From 3a86f4d3995819bd612602a5c8cea4fef6fdf6c1 Mon Sep 17 00:00:00 2001 From: aleem1314 Date: Thu, 28 Jan 2021 14:08:36 +0530 Subject: [PATCH 01/18] init --- x/authz/spec/README.md | 0 1 file changed, 0 insertions(+), 0 deletions(-) create mode 100644 x/authz/spec/README.md diff --git a/x/authz/spec/README.md b/x/authz/spec/README.md new file mode 100644 index 000000000000..e69de29bb2d1 From 047a9e0f6286df63df27ba8f9d54db459da6aa02 Mon Sep 17 00:00:00 2001 From: aleem1314 Date: Sat, 30 Jan 2021 17:41:20 +0530 Subject: [PATCH 02/18] init --- x/authz/spec/README.md | 23 +++++++++++++++++++++++ 1 file changed, 23 insertions(+) diff --git a/x/authz/spec/README.md b/x/authz/spec/README.md index e69de29bb2d1..0c8193e51b29 100644 --- a/x/authz/spec/README.md +++ b/x/authz/spec/README.md @@ -0,0 +1,23 @@ + + +# `authz` + +## Contents + +1. **[Concept](01_concepts.md)** +2. **[State](02_state.md)** +3. **[Messages](03_messages.md)** + - [MsgGrantAuthorization](03_messages.md#MsgGrantAuthorization) + - [MsgRevokeAuthorization](03_messages.md#MsgRevokeAuthorization) + - [MsgExecAuthorized](03_messages.md#MsgExecAuthorized) +4. **[Events](04_events.md)** + - [Keeper](04_events.md#Keeper) + +## Abstract +`x/authz` is an implementation of a Cosmos SDK module, per [ADR 30](docs/architecture/adr-030-authz-module.md), that allows +granting arbitrary privileges from one account (the granter) to another account (the grantee).Authorizations must be granted for a particular Msg service methods one by one using an implementation of `Authorization` interface. \ No newline at end of file From c52d2c2858fb175a37e7136e9fc9b2f673484c9c Mon Sep 17 00:00:00 2001 From: aleem1314 Date: Sat, 30 Jan 2021 17:41:33 +0530 Subject: [PATCH 03/18] add events --- x/authz/spec/04_events.md | 29 +++++++++++++++++++++++++++++ 1 file changed, 29 insertions(+) create mode 100644 x/authz/spec/04_events.md diff --git a/x/authz/spec/04_events.md b/x/authz/spec/04_events.md new file mode 100644 index 000000000000..788422fe8d6c --- /dev/null +++ b/x/authz/spec/04_events.md @@ -0,0 +1,29 @@ + + +# Events + +The authz module emits the following events: + +## Keeper + +### GrantAuthorization + +| Type | Attribute Key | Attribute Value | +|----------------------|-------------------|--------------------| +| grant-authorization | module | authz | +| grant-authorization | grant-type | {msgType} | +| grant-authorization | granter | | +| revoke-authorization | grantee | | + + +### RevokeAuthorization + +| Type | Attribute Key | Attribute Value | +|----------------------|-------------------|--------------------| +| revoke-authorization | module | authz | +| revoke-authorization | grant-type | {msgType} | +| revoke-authorization | granter | | +| revoke-authorization | grantee | | + From 6c7c9adf8971a0ad16115220ea85cdf7582fa9bd Mon Sep 17 00:00:00 2001 From: aleem1314 Date: Sat, 30 Jan 2021 17:42:01 +0530 Subject: [PATCH 04/18] add state & messages --- x/authz/spec/02_state.md | 17 +++++++++++++++ x/authz/spec/03_messages.md | 42 +++++++++++++++++++++++++++++++++++++ 2 files changed, 59 insertions(+) create mode 100644 x/authz/spec/02_state.md create mode 100644 x/authz/spec/03_messages.md diff --git a/x/authz/spec/02_state.md b/x/authz/spec/02_state.md new file mode 100644 index 000000000000..bb7bb4630087 --- /dev/null +++ b/x/authz/spec/02_state.md @@ -0,0 +1,17 @@ + + +# State + +Currently the x/authz module only stores valid submitted Authorization in state. The Authorization state is also stored and exported in the x/authz module's GenesisState. + ++++ https://github.com/cosmos/cosmos-sdk/blob/master/proto/cosmos/authz/v1beta1/genesis.proto#L12-L24 + +All Authorization is retrieved and stored via a prefix KVStore using prefix `0x01` (AuthorizationStoreKey). + +## AuthorizationGrant + +`AuthorizationGrant` is a space for holding authorization and expiration time. + ++++ https://github.com/cosmos/cosmos-sdk/blob/master/proto/cosmos/authz/v1beta1/authz.proto#L32-L37 \ No newline at end of file diff --git a/x/authz/spec/03_messages.md b/x/authz/spec/03_messages.md new file mode 100644 index 000000000000..174b2990202f --- /dev/null +++ b/x/authz/spec/03_messages.md @@ -0,0 +1,42 @@ + + +# Messages + +In this section we describe the processing of messages for the authz module. + +## MsgGrantAuthorization + +An authorization-grant is created using the MsgGrantAuthorization message. + ++++ https://github.com/cosmos/cosmos-sdk/blob/master/proto/cosmos/authz/v1beta1/tx.proto#L27-L35 + +This message is expected to fail if: + +- both granter & grantee have same address. +- provided `Expiration` time less than current unix timestamp. +- provided `Authorization` is not implemented. + +## MsgRevokeAuthorization + +The revoke authorization message revokes authorization. + ++++ https://github.com/cosmos/cosmos-sdk/blob/master/proto/cosmos/authz/v1beta1/tx.proto#L53-L59 + +This message is expected to fail if: + +- both granter & grantee have same address. +- provided `MethodName` is empty. + +## MsgExecAuthorizedRequest + +When a grantee wants to execute transaction on behalf of a granter, it must send MsgExecAuthorizedRequest. + ++++ https://github.com/cosmos/cosmos-sdk/blob/master/proto/cosmos/authz/v1beta1/tx.proto#L42-L48 + +This message is expected to fail if: + +- authorization not implemented for the provided msg. +- grantee don't have permission to run transaction. +- granted authorization is expired. \ No newline at end of file From 2aa62a9de6a6374d6b4f5fc4df43fbe37c5a71fd Mon Sep 17 00:00:00 2001 From: aleem1314 Date: Sat, 30 Jan 2021 17:42:11 +0530 Subject: [PATCH 05/18] WIP --- x/authz/spec/01_concepts.md | 20 ++++++++++++++++++++ 1 file changed, 20 insertions(+) create mode 100644 x/authz/spec/01_concepts.md diff --git a/x/authz/spec/01_concepts.md b/x/authz/spec/01_concepts.md new file mode 100644 index 000000000000..d7109e45d8c4 --- /dev/null +++ b/x/authz/spec/01_concepts.md @@ -0,0 +1,20 @@ + + +# Concepts + +## Authorization +Any concrete type of authorization defined in the `x/authz` module must fulfill `Authorization` interface outlined below. Authorizations determine exactly what privileges are granted. They are extensible and can be defined for any Msg service method even outside of the module where the Msg method is defined. Authorizations use the new `ServiceMsg` type from [ADR 031](docs/architecture/adr-31-msg-service.md). + + ++++ https://github.com/cosmos/cosmos-sdk/blob/master/x/authz/types/authorizations.go#L15-L24 + + +## Built-in Authorizations + +### SendAuthorization + + + +### GenericAuthorization From f354914b642ef382258a68b98b42796b09180c0c Mon Sep 17 00:00:00 2001 From: aleem1314 Date: Tue, 2 Feb 2021 12:50:00 +0530 Subject: [PATCH 06/18] update Readme --- x/README.md | 1 + 1 file changed, 1 insertion(+) diff --git a/x/README.md b/x/README.md index 3be56a3de605..6904b288641d 100644 --- a/x/README.md +++ b/x/README.md @@ -8,6 +8,7 @@ parent: Here are some production-grade modules that can be used in Cosmos SDK applications, along with their respective documentation: - [Auth](auth/spec/README.md) - Authentication of accounts and transactions for Cosmos SDK application. +- [Authz](authz/spec/README.md) - Allows accounts to grant authorizations to perform actions on behalf of that account to other accounts. - [Bank](bank/spec/README.md) - Token transfer functionalities. - [Capability](capability/spec/README.md) - Object capability implementation. - [Crisis](crisis/spec/README.md) - Halting the blockchain under certain circumstances (e.g. if an invariant is broken). From b426851e5f7bae4ddbcb53351f11c27399d56118 Mon Sep 17 00:00:00 2001 From: aleem1314 Date: Wed, 3 Feb 2021 16:40:25 +0530 Subject: [PATCH 07/18] WIP --- x/authz/spec/01_concepts.md | 19 ++++++++++++++++++- x/authz/spec/02_state.md | 9 +++------ x/authz/spec/03_messages.md | 6 +++--- x/authz/spec/04_events.md | 2 +- x/authz/spec/README.md | 11 +++++++---- 5 files changed, 32 insertions(+), 15 deletions(-) diff --git a/x/authz/spec/01_concepts.md b/x/authz/spec/01_concepts.md index d7109e45d8c4..61b96b1f63b4 100644 --- a/x/authz/spec/01_concepts.md +++ b/x/authz/spec/01_concepts.md @@ -1,5 +1,5 @@ # Concepts @@ -13,8 +13,25 @@ Any concrete type of authorization defined in the `x/authz` module must fulfill ## Built-in Authorizations +Cosmos-SDK `x/authz` module comes with following authorization types + ### SendAuthorization +`SendAuthorization` implements `Authorization` interface for the `MsgSend` ServiceMsg, that takes a `SpendLimit` and updates it down to zero. + ++++ https://github.com/cosmos/cosmos-sdk/blob/master/proto/cosmos/authz/v1beta1/authz.proto#L12-L19 + ++++ https://github.com/cosmos/cosmos-sdk/blob/master/x/authz/types/send_authorization.go#L23-L45 + +- `spent_limit` keeps track of how many coins left in the authorization. ### GenericAuthorization + +`GenericAuthorization` implements the `Authorization` interface, that gives unrestricted permission to execute the provided ServiceMsg on behalf of granter's account. + ++++ https://github.com/cosmos/cosmos-sdk/blob/master/proto/cosmos/authz/v1beta1/authz.proto#L21-L30 + ++++ https://github.com/cosmos/cosmos-sdk/blob/master/x/authz/types/generic_authorization.go#L20-L28 + +- `method_name` holds ServiceMsg type. \ No newline at end of file diff --git a/x/authz/spec/02_state.md b/x/authz/spec/02_state.md index bb7bb4630087..679be7d800da 100644 --- a/x/authz/spec/02_state.md +++ b/x/authz/spec/02_state.md @@ -4,14 +4,11 @@ order: 2 # State -Currently the x/authz module only stores valid submitted Authorization in state. The Authorization state is also stored and exported in the x/authz module's GenesisState. - -+++ https://github.com/cosmos/cosmos-sdk/blob/master/proto/cosmos/authz/v1beta1/genesis.proto#L12-L24 +## AuthorizationGrant -All Authorization is retrieved and stored via a prefix KVStore using prefix `0x01` (AuthorizationStoreKey). +Authorizations are identified by combining granter address (the address bytes of the granter), grantee address (the address bytes of the grantee) and ServiceMsg type. -## AuthorizationGrant +- AuthorizationGrant: `0x01 | granter_address_bytes | grantee_address_bytes | msgType_bytes-> ProtocolBuffer(AuthorizationGrant)` -`AuthorizationGrant` is a space for holding authorization and expiration time. +++ https://github.com/cosmos/cosmos-sdk/blob/master/proto/cosmos/authz/v1beta1/authz.proto#L32-L37 \ No newline at end of file diff --git a/x/authz/spec/03_messages.md b/x/authz/spec/03_messages.md index 174b2990202f..5634fb363997 100644 --- a/x/authz/spec/03_messages.md +++ b/x/authz/spec/03_messages.md @@ -8,7 +8,7 @@ In this section we describe the processing of messages for the authz module. ## MsgGrantAuthorization -An authorization-grant is created using the MsgGrantAuthorization message. +An authorization-grant is created using the `MsgGrantAuthorization` message. +++ https://github.com/cosmos/cosmos-sdk/blob/master/proto/cosmos/authz/v1beta1/tx.proto#L27-L35 @@ -20,7 +20,7 @@ This message is expected to fail if: ## MsgRevokeAuthorization -The revoke authorization message revokes authorization. +An allowed authorization can be removed with `MsgRevokeAuthorization` message. +++ https://github.com/cosmos/cosmos-sdk/blob/master/proto/cosmos/authz/v1beta1/tx.proto#L53-L59 @@ -39,4 +39,4 @@ This message is expected to fail if: - authorization not implemented for the provided msg. - grantee don't have permission to run transaction. -- granted authorization is expired. \ No newline at end of file +- if granted authorization is expired. \ No newline at end of file diff --git a/x/authz/spec/04_events.md b/x/authz/spec/04_events.md index 788422fe8d6c..5a7eee170794 100644 --- a/x/authz/spec/04_events.md +++ b/x/authz/spec/04_events.md @@ -15,7 +15,7 @@ The authz module emits the following events: | grant-authorization | module | authz | | grant-authorization | grant-type | {msgType} | | grant-authorization | granter | | -| revoke-authorization | grantee | | +| grant-authorization | grantee | | ### RevokeAuthorization diff --git a/x/authz/spec/README.md b/x/authz/spec/README.md index 0c8193e51b29..478d8122413d 100644 --- a/x/authz/spec/README.md +++ b/x/authz/spec/README.md @@ -9,7 +9,13 @@ parent: ## Contents +## Abstract +`x/authz` is an implementation of a Cosmos SDK module, per [ADR 30](docs/architecture/adr-030-authz-module.md), that allows +granting arbitrary privileges from one account (the granter) to another account (the grantee).Authorizations must be granted for a particular Msg service methods one by one using an implementation of `Authorization` interface. + 1. **[Concept](01_concepts.md)** + - [Authorization](01_concepts.md#Authorization) + - [Built-in Authorizations](01_concepts.md#Built-in-Authorization) 2. **[State](02_state.md)** 3. **[Messages](03_messages.md)** - [MsgGrantAuthorization](03_messages.md#MsgGrantAuthorization) @@ -17,7 +23,4 @@ parent: - [MsgExecAuthorized](03_messages.md#MsgExecAuthorized) 4. **[Events](04_events.md)** - [Keeper](04_events.md#Keeper) - -## Abstract -`x/authz` is an implementation of a Cosmos SDK module, per [ADR 30](docs/architecture/adr-030-authz-module.md), that allows -granting arbitrary privileges from one account (the granter) to another account (the grantee).Authorizations must be granted for a particular Msg service methods one by one using an implementation of `Authorization` interface. \ No newline at end of file + \ No newline at end of file From 1641f91fe79cc018097aa99152c61202bf4dcbae Mon Sep 17 00:00:00 2001 From: MD Aleem <72057206+aleem1314@users.noreply.github.com> Date: Thu, 4 Feb 2021 16:41:08 +0530 Subject: [PATCH 08/18] Update x/README.md Co-authored-by: Alessio Treglia --- x/README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/x/README.md b/x/README.md index 6904b288641d..e90ee59cebcb 100644 --- a/x/README.md +++ b/x/README.md @@ -8,7 +8,7 @@ parent: Here are some production-grade modules that can be used in Cosmos SDK applications, along with their respective documentation: - [Auth](auth/spec/README.md) - Authentication of accounts and transactions for Cosmos SDK application. -- [Authz](authz/spec/README.md) - Allows accounts to grant authorizations to perform actions on behalf of that account to other accounts. +- [Authz](authz/spec/README.md) - Authorization for accounts to perform actions on behalf of other accounts. - [Bank](bank/spec/README.md) - Token transfer functionalities. - [Capability](capability/spec/README.md) - Object capability implementation. - [Crisis](crisis/spec/README.md) - Halting the blockchain under certain circumstances (e.g. if an invariant is broken). From 311549adbdca9eac91dcf76cf89f4779b156c043 Mon Sep 17 00:00:00 2001 From: MD Aleem <72057206+aleem1314@users.noreply.github.com> Date: Thu, 4 Feb 2021 16:48:59 +0530 Subject: [PATCH 09/18] Update x/authz/spec/README.md Co-authored-by: Amaury --- x/authz/spec/README.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/x/authz/spec/README.md b/x/authz/spec/README.md index 478d8122413d..fd77f0226316 100644 --- a/x/authz/spec/README.md +++ b/x/authz/spec/README.md @@ -11,7 +11,7 @@ parent: ## Abstract `x/authz` is an implementation of a Cosmos SDK module, per [ADR 30](docs/architecture/adr-030-authz-module.md), that allows -granting arbitrary privileges from one account (the granter) to another account (the grantee).Authorizations must be granted for a particular Msg service methods one by one using an implementation of `Authorization` interface. +granting arbitrary privileges from one account (the granter) to another account (the grantee). Authorizations must be granted for a particular Msg service method one by one using an implementation of the `Authorization` interface. 