Versions Compared

Old Version 16

changes.mady.by.user Ed Rotthoff

Saved on

compared with

New Version Current

changes.mady.by.user Ed Rotthoff

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Research was performed into the ways in which this need might best be met by the FIO protocol. During this research it was identified that there are several cases where the FIO protocol could foresee making use of an access model where account A would be granted an access permission by account C. Thus Account A would perform the operation in question, and also pay any fees that are incurred. Providing an access/permission model which can provide any desired access for accounts to objects in state that are owned by others is not a new concept, however no models were identified in the crypto community that perform the access control meeting the presently identified needs of the FIO protocol.

Important Objectives:

while a user is actively managing a domain we want to permit the user to be able to manage access to the domain. we want to provide getters that help the user understand the grantees. We want to provide getters that allow a user to verify that they have been granted a permission. We want to provide getters that allow the owner of a permission to get a comprehensive list of the grantees of a permission. We want to provide endpoints that permit the owner to add and remove individual grantees easily.

Limitations

permissions are not hot deployable to the chain. The contracts must be modified to permit new permissions and integrate the business logic of each new permission.

...

Third, we can limit the number of grantees to some number that permits housekeeping of permissions in the smart contracts using the permissions.

discussions

while a user is actively managing a domain we want to permit the user to be able to manage access to the domain. we want to provide getters that help the user understand the grantees. We want to provide getters that allow a user to verify that they have been granted a permission. We want to provide getters that allow the owner of a permission to get a comprehensive list of the grantees of a permission. We want to provide endpoints that permit the owner to add and remove individual grantees easily.Discussions

options 1 and 2 above seem to have use cases where users can be disoriented and burdened with error prone and fiddly activities relating to permissions when they have the least interest in managing a domain, this being when they let the domain expire, and when they transfer ownership of the domain.

...

chat with pawel finds that FIP-40 will limit the number of accounts with a permission to be 100. An error will be reported when add perm is used with more than 100 grantees for the permission, This number can be increased if necessary in the futures needed with a contract update.

Getter analysis--

getters will be prototyped to understand how they meet the objectives stated above.