Update bsip-0040.md
This commit is contained in:
parent
e928c44cc8
commit
e8fabfd5cd
1 changed files with 16 additions and 10 deletions
26
bsip-0040.md
26
bsip-0040.md
|
@ -37,7 +37,17 @@ The above list of named keys is nothing that is known to the backend as the back
|
|||
# Rational
|
||||
|
||||
The description here is more on a superficial level and no recommendation how it can best be implemented.
|
||||
Custom active permission is a list of custom active authorities. A `custom active authorities` contains an `operation_id`, an `authority` (just like with active permission) and a list of `restricted arguments`. When a transaction is signed with such an authority the backend checks if the contained operation has a corresponding custom active authority entry and if so acts as if the active authority of the corresponding account is given. It also checks if the arguments are in the allowed range.
|
||||
Custom active permission is a list of custom active authorities. A `custom active authorities` contains an `operation_id`, an `authority` (just like with active permission) and a list of `assert`s than can be used to restricted arguments. When a transaction is signed with such an authority the backend checks if the contained operation has a corresponding custom active authority entry and if so acts as if the active authority of the corresponding account is given. It also checks if the arguments are in the allowed range.
|
||||
|
||||
A Custom Active Permission looks like follows (in JSON for clarification, backend serializes and stores in a different way):
|
||||
```
|
||||
custom_active_permission = list of custom_active_authority items
|
||||
custom_active_authority = {
|
||||
operationid,
|
||||
auhtority,
|
||||
assert
|
||||
}
|
||||
```
|
||||
|
||||
Example:
|
||||
Assume account A and B and some unrelated key K. Furthermore A has a custom active authority in the following way:
|
||||
|
@ -57,12 +67,11 @@ custom active authority = {
|
|||
That has the consquence now that a a transfer transaction sending funds away from A can be signed with key K as long as the receiver is B.
|
||||
|
||||
# Specifications
|
||||
|
||||
* the account objects must be extended to store custom active authority
|
||||
* an operation must be extended or created to allow changing the custom active authority
|
||||
* additional signatures and operation-specific authorities (if present) must be evaluated against incoming transactions
|
||||
|
||||
* additional committee parameters may need to be specified to limit the extend of usage of this feature
|
||||
Requirements to modify the backend includes
|
||||
* Extend the account object to store custom active permission
|
||||
* Extend `account_update` or create a new operation to allow changing the custom active permission
|
||||
* Operation-specific authorities (if present) must be evaluated in incoming transactions
|
||||
* Additional committee parameters may be needed to limit the extend of usage of this feature
|
||||
|
||||
# Discussion
|
||||
|
||||
|
@ -76,6 +85,3 @@ Bad publicity in terms of security can have very negative effect on the BTS valu
|
|||
|
||||
This document is placed in the public domain.
|
||||
|
||||
# See Also
|
||||
|
||||
|
||||
|
|
Loading…
Reference in a new issue