1. **[Concept](01_concepts.md)** - [Authorization](01_concepts.md#Authorization) @@ -23,4 +23,4 @@ granting arbitrary privileges from one account (the granter) to another account - [MsgExecAuthorized](03_messages.md#MsgExecAuthorized) 4. **[Events](04_events.md)** - [Keeper](04_events.md#Keeper) - \ No newline at end of file + From 5e75fc2d3ed09e272d706013de34ae1649a18ddd Mon Sep 17 00:00:00 2001 From: MD Aleem <72057206+aleem1314@users.noreply.github.com> Date: Thu, 4 Feb 2021 16:49:42 +0530 Subject: [PATCH 10/18] Update x/authz/spec/02_state.md Co-authored-by: Amaury --- x/authz/spec/02_state.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/x/authz/spec/02_state.md b/x/authz/spec/02_state.md index 679be7d800da..7fa63dd80886 100644 --- a/x/authz/spec/02_state.md +++ b/x/authz/spec/02_state.md @@ -8,7 +8,7 @@ order: 2 Authorizations are identified by combining granter address (the address bytes of the granter), grantee address (the address bytes of the grantee) and ServiceMsg type. -- AuthorizationGrant: `0x01 | granter_address_bytes | grantee_address_bytes | msgType_bytes-> ProtocolBuffer(AuthorizationGrant)` +- AuthorizationGrant: `0x01 | granter_address_len (1 byte) | granter_address_bytes | grantee_address_len (1 byte) | grantee_address_bytes | msgType_bytes-> ProtocolBuffer(AuthorizationGrant)` -+++ https://github.com/cosmos/cosmos-sdk/blob/master/proto/cosmos/authz/v1beta1/authz.proto#L32-L37 \ No newline at end of file ++++ https://github.com/cosmos/cosmos-sdk/blob/master/proto/cosmos/authz/v1beta1/authz.proto#L32-L37 From b7946ea752c10bd276e737dff5188a057c015431 Mon Sep 17 00:00:00 2001 From: MD Aleem <72057206+aleem1314@users.noreply.github.com> Date: Thu, 4 Feb 2021 16:51:19 +0530 Subject: [PATCH 11/18] Update x/authz/spec/01_concepts.md Co-authored-by: Amaury --- x/authz/spec/01_concepts.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/x/authz/spec/01_concepts.md b/x/authz/spec/01_concepts.md index 61b96b1f63b4..fc99d9740d46 100644 --- a/x/authz/spec/01_concepts.md +++ b/x/authz/spec/01_concepts.md @@ -5,7 +5,7 @@ order: 1 # Concepts ## Authorization -Any concrete type of authorization defined in the `x/authz` module must fulfill `Authorization` interface outlined below. Authorizations determine exactly what privileges are granted. They are extensible and can be defined for any Msg service method even outside of the module where the Msg method is defined. Authorizations use the new `ServiceMsg` type from [ADR 031](docs/architecture/adr-31-msg-service.md). +Any concrete type of authorization defined in the `x/authz` module must fulfill the `Authorization` interface outlined below. Authorizations determine exactly what privileges are granted. They are extensible and can be defined for any Msg service method even outside of the module where the Msg method is defined. Authorizations use the new `ServiceMsg` type from [ADR 031](../../../docs/architecture/adr-031-msg-service.md). +++ https://github.com/cosmos/cosmos-sdk/blob/master/x/authz/types/authorizations.go#L15-L24 @@ -34,4 +34,4 @@ Cosmos-SDK `x/authz` module comes with following authorization types +++ https://github.com/cosmos/cosmos-sdk/blob/master/x/authz/types/generic_authorization.go#L20-L28 -- `method_name` holds ServiceMsg type. \ No newline at end of file +- `method_name` holds ServiceMsg type. From 81985e7b8a78c65b975925070c2c6799ca94a311 Mon Sep 17 00:00:00 2001 From: aleem1314 Date: Thu, 4 Feb 2021 19:28:58 +0530 Subject: [PATCH 12/18] review changes --- x/authz/spec/01_concepts.md | 10 +++++----- x/authz/spec/02_state.md | 2 +- x/authz/spec/03_messages.md | 12 ++++++------ x/authz/spec/README.md | 6 +++--- 4 files changed, 15 insertions(+), 15 deletions(-) diff --git a/x/authz/spec/01_concepts.md b/x/authz/spec/01_concepts.md index fc99d9740d46..469d76f80e18 100644 --- a/x/authz/spec/01_concepts.md +++ b/x/authz/spec/01_concepts.md @@ -8,7 +8,7 @@ order: 1 Any concrete type of authorization defined in the `x/authz` module must fulfill the `Authorization` interface outlined below. Authorizations determine exactly what privileges are granted. They are extensible and can be defined for any Msg service method