arc-0054

[Bhaney44]

Introduction
I think arc-0054 proposes one of the most useful technologies developed by Algorand by creating a network wide mechanism for verified burns.

Issues

1. There appears to be no way to verify the private key security of the Burn Address.

The Burn AddressBNFIREKGRXEHCFOEQLTX3PU5SUCMRKDU7WHNBGZA4SXPW42OAHZBP7BPHY was funded byZA5Y6ZVM2KOOV7JIIN3LSFNTCZDSOEHVFG6BECIFDIVFPIJWO7AVPO5OZI with TXID CY2OQBJFSB6N7C27FJ2KCONAEJGQAZYLIAWUST7RUWMLFGMLOYUA. The funding address is still active for both receiving and sending assets. Moreover, the approval program makes no apparent mention of creating the Burn Address. Instead the approval program states:

	global CurrentApplicationAddress
	itxn_field AssetReceiver

So, one issue here is that it appears possible that there is an owner of the private key for the Burn Address or that the private key for the Burn Address is potentially recoverable. The other issue is that it appears possible to change CurrentApplicationAddress.

2. The Burn Address does not appear to be connected to an Application ID as specified in the approval program.

I searched the Burn Address on PeraExplorer and found that it was not connected to any Application ID. The first lines of the approval program state:

txn ApplicationID
int 0
>

The issue here is there appears to be no way to verify that this approval program is connected to the Burn Address because the Burn Address has no associated applications.

[grzracz]

This user got his question answered multiple times on Discord and refuses to believe that an application address is created when an application is deployed & the unique "BNFIRE" address was a lot of engineering work from D13.

https://www.blockpack.app/#/explorer/application/1257620981/global-state