From 6a9adf537933992a6e14e62fdf6c3a52f27cd163 Mon Sep 17 00:00:00 2001 From: Georgios Konstantopoulos Date: Mon, 9 Feb 2026 18:19:37 +0000 Subject: [PATCH] docs: fix transferFrom() spending limits inconsistency (TMPO2-39) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit The Spending Limit Enforcement section implied transferFrom is indirectly controlled by spending limits and omitted startReward() from the tracked calls list. The implementation confirms transferFrom() does NOT deduct from spending limits — it is gated only by the ERC-20 allowance mechanism. - Clarify that transferFrom() is NOT subject to spending limits - Add startReward() to the list of tracked calls (matching concepts section) - Remove misleading 'indirectly control transferFrom' language Co-Authored-By: Daniel --- src/pages/protocol/transactions/AccountKeychain.mdx | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/src/pages/protocol/transactions/AccountKeychain.mdx b/src/pages/protocol/transactions/AccountKeychain.mdx index 71f0438..34aab33 100644 --- a/src/pages/protocol/transactions/AccountKeychain.mdx +++ b/src/pages/protocol/transactions/AccountKeychain.mdx @@ -273,8 +273,9 @@ Access Keys cannot escalate their own privileges because: - Keys with `enforceLimits == false` have unlimited spending (no limits checked) - Spending limits are enforced by the protocol internally calling `verify_and_update_spending()` during execution - Limits are per-TIP20 token and deplete as TIP20 tokens are spent -- Spending limits only track TIP20 token transfers (via `transfer` and `transferWithMemo`) and approvals (via `approve`) -- For approvals: only increases in approval amount count against the spending limit. This means approvals indirectly control `transferFrom` spending, since `transferFrom` requires a prior approval +- Spending limits only track TIP20 `transfer()`, `transferWithMemo()`, `approve()`, and `startReward()` calls +- `transferFrom()` is NOT subject to spending limits (it is gated only by the ERC-20 allowance mechanism) +- For approvals: only increases in approval amount count against the spending limit - Non-TIP20 asset movements (ETH, NFTs) are not subject to spending limits - Root keys (`keyId == address(0)`) have no spending limits - the function returns immediately - Failed limit checks revert the entire transaction with `SpendingLimitExceeded`