even outside of the module where the Msg method is defined. Authorizations use the new `ServiceMsg` type from [ADR 031](../../../docs/architecture/adr-031-msg-service.md). -+++ https://github.com/cosmos/cosmos-sdk/blob/master/x/authz/types/authorizations.go#L15-L24 ++++ https://github.com/cosmos/cosmos-sdk/blob/c95de9c4177442dee4c69d96917efc955b5d19d9/x/authz/types/authorizations.go#L15-L24 ## Built-in Authorizations @@ -19,9 +19,9 @@ Cosmos-SDK `x/authz` module comes with following authorization types `SendAuthorization` implements `Authorization` interface for the `MsgSend` ServiceMsg, that takes a `SpendLimit` and updates it down to zero. -+++ https://github.com/cosmos/cosmos-sdk/blob/master/proto/cosmos/authz/v1beta1/authz.proto#L12-L19 ++++ https://github.com/cosmos/cosmos-sdk/blob/c95de9c4177442dee4c69d96917efc955b5d19d9/proto/cosmos/authz/v1beta1/authz.proto#L12-L19 -+++ https://github.com/cosmos/cosmos-sdk/blob/master/x/authz/types/send_authorization.go#L23-L45 ++++ https://github.com/cosmos/cosmos-sdk/blob/c95de9c4177442dee4c69d96917efc955b5d19d9/x/authz/types/send_authorization.go#L23-L45 - `spent_limit` keeps track of how many coins left in the authorization. @@ -30,8 +30,8 @@ Cosmos-SDK `x/authz` module comes with following authorization types `GenericAuthorization` implements the `Authorization` interface, that gives unrestricted permission to execute the provided ServiceMsg on behalf of granter's account. -+++ https://github.com/cosmos/cosmos-sdk/blob/master/proto/cosmos/authz/v1beta1/authz.proto#L21-L30 ++++ https://github.com/cosmos/cosmos-sdk/blob/c95de9c4177442dee4c69d96917efc955b5d19d9/proto/cosmos/authz/v1beta1/authz.proto#L21-L30 -+++ https://github.com/cosmos/cosmos-sdk/blob/master/x/authz/types/generic_authorization.go#L20-L28 ++++ https://github.com/cosmos/cosmos-sdk/blob/c95de9c4177442dee4c69d96917efc955b5d19d9/x/authz/types/generic_authorization.go#L20-L28 - `method_name` holds ServiceMsg type. diff --git a/x/authz/spec/02_state.md b/x/authz/spec/02_state.md index 7fa63dd80886..e35fbd084f81 100644 --- a/x/authz/spec/02_state.md +++ b/x/authz/spec/02_state.md @@ -11,4 +11,4 @@ Authorizations are identified by combining granter address (the address bytes of - AuthorizationGrant: `0x01 | granter_address_len (1 byte) | granter_address_bytes | grantee_address_len (1 byte) | grantee_address_bytes | msgType_bytes-> ProtocolBuffer(AuthorizationGrant)` -+++ https://github.com/cosmos/cosmos-sdk/blob/master/proto/cosmos/authz/v1beta1/authz.proto#L32-L37 ++++ https://github.com/cosmos/cosmos-sdk/blob/c95de9c4177442dee4c69d96917efc955b5d19d9/proto/cosmos/authz/v1beta1/authz.proto#L32-L37 diff --git a/x/authz/spec/03_messages.md b/x/authz/spec/03_messages.md index 5634fb363997..9b3cffa35c24 100644 --- a/x/authz/spec/03_messages.md +++ b/x/authz/spec/03_messages.md @@ -6,11 +6,11 @@ order: 3 In this section we describe the processing of messages for the authz module. -## MsgGrantAuthorization +## Msg/GrantAuthorization An authorization-grant is created using the `MsgGrantAuthorization` message. -+++ https://github.com/cosmos/cosmos-sdk/blob/master/proto/cosmos/authz/v1beta1/tx.proto#L27-L35 ++++ https://github.com/cosmos/cosmos-sdk/blob/c95de9c4177442dee4c69d96917efc955b5d19d9/proto/cosmos/authz/v1beta1/tx.proto#L27-L35 This message is expected to fail if: @@ -18,22 +18,22 @@ This message is expected to fail if: - provided `Expiration` time less than current unix timestamp. - provided `Authorization` is not implemented. -## MsgRevokeAuthorization +## Msg/RevokeAuthorization An allowed authorization can be removed with `MsgRevokeAuthorization` message. -+++ https://github.com/cosmos/cosmos-sdk/blob/master/proto/cosmos/authz/v1beta1/tx.proto#L53-L59 ++++ https://github.com/cosmos/cosmos-sdk/blob/c95de9c4177442dee4c69d96917efc955b5d19d9/proto/cosmos/authz/v1beta1/tx.proto#L53-L59 This message is expected to fail if: - both granter & grantee have same address. - provided `MethodName` is