BSIP 40: Custom active authorities #1285
Labels
1a Epic
High level concept to be addressed. Description should contain a list referencing child User Stories
2a Discussion Needed
Prompt for team to discuss at next stand up.
3b Feature
Classification indicating the addition of novel functionality to the design
4b Normal Priority
Priority indicating the moderate impact to system/user -OR- existing workaround is costly to perform
6 API
Impact flag identifying the application programing interface (API)
6 CLI
Impact flag identifying the command line interface (CLI) wallet application
6 DEX
Impact flag identifying the Decentralized EXchange, market engine, etc.
6 Protocol
Impact flag identifying the blockchain logic, consensus, validation, etc.
6 Security
Impact flag identifying system/user security
6 UX
Impact flag identifying the User Interface (UX)
9d Gigantic
Effort estimation indicating TBD
feature
hardfork
Milestone
Strengthening user security is one of the main factors to elevate BitShares. In light of recent hacking and phishing attempts this becomes even more important. The need for a more sophisticated account security preceeded the idea for a finer-grained control of account permissions. We propose to add an additional authority to the account, called Custom Active (Permission). The permission contains a list of operationid-to-authority mappings that each grant access to the respective operation as if it were the active permission of the account. Additionally, the arguments of said operation can be restricted.
User Story
As a
user
I wanta more sophisticated control
andmanagement
capabilities for my permissions so thatthe impact of a compromised key is reduced
andon-chain tasks can be delegated
.This covers issues reported here as well
The BSIP
The BSIP drafting is completed and it is available here
https://github.com/bitshares/bsips/blob/master/bsip-0040.md
CORE TEAM TASK LIST
The text was updated successfully, but these errors were encountered: