From e8fabfd5cd9ffd351df3e72bd25e96dea13b8e6f Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Stefan=20Schie=C3=9Fl?= Date: Wed, 25 Jul 2018 14:11:03 +0200 Subject: [PATCH] Update bsip-0040.md --- bsip-0040.md | 26 ++++++++++++++++---------- 1 file changed, 16 insertions(+), 10 deletions(-) diff --git a/bsip-0040.md b/bsip-0040.md index 3564dc2..2661b2f 100644 --- a/bsip-0040.md +++ b/bsip-0040.md @@ -37,7 +37,17 @@ The above list of named keys is nothing that is known to the backend as the back # Rational The description here is more on a superficial level and no recommendation how it can best be implemented. -Custom active permission is a list of custom active authorities. A `custom active authorities` contains an `operation_id`, an `authority` (just like with active permission) and a list of `restricted arguments`. When a transaction is signed with such an authority the backend checks if the contained operation has a corresponding custom active authority entry and if so acts as if the active authority of the corresponding account is given. It also checks if the arguments are in the allowed range. +Custom active permission is a list of custom active authorities. A `custom active authorities` contains an `operation_id`, an `authority` (just like with active permission) and a list of `assert`s than can be used to restricted arguments. When a transaction is signed with such an authority the backend checks if the contained operation has a corresponding custom active authority entry and if so acts as if the active authority of the corresponding account is given. It also checks if the arguments are in the allowed range. + +A Custom Active Permission looks like follows (in JSON for clarification, backend serializes and stores in a different way): +``` +custom_active_permission = list of custom_active_authority items +custom_active_authority = { + operationid, + auhtority, + assert +} +``` Example: Assume account A and B and some unrelated key K. Furthermore A has a custom active authority in the following way: @@ -57,12 +67,11 @@ custom active authority = { That has the consquence now that a a transfer transaction sending funds away from A can be signed with key K as long as the receiver is B. # Specifications - -* the account objects must be extended to store custom active authority -* an operation must be extended or created to allow changing the custom active authority -* additional signatures and operation-specific authorities (if present) must be evaluated against incoming transactions - -* additional committee parameters may need to be specified to limit the extend of usage of this feature +Requirements to modify the backend includes +* Extend the account object to store custom active permission +* Extend `account_update` or create a new operation to allow changing the custom active permission +* Operation-specific authorities (if present) must be evaluated in incoming transactions +* Additional committee parameters may be needed to limit the extend of usage of this feature # Discussion @@ -76,6 +85,3 @@ Bad publicity in terms of security can have very negative effect on the BTS valu This document is placed in the public domain. -# See Also - -