feat(logic): specify parameters for module logic

axone-protocol · Jan 2, 2023 · 6297da0 · 6297da0
1 parent f848961
commit 6297da0
Show file tree

Hide file tree

Showing 2 changed files with 122 additions and 3 deletions.
diff --git a/proto/logic/v1beta/params.proto b/proto/logic/v1beta/params.proto
@@ -3,13 +3,79 @@ syntax = "proto3";
 package logic.v1beta;
 
 import "gogoproto/gogo.proto";
+import "google/protobuf/duration.proto";
+import "logic/v1beta/types.proto";
 
 option go_package = "github.com/okp4/okp4d/x/logic/types";
 
-// Params defines the parameters for the module.
+// Params defines all the configuration parameters of the "logic" module.
 message Params {
   option (gogoproto.goproto_stringer) = false;
 
-  // foo represents a metasyntactic variable for testing purposes.
-  string foo = 1 [(gogoproto.moretags) = "yaml:\"foo\""];
+  // Specify the parameter for the logic interpreter.
+  Interpreter interpreter = 1
+  [(gogoproto.nullable) = false, (gogoproto.moretags) = "yaml:\"interpreter\""];
+
+  // Specify the limits for query executions.
+  QueryExecutionLimits query_execution_limits = 2
+  [(gogoproto.nullable) = false, (gogoproto.moretags) = "yaml:\"query_execution_limits\""];
+
+  // Specify the limits for programs.
+  ProgramLimits program_limits = 3
+  [(gogoproto.nullable) = false, (gogoproto.moretags) = "yaml:\"program_limits\""];
+
+  // Specify the access control list that applies to the module.
+  //
+  // ACLs are expressed as a combination set of tag, qualifier and permission, where:
+  //
+  // - `tag` denotes the authorization scheme to use. Possible values are:
+  //    - `address`: authorization is evaluated according to the address wallet of the transaction.
+  // - `qualifier` denotes the identifier in the tag scope.
+  // - `permission` denotes a permission, i.e. the operation allowed on the considered domain object. Possible values are:
+  //    - `store`: if authorization is granted to store a program in the module.
+  //    - `remove`: if authorization is granted to remove a program from the module.
+  //
+  // It is important to note that if no ACL is configured, all requests are allowed. If an empty ACL set is configured,
+  // all requests are denied and explicit permissions must be defined.
+  repeated ACL acls = 4
+  [(gogoproto.nullable) = false, (gogoproto.moretags) = "yaml:\"acls\""];
+}
+
+// QueryExecutionLimits defines the limits for query executions.
+message QueryExecutionLimits {
+  option (gogoproto.goproto_stringer) = true;
+
+  // Specify the maximum amount of computing power allowed to be consumed to execute the request by the interpreter,
+  // in "gas", the unit of this quantity.
+  uint32 max_gas = 1
+  [(gogoproto.moretags) = "yaml:\"max_execution_time\",omitempty"];
+
+  // Specify the maximum number of results that can be asked for a query.
+  uint32 max_result_count = 2
+  [(gogoproto.moretags) = "yaml:\"max_result_count\""];
+}
+
+// ProgramLimits defines the limits for a program.
+message ProgramLimits {
+  option (gogoproto.goproto_stringer) = true;
+
+  // Specify the maximum accepted size (in bytes) of a program.
+  uint32 max_size = 1
+  [(gogoproto.moretags) = "yaml:\"max_size\""];
+}
+
+// Interpreter defines the various parameters for the interpreter.
+message Interpreter {
+  option (gogoproto.goproto_stringer) = true;
+
+  // Specify the list of registered predicates/operators, in the form of: "<predicate_name>/<arity>".
+  // For instance: "findall/3".
+  // If not specified, the default set of predicates/operators will be registered.
+  repeated string registered_predicates = 1
+  [(gogoproto.nullable) = true, (gogoproto.moretags) = "yaml:\"registered_predicates\""];
+
+  // Specify the initial program to run when booting the logic interpreter.
+  // If not specified, the default boot sequence will be executed.
+  string bootstrap = 2
+  [(gogoproto.nullable) = true, (gogoproto.moretags) = "yaml:\"bootstrap\""];
 }
diff --git a/proto/logic/v1beta/types.proto b/proto/logic/v1beta/types.proto
@@ -0,0 +1,53 @@
+syntax = "proto3";
+
+package logic.v1beta;
+
+import "gogoproto/gogo.proto";
+
+option go_package = "github.com/okp4/okp4d/x/logic/types";
+
+// An ACL specifies the access permissions on the associated resource for an actor, as a combination of actions such as
+// read, write or delete. It is quite similar to UNIX file access permissions.
+//
+// Basically, an ACL is composed of:
+// - a tag that denotes the authorization scheme to use, for instance: the wallet address which specifies an authorization scheme based on this address;
+// - an optional tag qualifier that denotes the identifier in the tag scope. For instance the okp4 address of an actor for the tag "address";
+// - a set of permissions, denoting the combination of actions an actor is allowed to perform on the resource.
+//
+// ACLs can be expressed in the compact form of a URN:
+//
+// <tag>:<qualifier>:[<permission>,]*<permission>
+//
+// Here are some examples of ACLs and a description of their effects:
+//
+// - `address:okp41jyz4hc5tuweugs2xjn5fxd8rqehv6t3nl6y3le:store,remove` : the actor with the given okp4 address under control is authorized to perform the action "store".
+// - `address::query` : any actor (with any address) is authorized to perform the action "query".
+message ACL {
+  // Tag that denotes the authorization scheme to use.
+  // Several different tags may exist, depending on the domain objects and the services that manages them.
+  //
+  // For instance:
+  // - `address`: the ACL requires a specific wallet address.
+  string tag = 1
+  [(gogoproto.moretags) = "yaml:\"tag\""];
+
+  // Qualifier that denotes the identifier in the tag scope.
+  // Several different qualifiers may exist in the system, depending on the tag.
+  //
+  // For instance:
+  // - `address`: for the tag `address`, the identifier represents the unique resource identifier of the user, e.g. `3AW302xlzVugABjjEJ`.
+  string qualifier = 2
+  [(gogoproto.nullable) = true, (gogoproto.moretags) = "yaml:\"qualifier\""];
+
+  // Set of permissions (at least one).
+  // Several different permissions may exist depending on the nature of the domain objects and the different operations supported by
+  // these objects.
+  //
+  // - `store`: permission to store a program.
+  // For instance:
+  // - `remove`: permission to remove a program.
+  // - `query`: permission to query a program.
+  // - ...
+  repeated string permissions = 3
+  [(gogoproto.moretags) = "yaml:\"permissions\""];
+}