Status | IN PROGRESS |
---|---|
Stakeholders | |
Outcome | |
Due date | |
Owner |
Background
Iroha Special Instructions and Iroha Queries processing requires a permissions based security model.
...
- Use Iroha 1 approach with roles and grantable permissions:
- `+` Out-of-the-Box permissions grouping by roles
- `-` hardcoded permissions checks and additional low-level logic
- Use assets, but do hardcoded permissions checks inside instructions
- `+` less client-side actions needed
- `-` no ability to clean genesis block processing and configuration
Concerns
- Additional requirements to Iroha Special Instructions, Queries and Triggers will slow down development
- Additional high-level functionality would be needed to simulate "Roles"
Assumptions
- Iroha Triggers support pre-instruction hooks because it will be more effective to check permissions before instructions execution
Risks
- This solution will impact Iroha Triggers design `[9;6]`