Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

ICRC-81: Extend global delegation with arbitrary targets (ICRC-28 extension) #81

Open
dostro opened this issue May 22, 2024 · 0 comments
Open

ICRC-81: Extend global delegation with arbitrary targets (ICRC-28 extension) #81

dostro opened this issue May 22, 2024 · 0 comments

Comments

@dostro
Copy link

dostro commented May 22, 2024
edited
Loading

ICRC-81: Extend global delegation with arbitrary targets (ICRC-28 extension)

Status Badge

Summary

ICRC-28 defines a standard method to provide global delegations to relying parties while ensuring that malicious actors cannot gain permission to manage user data in arbitrary canisters (i.e. drain a user's wallet of its assets).

This specification outlines a mechanism for relying parties to request extensions of global delegations to include canisters that the dapp does not control as targets.

Terminology

  • signer: A service that manages a user's keys and can sign and perform canister calls on their behalf.
  • relying party: A service that wants to request calls on a specific canister.
  • targets: A list of canisters to be permitted a delegation identity for.

Methods

icrc81_extend_targets

The purpose of the icrc81_extend_targets method is for the relying party to request extensions of global delegations to include canisters that the dapp does not control as targets. If the set of targets is not empty, the signer SHOULD pick only the inverse of targets from the icrc28_get_trusted_origins method and SHOULD request user approval before responding with the delegation with extended targets.

Prerequisites

None

Request Params

targets: Array of canisters to extend the global delegation with

Result

delegation:

Message Processing

  1. The relying party sends a icrc81_extend_delegation message to the signer.
  2. Depending if the signer supports user approval:
    • If the signer does support user approval, it will display to the user a request to allow the relying party to manage data in those canisters on the user's behalf.
  3. If the user approves the request, the signer will create a delegation with the new canisters listed as targets and respond back to the relying party with it.

Errors

The error is an object comprising the code, message and optional data fields as described in the JSON-RPC 2.0 Specification. In addition to the pre-defined errors, the following values are defined applying to all methods (including extension standards):

  • General (code: 1xxx)
Code Message Meaning Data
1000 Generic error Generic error not fitting another, more specific error category. (text): description of the error intended for developers
  • Not supported (code: 2xxx)
Code Message Meaning Data
2000 Not supported The operation is not supported by the signer. (text): description of the error intended for developers
  • User action (code: 3xxx)
Code Message Meaning Data
3000 Permission not granted The signer has rejected the request due to insufficient permissions. N/A
3001 Action aborted The user has canceled the action. N/A
  • Network (code: 4xxx)
Code Message Meaning Data
4000 Network error The network call failed. (optional) Error details:
  • status (int): HTTP status code
  • message (text, optional): message
@dostro dostro changed the title ICRC-58: Extend global delegation with arbitrary targets (ICRC-28 extension) ICRC-81: Extend global delegation with arbitrary targets (ICRC-28 extension) May 29, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@dostro