-
Notifications
You must be signed in to change notification settings - Fork 5.4k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
ERC: Key Manager #734
Comments
This issue was reopened, to serve as a container for a Key Manager contract, which was formerly ERC 725 v1. |
Nice. I like the simple design. I would add a |
Could you write the whole execution function how you envision it? This standard needs to be improved a bit to fully fit 725v2. |
I was actually referring to 725v2 the whole execute function would be
|
@frozeman Simply, is this a design for KYC? Like Identity verification? |
This is a standard for key management, intended to be used in conjunction with #725 |
@frozeman I see there are multiple references to claim-related functionality in this spec. I thought all claim functionality was moved to be handled by ERC735... Is this proposal description outdated or is it indeed coupled with claim related functionality? |
@frozeman You might have missed it, but could you provide clarity on my last question? I'm starting to work on an implementation for identity contracts based on these proposals (ERC734/725) soon. Thanks. |
Hi @cbruguera those are outdated, in fact 734 and 735 needs a bit of re-work to adapt fully to 725v2, if you start working on it it would be great if you can improve the current spec. Send you transformed spec in a gist and ill will update it here. the old 725 was moved to here (734), that's why there are those issues. 734 should only concern about key management. Also the execute function needs to then call the execute function on 725v2 (and the key manager, needs to be an owner of an 725v2 contract). Alternatively, The gnosis safe should also work as a key manager. |
Thanks for the reply. I understand now. Maybe an indication at the top stating that the specs are outdated would be a good idea in the meantime. |
This standard is now superseeded by LSP6-KeyManager |
NOTE: Due to the changes in ERC725, this spec is not fully compatible with the current ERC725v2. If you're interested in adopting this spec to work with 725v2, please comment below, or send a gist with changes.
This standard is now superseeded by LSP6-KeyManager
Simple Summary
A contract for key management of a blockchain proxy account.
Abstract
The following describes standard functions for a key manager to be used in conjunction with ERC725.
This contract can hold keys to sign actions (transactions, documents, logins, access, etc), as well as execute instructions through an ERC 725 proxy account.
Motivation
This key manager standard allows for more complex management of an ERC725 proxy account.
Definitions
keys
: Keys are public keys from either external accounts, or contracts' addresses.claim issuer
: is another smart contract or external account, which issues claims about this identity. The claim issuer can be an identity contract itself.claim
: For details about claims see #ERC735Specification
Key Management
Keys are cryptographic public keys, or contract addresses associated with this identity.
The structure should be as follows:
key
: A public key owned by this identitypurpose
:uint256[]
Array of the key types, like 1 = MANAGEMENT, 2 = EXECUTIONkeyType
: The type of key used, which would be auint256
for different key types. e.g. 1 = ECDSA, 2 = RSA, etc.key
:bytes32
The public key. // for non-hex and long keys, its the Keccak256 hash of the keygetKey
Returns the full key data, if present in the identity.
keyHasPurpose
Returns
TRUE
if a key is present and has the given purpose. If the key is not present it returnsFALSE
.getKeysByPurpose
Returns an array of public key bytes32 held by this identity.
addKey
Adds a
_key
to the identity. The_purpose
specifies the purpose of the key. Initially, we propose four purposes:1
: MANAGEMENT keys, which can manage the identity2
: EXECUTION keys, which perform executions in this identity's name (signing, logins, transactions, etc.)MUST only be done by keys of purpose
1
, or the identity itself. If it's the identity itself, the approval process will determine its approval.Triggers Event: KeyAdded
removeKey
Removes
_key
from the identity.MUST only be done by keys of purpose
1
, or the identity itself. If it's the identity itself, the approval process will determine its approval.Triggers Event: KeyRemoved
changeKeysRequired
Changes the keys required to perform an action for a specific purpose. (This is the n in an n of m multisig approval process.)
MUST only be done by keys of purpose
1
, or the identity itself. If it's the identity itself, the approval process will determine its approval.Triggers Event: KeysRequiredChanged
getKeysRequired
Returns number of keys required for purpose.
Identity usage
execute
Passes an execution instruction to the keymanager.
SHOULD require
approve
to be called with one or more keys of purpose1
or2
to approve this execution.Execute COULD be used as the only accessor for
addKey
,removeKey
andreplaceKey
andremoveClaim
.Returns
executionId
: SHOULD be sent to theapprove
function, to approve or reject this execution.Triggers Event: ExecutionRequested
Triggers on direct execution Event: Executed
approve
Approves an execution or claim addition.
This SHOULD require
n
ofm
approvals of keys purpose1
, if the_to
of the execution is the identity contract itself, to successfully approve an execution.And COULD require
n
ofm
approvals of keys purpose2
, if the_to
of the execution is another contract, to successfully approve an execution.Triggers Event: Approved
Triggers on successfull execution Event: Executed
Triggers on successfull claim addition Event: ClaimAdded
Events
KeyAdded
MUST be triggered when
addKey
was successfully called.KeyRemoved
MUST be triggered when
removeKey
was successfully called.ExecutionRequested
MUST be triggered when
execute
was successfully called.Executed
MUST be triggered when
approve
was called and the execution was successfully approved.Approved
MUST be triggered when
approve
was successfully called.KeysRequiredChanged
MUST be triggered when
changeKeysRequired
was successfully called.Rationale
This specification was chosen to allow most flexibility and experimentation around verifiable accounts. By having a separate contract as proxy on chain allows for cross greater compatibility, as well as extra and altered functionality for new use cases.
Solidity Interface
Copyright
Copyright and related rights waived via CC0.
The text was updated successfully, but these errors were encountered: