in purse contract allowing for moving part of the funds into a one-time-use-only 'transfer purse', that listens *only once* for a 'deposit' call. The deposit call should most likely not take an "amount" argument. Rather, the whole transfer purse should be absorbed by the transfer target.
See RevVault.rho:152 nad RevVault.rho:171 for context.
Search for other usages of purse "split" method and audit them for similar issues