Evolvable token should only be editable by maintainer

Description

See https://r3-cev.atlassian.net/browse/CQE-37 TL;DR the issue is that a non maintainer can start the update flow which then obtains the signatures from the maintainers! The initiating flow should be changed such that it can only be startable by maintainers/creaters and also the respnder flow should be changed such that the request signature message cannot come from a non-maintainer.

Status

Assignee

Unassigned

Reporter

Roger Willis

Priority

High

Labels

None

Severity

High

Fix versions

Ported to...

None

Feature Team

Mid Stack