Directory chain/provider_auth

Module-level declarations

This module contains support for provider multi key authentication. A provider can have one or more keys and also define a threshold for keys required to sign a operation.

The module is shared between DC and EC, with data synced over icmf from DC to EC.

Functions

Link copied to clipboard
function _add_provider_key(provider_pubkey: byte_array, pubkey: byte_array, provider_key_role: provider_key_role)

Adds a key for provider if not already exists. If this is the first key of this role, then the default threshold is set to 1.

Link copied to clipboard
function _revoke_provider_key(provider_pubkey: byte_array, pubkey: byte_array, role: provider_key_role)

Revoke a key for provider.

Link copied to clipboard
function _set_provider_key_threshold(provider_pubkey: byte_array, provider_key_role: provider_key_role, threshold: integer)

Sets the required threshold for a specific provider key role. The threshold is the same as for voting consensus (majority, super-majority or fixed number)

Link copied to clipboard
@extendable function after_provider_auth_updated(provider_pubkey: byte_array)
Link copied to clipboard
function get_provider_auth_key_count(provider_pubkey: byte_array, provider_key_role: provider_key_role): integer
Link copied to clipboard
function get_provider_auth_threshold(provider_pubkey: byte_array, provider_key_role: provider_key_role): provider_auth_threshold?
Link copied to clipboard
function get_provider_by_auth_key(pubkey: byte_array, role: provider_key_role?): byte_array?

Find provider by auth key.

Link copied to clipboard
function is_provider_auth_threshold_set(provider_pubkey: byte_array, provider_key_role: provider_key_role): boolean
Link copied to clipboard
function provider_is_signer(provider_pubkey: byte_array, provider_key_roles: list<provider_key_role>): boolean

Checks if transactions is signed by keys belonging to provider_pubkey. Will require the threshold of signer keys of the given key role to be valid.

Link copied to clipboard
function provider_is_signer_of_signers(provider_pubkey: byte_array, tx_signers: list<byte_array>, provider_key_roles: list<provider_key_role>): boolean

Checks if transactions is signed by keys belonging to provider_pubkey. Will require the threshold of signer keys of the given key role to be valid.