Payment driver API #344
Payment driver API #344
Conversation
|
Issue I failed to address in this API design: account permissions. Some kind of mechanism is necessary to control which identities are allowed to use which payment accounts. I couldn't figure out how and where to store this information appropriately. This however doesn't necessarily have to be done right now (we might just assume for the moment that every identity is allowed to use every payment account). |
|
Example flow:
|
|
Other interesting scenario might be an integration with Ledger Live app that:
In general, I believe that integrating existing third-party wallets might be the most important use cases for the payment driver API (apart from our own driver, ofc). I tried to design the API in way that would allow this quite smoothly. |
|
|
||
| #[derive(Clone, Debug, Serialize, Deserialize)] | ||
| pub struct GetStatus{ | ||
| pub platform: String, |
There was a problem hiding this comment.
Here it can't be done away with because we don't know the driver. address is not enough to establish that. There can be two different drivers handling e.g. GNT and ETH transactions but using the same account address.
| pub requestor: bool, | ||
| pub struct RegisterAccount { | ||
| pub driver: String, | ||
| pub platform: String, |
There was a problem hiding this comment.
Same here, both driver and platform are redundant.
There was a problem hiding this comment.
IMHO only driver is necessary.
There was a problem hiding this comment.
I believe the platform parameter has to stay here. Payment service has no other way to know which driver handles which platform.
@Wiezzel not exactly, think about the situation when somebody schedule payment as you and then you unlock the account -> driver sends transaction immediately. It is a possible attack. |
| } | ||
|
|
||
| #[derive(Clone, Debug, Serialize, Deserialize)] | ||
| pub struct GetStatus(NodeId); | ||
| pub struct UnregisterAccount { | ||
| pub platform: String, |
There was a problem hiding this comment.
IMHO driver would be better and consistent with RegisterAccount
There was a problem hiding this comment.
The mapping stored by payment service is (platform, address) -> (driver, mode). To remove an entry from a map we need to give the key as parameter. driver is not part of the key, while platform is.
When I wrote "This however doesn't necessarily have to be done right now" I meant "We may ignore security for now". Obviously, not having permissions is insecure but we are on testnet now. |
Wiezzel
force-pushed
the
pay/driver-api
branch
5 times, most recently
from
f410d19 to
f95d1c2
Compare
bidzyyys
force-pushed
the
feature/gnt_driver_as_service
branch
2 times, most recently
from
be729e5 to
77a1476
Compare
Wiezzel
force-pushed
the
pay/driver-api
branch
2 times, most recently
from
45f9b19 to
8e4dffc
Compare
Rationale ---- New API introduced for the communication between payment service and payment driver(s). It is meant to enable the implementation of the following requirements: 1. Supporting multiple accounts and payment drivers on a single yagna daemon. 2. Supporting multiple payment platforms (e.g. GNT, NGNT, NGNT-zkSync). 3. Allowing third-party developers to implement their own payment drivers with ease and possibly much freedom. Detailed list of changes ---- `BUS_ID` is replaced with `BUS_ID_PREFIX` because each particular driver will have its own ID. Currency enum is abandoned. It is not desired to have a fixed set of available currencies. It is assumed that all amounts and balances are given in currency appropriate for the platform. All gas-related parameters are abandoned. They were too driver-specific to be included in the general API. It is recommended that payment drivers which use gas allow to configure limits (e.g. by env variables). `SchedulePayment` does not include `invoice_id` parameter anymore. Instead, it returns an ID of the payment order generated by the driver. `GetPaymentStatus` is removed because the new payment driver API relies on push notifications instead. That is realized by the `NotifyPayment` endpoint added to the payment service. It shall be called by a driver after every successful transaction. `Init` message is removed from payment API (GSB). The init command from CLI will accept `driver` parameter and route the call directly to the appropriate driver. `RegisterAccount` / `UnregisterAccount` messages are added because the payment service needs to maintain a list of available accounts. Payment drivers should call `RegisterAccount` after every successful initialization of an account to make it 'visible' to the payment service. `UnregisterAccount` should be called when the driver is being shut down. The list of available accounts shall not be persisted by the payment service. If an account doesn't need to be re-initialized after restarting yagna daemon, then payment driver should store this information and call `RegisterAccount` immediately after startup. Signed-off-by: Adam Wierzbicki <awierzbicki@golem.network>
Signed-off-by: Adam Wierzbicki <awierzbicki@golem.network>
All-purpose PaymentError has been replaced with method-specific error types. All `unwrap()` calls have been replaced with `?` operator. Error message formatting has been moved to error module to avoid cluttering the processor code. Signed-off-by: Adam Wierzbicki <awierzbicki@golem.network>
Payment object represents a single (blockchain) transaction. It is possible that it includes activity payments and/or agreement payments from multiple users (but using the same wallet). Therefore, it can be also spending from multiple allocations. To adequately represent this situation `allocation_id` has been removed from Payment and added to ActivityPayment and AgreementPayment. Signed-off-by: Adam Wierzbicki <awierzbicki@golem.network>
A new structure has been introducedFor the sake of preserving atomicity & consistency between `accounts` and `drivers` mappings . It allows to use a single lock for all operations. Also made some small adjustments in payment examples. Signed-off-by: Adam Wierzbicki <awierzbicki@golem.network>
Updated types to new api, removed get_payment_status
It needs to be used in non-static contexts as well. Signed-off-by: Adam Wierzbicki <awierzbicki@golem.network>
Cleaned up dummy driver create, added necessary calls to payment service (RegisterAccount and NotifyPayment). Adjusted payment_api example to work with the dummy driver service. Signed-off-by: Adam Wierzbicki <awierzbicki@golem.network>
Adjust payment service to new driver API
GNT Driver new API
Signed-off-by: Adam Wierzbicki <awierzbicki@golem.network>
Rationale
New API introduced for the communication between payment service and payment driver(s). It is meant to enable the implementation of the following requirements:
Detailed list of changes
BUS_IDis replaced withBUS_ID_PREFIXbecause each particular driver will have its own ID.Currency enum is abandoned. It is not desired to have a fixed set of available currencies. It is assumed that all amounts and balances are given in currency appropriate for the platform.
All gas-related parameters are abandoned. They were too driver-specific to be included in the general API. It is recommended that payment drivers which use gas allow to configure limits (e.g. by env variables).
SchedulePaymentdoes not includeinvoice_idparameter anymore. Instead, it returns an ID of the payment order generated by the driver.GetPaymentStatusis removed because the new payment driver API relies on push notifications instead. That is realized by theNotifyPaymentendpoint added to the payment service. It shall be called by a driver after every successful transaction.Initmessage is removed from payment API (GSB). The init command from CLI will acceptdriverparameter and route the call directly to the appropriate driver.RegisterAccount/UnregisterAccountmessages are added because the payment service needs to maintain a list of available accounts. Payment drivers should callRegisterAccountafter every successful initialization of an account to make it 'visible' to the payment service.UnregisterAccountshould be called when the driver is being shut down. The list of available accounts shall not be persisted by the payment service. If an account doesn't need to be re-initialized after restarting yagna daemon, then payment driver should store this information and callRegisterAccountimmediately after startup.