igrc721.gno
1.67 Kb · 50 lines
1package grc721
2
3// IGRC721Reader is the read-only view of an NFT. Safe to receive across
4// realm boundaries — has no rlm-typed methods, so a malicious impl can
5// only lie about read results (data-integrity issue), not capture cur.
6//
7// Writes are concrete methods on *basicNFT only — there is no IGRC721
8// writer interface. The owning realm should
9// hold the concrete *basicNFT in an unexported package var and expose
10// public rlm-validating wrappers like:
11//
12// func TransferFrom(cur realm, from, to address, tid TokenID) error {
13// caller := cur.Previous().Address()
14// return nft.TransferFrom(caller, from, to, tid)
15// }
16//
17// This is the Reader/Writer split — stronger than the Authority-pattern
18// because the writer interface doesn't exist at all, so no realm author
19// can accidentally expose it. See `r/demo/foo721` for the canonical
20// wrapper pattern.
21type IGRC721Reader interface {
22 Name() string
23 Symbol() string
24 TokenCount() int64
25 BalanceOf(owner address) (int64, error)
26 OwnerOf(tid TokenID) (address, error)
27 GetApproved(tid TokenID) (address, error)
28 IsApprovedForAll(owner, operator address) bool
29}
30
31type (
32 TokenID string
33 TokenURI string
34)
35
36func (t TokenID) String() string { return string(t) }
37func (t TokenURI) String() string { return string(t) }
38
39const (
40 MintEvent = "Mint"
41 BurnEvent = "Burn"
42 TransferEvent = "Transfer"
43 ApprovalEvent = "Approval"
44 ApprovalForAllEvent = "ApprovalForAll"
45)
46
47// NFTGetter returns a reader-only view of an NFT. Aggregators (such as
48// tokenhub) register and dispatch NFTGetters; the reader-only return
49// type means even a malicious aggregator can't be used to leak cur.
50type NFTGetter func() IGRC721Reader