docs: update authz docs (#11671)
## Description Closes: #11566 --- ### Author Checklist *All items are required. Please add a note to the item if the item is not applicable and please add links to any relevant follow up issues.* I have... - [ ] included the correct [type prefix](https://github.com/commitizen/conventional-commit-types/blob/v3.0.0/index.json) in the PR title - [ ] added `!` to the type prefix if API or client breaking change - [ ] targeted the correct branch (see [PR Targeting](https://github.com/cosmos/cosmos-sdk/blob/master/CONTRIBUTING.md#pr-targeting)) - [ ] provided a link to the relevant issue or specification - [ ] followed the guidelines for [building modules](https://github.com/cosmos/cosmos-sdk/blob/master/docs/building-modules) - [ ] included the necessary unit and integration [tests](https://github.com/cosmos/cosmos-sdk/blob/master/CONTRIBUTING.md#testing) - [ ] added a changelog entry to `CHANGELOG.md` - [ ] included comments for [documenting Go code](https://blog.golang.org/godoc) - [ ] updated the relevant documentation or specification - [ ] reviewed "Files changed" and left comments if necessary - [ ] confirmed all CI checks have passed ### Reviewers Checklist *All items are required. Please add a note if the item is not applicable and please add your handle next to the items reviewed if you only reviewed selected items.* I have... - [ ] confirmed the correct [type prefix](https://github.com/commitizen/conventional-commit-types/blob/v3.0.0/index.json) in the PR title - [ ] confirmed `!` in the type prefix if API or client breaking change - [ ] confirmed all author checklist items have been addressed - [ ] reviewed state machine logic - [ ] reviewed API design and naming - [ ] reviewed documentation is accurate - [ ] reviewed tests and test coverage - [ ] manually tested (if applicable)
This commit is contained in:
parent
610b2eec6a
commit
40c9de81ab
|
@ -6,6 +6,7 @@
|
|||
* 2020-10-12: Updated Draft
|
||||
* 2020-11-13: Accepted
|
||||
* 2020-05-06: proto API updates, use `sdk.Msg` instead of `sdk.ServiceMsg` (the latter concept was removed from Cosmos SDK)
|
||||
* 2022-04-20: Updated the `SendAuthorization` proto docs to clarify the `SpendLimit` is a required field. (Generic authorization can be used with bank msg type url to create limit less bank authorization)
|
||||
|
||||
## Status
|
||||
|
||||
|
@ -87,8 +88,8 @@ a `SpendLimit` and updates it down to zero:
|
|||
```go
|
||||
type SendAuthorization struct {
|
||||
// SpendLimit specifies the maximum amount of tokens that can be spent
|
||||
// by this authorization and will be updated as tokens are spent. If it is
|
||||
// empty, there is no spend limit and any amount of coins can be spent.
|
||||
// by this authorization and will be updated as tokens are spent. This field is required. (Generic authorization
|
||||
// can be used with bank msg type url to create limit less bank authorization).
|
||||
SpendLimit sdk.Coins
|
||||
}
|
||||
|
||||
|
|
|
@ -42,7 +42,7 @@ The Cosmos SDK `x/authz` module comes with following authorization types:
|
|||
|
||||
### StakeAuthorization
|
||||
|
||||
`StakeAuthorization` implements the `Authorization` interface for messages in the [staking module](https://docs.cosmos.network/v0.44/modules/staking/). It takes an `AuthorizationType` to specify whether you want to authorise delegating, undelegating or redelegating (i.e. these have to be authorised seperately). It also takes a `MaxTokens` that keeps track of a limit to the amount of tokens that can be delegated/undelegated/redelegated. If left empty, the amount is unlimited. Additionally, this Msg takes an `AllowList` and a `DenyList`, which allows you to select which validators you allow grantees to stake with.
|
||||
`StakeAuthorization` implements the `Authorization` interface for messages in the [staking module](https://docs.cosmos.network/v0.44/modules/staking/). It takes an `AuthorizationType` to specify whether you want to authorise delegating, undelegating or redelegating (i.e. these have to be authorised seperately). It also takes a required `MaxTokens` that keeps track of a limit to the amount of tokens that can be delegated/undelegated/redelegated. If left empty, the amount is unlimited. Additionally, this Msg takes an `AllowList` or a `DenyList`, which allows you to select which validators you allow or deny grantees to stake with.
|
||||
|
||||
+++ https://github.com/cosmos/cosmos-sdk/blob/v0.43.0-beta1/proto/cosmos/staking/v1beta1/authz.proto#L11-L31
|
||||
|
||||
|
@ -51,3 +51,5 @@ The Cosmos SDK `x/authz` module comes with following authorization types:
|
|||
## Gas
|
||||
|
||||
In order to prevent DoS attacks, granting `StakeAuthorization`s with `x/authz` incurs gas. `StakeAuthorization` allows you to authorize another account to delegate, undelegate, or redelegate to validators. The authorizer can define a list of validators they allow or deny delegations to. The Cosmos SDK iterates over these lists and charge 10 gas for each validator in both of the lists.
|
||||
|
||||
Since the state maintaining a list for granter, grantee pair with same expiration, we are iterating over the list to remove the grant (incase of any revoke of paritcular `msgType`) from the list and we are charging 20 gas per iteration.
|
||||
|
|
|
@ -12,4 +12,12 @@ Grants are identified by combining granter address (the address bytes of the gra
|
|||
|
||||
The grant object encapsulates an `Authorization` type and an expiration timestamp:
|
||||
|
||||
+++ https://github.com/cosmos/cosmos-sdk/blob/v0.43.0-beta1/proto/cosmos/authz/v1beta1/authz.proto#L21-L26
|
||||
+++ https://github.com/cosmos/cosmos-sdk/blob/v0.46.0-beta2/proto/cosmos/authz/v1beta1/authz.proto#L22-L30
|
||||
|
||||
## GrantQueue
|
||||
|
||||
We are maintaining a queue for authz pruning, whenever a grant created an item will be added to `GrantQueue` with a key of granter, grantee, expiration and value added as array of msg type urls.
|
||||
|
||||
* GrantQueue: `0x02 | granter_address_len (1 byte) | granter_address_bytes | grantee_address_len (1 byte) | grantee_address_bytes | expiration_bytes -> ProtocalBuffer([]string{msgTypeUrls})`
|
||||
|
||||
+++ https://github.com/cosmos/cosmos-sdk/blob/v0.46.0-beta2/x/authz/keeper/keys.go#L86-L102
|
|
@ -16,7 +16,7 @@ If there is already a grant for the `(granter, grantee, Authorization)` triple,
|
|||
The message handling should fail if:
|
||||
|
||||
* both granter and grantee have the same address.
|
||||
* provided `Expiration` time is less than current unix timestamp.
|
||||
* provided `Expiration` time is less than current unix timestamp (but a grant will be created if no `expiration` time is provided since `expiration` is optional).
|
||||
* provided `Grant.Authorization` is not implemented.
|
||||
* `Authorization.MsgTypeURL()` is not defined in the router (there is no defined handler in the app router to handle that Msg types).
|
||||
|
||||
|
|
Loading…
Reference in New Issue