You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
This TIP provides operation permission specification for Multi-signature.
Abstract
By Multi-signature, an account can be managed by several private keys, and the transactions created in one account can be signed by serval private keys. This TIP is a supplement of TIP16 for Multi-signature operation permission specification.
Motivation
This TIP is used to make clear that how to implement user-defined operation permission for Multi-signature.
Specification
There are three types of permission: owner、witness and active. Owner permission has the right to execute all the contracts. Witness permission is for SR. Active permission contains a set of contracts selected execution permissions.
Three attributes are added to the account: owner_permission、witness_permission and active_permission. active_permission is a list, the length can not be bigger than 8.
PermissionType: Pemission type id: Generated by system. Owner id=0, Witness id=1, Active id increases from 2. Specifying using which permission to execute a contract by setting id. For instance, using owner permission, set id=0 permission_name: Permission name, 32 bytes length limit threshold: The threshold of the signature weight parent_id: Current 0 operations: 32 bytes (256 b), each of which represents the authority of a contract, when 1 means the right to own the contract keys: The accounts and weights that all own the permission, 5 keys at most.
Each bit of operations in Permission represent the execution permission of one contract, 1 means it owns the execution permission of the contract. For instance, operations=0x0100...00(hex) or 100...0(binary), refer to the definition of Transaction.ContractType, the id of AccountCreateContract is 0, means this permission only owns the execution permission of AccountCreateContract. If the operations is set 0x7fff1fc0033e0300000000000000000000000000000000000000000000000000(hex) or 11111110 11111111 11111000 00000011 11000000 01111100 11000000 ......(binary), it means it support the execution of all contracts except AccountPermissionUpdateContract.
Note: all the hex byte sequences of operations are ordered in little-endian coding, but for each byte, it's ordered in big-endian for binary bits. For the above example, the first byte is 7f, its corresponding binary coding is 11111110 ; the third byte is 1f, its corresponding binary coding is 11111000.
Change Permission
If the account hasAccountPermissionUpdateContract permission, it can change the permissioins by the following steps:
1、call getaccount to query the account, get the original permission
2、change permission
3、build transaction and sign
4、send transaction
By providing the Multi-signature operation permission, it can empower the account permission control more flexibility and satisfy the different demands of account management.
Simple Summary
This TIP provides operation permission specification for Multi-signature.
Abstract
By Multi-signature, an account can be managed by several private keys, and the transactions created in one account can be signed by serval private keys. This TIP is a supplement of TIP16 for Multi-signature operation permission specification.
Motivation
This TIP is used to make clear that how to implement user-defined operation permission for Multi-signature.
Specification
There are three types of permission: owner、witness and active. Owner permission has the right to execute all the contracts. Witness permission is for SR. Active permission contains a set of contracts selected execution permissions.
Protocols
Account
Three attributes are added to the account: owner_permission、witness_permission and active_permission. active_permission is a list, the length can not be bigger than 8.
Permission
PermissionType
: Pemission typeid
: Generated by system. Owner id=0, Witness id=1, Active id increases from 2. Specifying using which permission to execute a contract by setting id. For instance, using owner permission, set id=0permission_name
: Permission name, 32 bytes length limitthreshold
: The threshold of the signature weightparent_id
: Current 0operations
: 32 bytes (256 b), each of which represents the authority of a contract, when 1 means the right to own the contractkeys
: The accounts and weights that all own the permission, 5 keys at most.Key
address
: The account addressweight
: The signature weightContract Type
Each bit of operations in Permission represent the execution permission of one contract, 1 means it owns the execution permission of the contract. For instance, operations=
0x0100...00(hex)
or100...0(binary)
, refer to the definition of Transaction.ContractType, the id of AccountCreateContract is 0, means this permission only owns the execution permission of AccountCreateContract. If the operations is set0x7fff1fc0033e0300000000000000000000000000000000000000000000000000(hex)
or11111110 11111111 11111000 00000011 11000000 01111100 11000000 ......(binary)
, it means it support the execution of all contracts except AccountPermissionUpdateContract.Note: all the hex byte sequences of operations are ordered in little-endian coding, but for each byte, it's ordered in big-endian for binary bits. For the above example, the first byte is
7f
, its corresponding binary coding is11111110
; the third byte is1f
, its corresponding binary coding is11111000
.Change Permission
If the account has
AccountPermissionUpdateContract
permission, it can change the permissioins by the following steps:1、call
getaccount
to query the account, get the original permission2、change permission
3、build transaction and sign
4、send transaction
http-demo
Rationale
By providing the Multi-signature operation permission, it can empower the account permission control more flexibility and satisfy the different demands of account management.
Implementation
The text was updated successfully, but these errors were encountered: