easy-peasy

Object-Centric Design

In Sui Move, everything revolves around objects , which are unique, immutable, or mutable entities stored directly on-chain. This contrasts sharply with account-based models in traditional smart contract languages, where balances and states are tied to addresses. Objects in Sui are:

Typed and Resource-Oriented : Resources (like tokens or NFTs) are first-class citizens, ensuring they cannot be duplicated, unintentionally destroyed, or misused. Owned and Transferable : Each object has a clear owner, making it easier to enforce permissions and prevent unauthorized access.

module examples::my_token { use sui::object::{Self, UID}; use sui::transfer;

// Define a custom object type
struct MyToken has key, store {
    id: UID,
    value: u64,
}

// Function to create a new token
public fun create_token(ctx: &mut TxContext): MyToken {
    MyToken {
        id: object::new(ctx),
        value: 100,
    }
}

// Function to transfer ownership of the token
public fun transfer_token(token: MyToken, recipient: address) {
    transfer::public_transfer(token, recipient);
}

}

Example demonstrates how Sui Move ensures secure object creation and ownership. The MyToken object is explicitly owned and cannot be duplicated due to Move's type system.

Module Encapsulation and Access Control

Sui Move enforces strict encapsulation at the module level. Functions and resources defined within a module are private by default, and only explicitly marked functions are accessible externally. This minimizes the attack surface for malicious actors.

module examples::secure_module { use sui::object::{Self, UID};

// Private struct (only accessible within the module)
struct SecretData has key {
    id: UID,
    data: vector<u8>,
}

// Public function to create a secret object
public fun create_secret(ctx: &mut TxContext): SecretData {
    SecretData {
        id: object::new(ctx),
        data: b"confidential".to_vec(),
    }
}

// Private function (not callable outside the module)
fun internal_logic(secret: &SecretData): u64 {
    secret.data.length()
}

}

Here, SecretData and internal_logic are inaccessible outside the module, ensuring that sensitive logic remains protected.

Sui Move's module system allows developers to define types (objects) and functions within named modules at a specific address, acting as secure blueprints. This organizes code and enforces secure interactions through strong typing, Move's linear type system, and an object-centric security model often leveraging capability patterns. Unlike traditional contract languages where code and state are conflated, Sui separates modules (code) from objects (state). Objects have unique IDs in a global, owner-centric store, rather than being internal to a contract's storage. Module identification in Sui includes native upgradeability, allowing code changes at the same address, contrasting with immutable contract addresses in many other ecosystems. This object-centric design, distinct module identification, and global object storage enable Sui's parallel transaction execution and unique ownership guarantees.

Sui Move's module system defines and organizes custom on-chain objects using structs and their associated functions. Security is baked in via strong type safety, Move's ownership model (objects are directly owned, shared, or immutable), and capability patterns where specific structs grant permissions, allowing fine-grained control over object creation, modification, and transfer. Compared to traditional smart contract languages, Sui modules are part of immutable packages, each with a unique Package ID (an object ID itself). Modules are referenced by 0xpackage_id::module_name, providing stable, versioned code. Upgradeability is managed through a PackagePublisher capability. Object storage is also distinct: every custom object has a globally unique ID and is a first-class citizen, directly owned by an address or shared, unlike typical contract-managed internal storage. This object-centric model underpins Sui's parallel transaction execution.