Bucket drop is the most dangerous function and should be unsafe or deprecated

[bbarwik]

From my experience as auditor, the most dangerous function is "bucket.burn()".

For example, let's say we have the following function:

        pub fn repay_loan(&mut self, loan_repayment: Bucket, loan_terms: Bucket) {
            // Verify we are being sent at least the amount due
            let terms: LoanDue = loan_terms.as_non_fungible().non_fungible().data();
            assert!(
                loan_repayment.amount() >= terms.amount_due,
                "Insufficient repayment given for your loan!"
            );

            // We could also verify that the resource being repaid is of the correct kind, and give a friendly
            // error message if not. For this example we'll just let the engine handle that when we try to deposit
            self.loan_vault.put(loan_repayment);

            // We have our payment; we can now burn the transient token
            self.auth_vault
                .as_fungible()
                .authorize_with_amount(dec!(1), || loan_terms.burn());
        }

In this function, loan_terms resource address is nowhere checked so someone could create NFT compatible with LoanDue and it would work correctly because loan_terms.burn() is burning any kind of NFT.

Instead of this behavior I propose to use

self.transient_resource_manager.burn(loan_terms);

so we can always be sure that we are burning correct bucket and validation is not needed.

That's why I propose to entirely remove bucket.drop() or keep it unsafe because there are almost no use cases where it should be used without validation.