empty. -## MsgExecAuthorizedRequest +## Msg/ExecAuthorizedRequest When a grantee wants to execute transaction on behalf of a granter, it must send MsgExecAuthorizedRequest. -+++ https://github.com/cosmos/cosmos-sdk/blob/master/proto/cosmos/authz/v1beta1/tx.proto#L42-L48 ++++ https://github.com/cosmos/cosmos-sdk/blob/c95de9c4177442dee4c69d96917efc955b5d19d9/proto/cosmos/authz/v1beta1/tx.proto#L42-L48 This message is expected to fail if: diff --git a/x/authz/spec/README.md b/x/authz/spec/README.md index fd77f0226316..5d1dd6fbd866 100644 --- a/x/authz/spec/README.md +++ b/x/authz/spec/README.md @@ -18,9 +18,9 @@ granting arbitrary privileges from one account (the granter) to another account - [Built-in Authorizations](01_concepts.md#Built-in-Authorization) 2. **[State](02_state.md)** 3. **[Messages](03_messages.md)** - - [MsgGrantAuthorization](03_messages.md#MsgGrantAuthorization) - - [MsgRevokeAuthorization](03_messages.md#MsgRevokeAuthorization) - - [MsgExecAuthorized](03_messages.md#MsgExecAuthorized) + - [Msg/GrantAuthorization](03_messages.md#MsgGrantAuthorization) + - [Msg/RevokeAuthorization](03_messages.md#MsgRevokeAuthorization) + - [Msg/ExecAuthorized](03_messages.md#MsgExecAuthorized) 4. **[Events](04_events.md)** - [Keeper](04_events.md#Keeper) From c398da5196978e3ca3a190fecf1086b7f10b9dc4 Mon Sep 17 00:00:00 2001 From: MD Aleem <72057206+aleem1314@users.noreply.github.com> Date: Fri, 5 Feb 2021 19:25:22 +0530 Subject: [PATCH 13/18] Update x/authz/spec/01_concepts.md Co-authored-by: Amaury --- x/authz/spec/01_concepts.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/x/authz/spec/01_concepts.md b/x/authz/spec/01_concepts.md index 469d76f80e18..211cf1dab6d3 100644 --- a/x/authz/spec/01_concepts.md +++ b/x/authz/spec/01_concepts.md @@ -17,7 +17,7 @@ Cosmos-SDK `x/authz` module comes with following authorization types ### SendAuthorization -`SendAuthorization` implements `Authorization` interface for the `MsgSend` ServiceMsg, that takes a `SpendLimit` and updates it down to zero. +`SendAuthorization` implements `Authorization` interface for the `cosmos.bank.v1beta1.Msg/Send` ServiceMsg, that takes a `SpendLimit` and updates it down to zero. +++ https://github.com/cosmos/cosmos-sdk/blob/c95de9c4177442dee4c69d96917efc955b5d19d9/proto/cosmos/authz/v1beta1/authz.proto#L12-L19 From a7ecb0dbd4ede72c22ef01fdb853ea375d2eaeda Mon Sep 17 00:00:00 2001 From: MD Aleem <72057206+aleem1314@users.noreply.github.com> Date: Fri, 5 Feb 2021 19:25:33 +0530 Subject: [PATCH 14/18] Update x/authz/spec/02_state.md Co-authored-by: Amaury --- x/authz/spec/02_state.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/x/authz/spec/02_state.md b/x/authz/spec/02_state.md index e35fbd084f81..3afc5eddbafb 100644 --- a/x/authz/spec/02_state.md +++ b/x/authz/spec/02_state.md @@ -6,7 +6,7 @@ order: 2 ## AuthorizationGrant -Authorizations are identified by combining granter address (the address bytes of the granter), grantee address (the address bytes of the grantee) and ServiceMsg type. +Authorizations are identified by combining granter address (the address bytes of the granter), grantee address (the address bytes of the grantee) and ServiceMsg type (its method name). - AuthorizationGrant: `0x01 | granter_address_len (1 byte) | granter_address_bytes | grantee_address_len (1 byte) | grantee_address_bytes | msgType_bytes-> ProtocolBuffer(AuthorizationGrant)` From 440e25ea51c84637a6500ef5db7f75c99c38d7bb Mon Sep 17 00:00:00 2001 From: MD Aleem <72057206+aleem1314@users.noreply.github.com> Date: Thu, 11 Feb 2021 11:59:39 +0530 Subject: [PATCH 15/18] Update x/authz/spec/01_concepts.md Co-authored-by: Cory --- x/authz/spec/01_concepts.