From aed7556df5b69b60d6d2d1a4611ce2ebfc250583 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Stefan=20Schie=C3=9Fl?= Date: Wed, 25 Jul 2018 13:35:17 +0200 Subject: [PATCH] Update bsip-0040.md --- bsip-0040.md | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/bsip-0040.md b/bsip-0040.md index e236f41..294fd96 100644 --- a/bsip-0040.md +++ b/bsip-0040.md @@ -20,7 +20,7 @@ permission contains a list of operationid-to-authority mappings that each grant operation as if it were the active permission of the account. Additionally, the arguments of said operation can be restricted. -# Motivation and Rational +# Motivation Any successfull hacking or phishing attempt on any of the web wallets that are powered by the BitShares Blockchain is bad publicity. The user needs to be educated in account security, and this BSIP @@ -34,7 +34,7 @@ Examples: The above list of named keys is nothing that is known to the backend as the backend should have an abstract implementation. The UI should provide a button "Create Trading Key" that properly configures the respective custom active permission entry. -# Specifications +# Rational The description here is more on a superficial level and no recommendation how it can best be implemented. Custom active permission is a list of custom active authorities. A `custom active authorities` contains an `operation_id`, an `authority` (just like with active permission) and a list of `restricted arguments`. When a transaction is signed with such an authority the backend checks if the contained operation has a corresponding custom active authority entry and if so acts as if the active authority of the corresponding account is given. It also checks if the arguments are in the allowed range. @@ -52,6 +52,8 @@ custom active authority = { ``` That has the consquence now that a a transfer transaction sending funds away from A can be signed with key K as long as the receiver is B. +# Specifications + # Discussion To be found in the [issue](https://github.com/bitshares/bitshares-core/issues/1061).