blockworks-foundation
/
sbv2-solana
mirror of https://github.com/blockworks-foundation/sbv2-solana.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
sbv2-solana/website/docs-1/architecture/permissions/queue-permissions.mdx

55 lines
2.4 KiB
Plaintext
Raw Blame History

This file contains invisible Unicode characters

This file contains invisible Unicode characters that are indistinguishable to humans but may be processed differently by a computer. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

---
sidebar_position: 4
slug: .
title: Permissions
---
import { Typography } from "@mui/material";
import PermissionInstructions from "/idl/_permission_instructions.mdx";
import PermissionAccountData from "/idl/accounts/PermissionAccountData.md";
import SwitchboardPermission from "/idl/types/SwitchboardPermission.md";
import PermissionInit from "/idl/instructions/permissionInit.md";
import PermissionSet from "/idl/instructions/permissionSet.md";
A permission account is a program derived address between a granter and grantee public key, and dictates whether the grantee has permissions to use an on-chain resource from a granter.
An oracle queue manages how its resources get allocated by using permission accounts. Any oracle or aggregator that wants to use a feed must be approved by the queue's authority. The Switchboard DAO oracle queue's will use on-chain voting to control how permission accounts are created and revoked.
## Queue Configuration
Oracles **_always_** need `PERMIT_ORACLE_HEARTBEAT` permissions before joining a queue.
### ⚙unpermissionedFeedsEnabled
If a queue has `unpermissionedFeedsEnabled`, then new Aggregators will not need to be granted permissions by the queue authority to request a new result. The Aggregator still needs to create a permission account between itself and the oracle queue.
### ⚙unpermissionedVrfEnabled
If a queue has `unpermissionedVrfEnabled`, then new VRF accounts will not need to be granted permissions by the queue authority to request a new randomness result. The VRF account still needs to create a permission account between itself and the oracle queue.
## Functions
A permission account is responsible for the following functions:
- [**Access Control**](#provide-minStake): Control access to a queue's resources.
### 🚀Access Control
Oracle queue's use permission accounts to manage access to its oracles and cranks. A permission account is a program derived address between a granter and grantee public key, and dictates whether the grantee has permissions to use an on-chain resource from a granter. In this case, its the oracle queue granting the following permissions:
<SwitchboardPermission />
An oracle queue `authority` can change a resources permissions using the PermissionSet instruction.
## Account Schema
### 📦PermissionAccountData
<PermissionAccountData />
## Developer Resources
<PermissionInstructions />
Reference in New Issue View Git Blame Copy Permalink