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/x/authz/spec/01_concepts.md b/x/authz/spec/01_concepts.md index 211cf1dab6d3..0f5e482f1619 100644 --- a/x/authz/spec/01_concepts.md +++ b/x/authz/spec/01_concepts.md @@ -5,7 +5,7 @@ order: 1 # Concepts ## Authorization -Any concrete type of authorization defined in the `x/authz` module must fulfill the `Authorization` interface outlined below. Authorizations determine exactly what privileges are granted. They are extensible and can be defined for any Msg service method even outside of the module where the Msg method is defined. Authorizations use the new `ServiceMsg` type from [ADR 031](../../../docs/architecture/adr-031-msg-service.md). +Any concrete type of authorization defined in the `x/authz` module must fulfill the `Authorization` interface outlined below. Authorizations determine exactly what privileges are granted. They are extensible and can be defined for any Msg service method even outside of the module where the Msg method is defined. Authorizations use the new `ServiceMsg` type from [ADR 031](../../../architecture/adr-031-msg-service.md). +++ https://github.com/cosmos/cosmos-sdk/blob/c95de9c4177442dee4c69d96917efc955b5d19d9/x/authz/types/authorizations.go#L15-L24 From 2376644d74fad1dbbe1535263227a613b03948b3 Mon Sep 17 00:00:00 2001 From: MD Aleem <72057206+aleem1314@users.noreply.github.com> Date: Thu, 11 Feb 2021 11:59:50 +0530 Subject: [PATCH 16/18] Update x/authz/spec/04_events.md Co-authored-by: Cory --- x/authz/spec/04_events.md | 5 ++--- 1 file changed, 2 insertions(+), 3 deletions(-) diff --git a/x/authz/spec/04_events.md b/x/authz/spec/04_events.md index 5a7eee170794..3237e28384f3 100644 --- a/x/authz/spec/04_events.md +++ b/x/authz/spec/04_events.md @@ -14,8 +14,8 @@ The authz module emits the following events: |----------------------|-------------------|--------------------| | grant-authorization | module | authz | | grant-authorization | grant-type | {msgType} | -| grant-authorization | granter | | -| grant-authorization | grantee | | +| grant-authorization | granter | {granterAddress} | +| grant-authorization | grantee | {granteeAddress} | ### RevokeAuthorization @@ -26,4 +26,3 @@ The authz module emits the following events: | revoke-authorization | grant-type | {msgType} | | revoke-authorization | granter | | | revoke-authorization | grantee | | - From 642433bce170e115e8ee4fadc200fb5b1bac811d Mon Sep 17 00:00:00 2001 From: MD Aleem <72057206+aleem1314@users.noreply.github.com> Date: Thu, 11 Feb 2021 11:59:58 +0530 Subject: [PATCH 17/18] Update x/authz/spec/04_events.md Co-authored-by: Cory --- x/authz/spec/04_events.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/x/authz/spec/04_events.md b/x/authz/spec/04_events.md index 3237e28384f3..4d0a9858af7f 100644 --- a/x/authz/spec/04_events.md +++ b/x/authz/spec/04_events.md @@ -24,5 +24,5 @@ The authz module emits the following events: |----------------------|-------------------|--------------------| | revoke-authorization | module | authz | | revoke-authorization | grant-type | {msgType} | -| revoke-authorization | granter | | -| revoke-authorization | grantee | | +| revoke-authorization | granter | {granterAddress} | +| revoke-authorization | grantee | {granteeAddress} | From e1fbf944ac4333e4113ef0edd134d2c71629b60a Mon Sep 17 00:00:00 2001 From: MD Aleem <72057206+aleem1314@users.noreply.github.com> Date: Thu, 11 Feb 2021 12:00:08 +0530 Subject: [PATCH 18/18] Update x/authz/spec/README.md Co-authored-by: Cory --- x/authz/spec/README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/x/authz/spec/README.md b/x/authz/spec/README.md index 5d1dd6fbd866..07ec1ba0c1e6 100644 --- a/x/authz/spec/README.md +++ b/x/authz/spec/README.md @@ -10,7 +10,7 @@ parent: ## Contents ## Abstract -`x/authz` is an implementation of a Cosmos SDK module, per [ADR 30](docs/architecture/adr-030-authz-module.md), that allows +`x/authz` is an implementation of a Cosmos SDK module, per [ADR 30](../../../architecture/adr-030-authz-module.md), that allows granting arbitrary privileges from one account (the granter) to another account (the grantee). Authorizations must be granted for a particular Msg service method one by one using an implementation of the `Authorization` interface. 1. **[Concept](01_concepts.md)**