Module's mutablity

I’m curious if libra team has some new thinking on the module’s mutability. On the white paper, it’s said that the module will be immutable. However, mutability is friendly to dapp developers to continuously iterate. For example, EOS allows to update contract code.

Aren’t smart contracts immutable in all blockchains?

AFAIK, eos supports updating contract code, but of course the mutation is traceable

IMHO the point here is that users of module should be opt-in to the upgrade. That’s what we mean by immutable: unless the users of a module explicitly agree to use a newer version of code, they should be using the module that they agreed to use via the previously signed transaction. We believe that this will prevent the malicious upgrade of the developer. Having said so, however, there will be some programming pattern in Move that can simulate the upgrade behavior of a module. (Think of publishing a module with a different name and transfer ownership of a resource) We will provide some guidelines there in the future.

1 Like