Shulou(Shulou.com)06/01 Report--

How to analyze the implementation of the FISCO BCOS role rights model, many novices are not very clear about this, in order to help you solve this problem, the following editor will explain in detail for you, people with this need can come to learn, I hope you can gain something.

Introduction

The permission control of FISCO BCOS is realized by controlling the write permission of the account to the table in the system. This permission control model is very flexible and powerful, and users can control almost any permission, for example, by controlling the write rights management of the permission table; by controlling the write rights management chain configuration, node identity management, contract deployment, and user table creation of the corresponding tables of the system contracts; and by controlling the write permissions of the contract tables to manage the invocation of the contract write interface.

However, absolute perfection does not exist. Powerful and flexible access control also brings high learning costs: users need to understand what each permission item controls and how to set it, and understand the difference between chain administrators and system administrators. A large number of concepts and operations, extremely high requirements for users.

In order to reduce the difficulty of use and improve the user experience, FISCO BCOS v2.5 optimizes this feature and adds role-based access control. Different permissions are grouped into different roles, and users can judge the permissions they have according to the role to which the account belongs. At the same time, v2.5 introduces the governance voting model on the chain based on role, which makes the governance operation more convenient.

What is the role permission model?

After using the role permission model, users only need to remember the role, and the permissions corresponding to the role are self-evident. For example, the members of the governance committee have the rights related to chain governance, which greatly reduces the difficulty for users to understand and the cost of learning.

、

Permissions corresponding to roles

The participants in the block chain can be divided into management side, operation and maintenance side, supervision side and business side according to their roles. In order to avoid being both a referee and an athlete, the manager, the operator and the operator should separate their powers and responsibilities and their roles should be mutually exclusive.

Governance side: the role is called the governance committee member, referred to as the member, responsible for block chain management.

Operation and maintenance side: responsible for block chain operation and maintenance, this role is added by the committee.

Business side: the account of the business side is added to a contract by operation and maintenance, and the write API of the contract can be called.

Regulator: the operation of the supervision chain of the regulator can obtain the records of permission changes in the operation of the chain and the data that need to be audited.

The permissions corresponding to each role are shown in the following table.

Details of the implementation of role permissions

This section briefly introduces the details of the implementation of permissions for committee members, operations and business roles, as well as the principles behind them, in order to better understand and use role permissions.

At the beginning of the chain, there is no member account, and when at least one member account exists, the authority of the member begins to be controlled. The technical strength of multiple participants in the practical application of the alliance chain may be different. Starting from the practical application scenario, we introduce the governance voting model on the chain. All governance operations need effective votes / number of members > effective threshold to take effect. Users can add and delete members, modify weights, modify voting threshold and other operations through the new chain governance pre-compilation and translation contract.

The voting model has several points to note:

For each voting operation, if it is a committee member's vote, the operation content and the voting committee member will be recorded, and the vote count will not be repeated.

For each voting operation, the number of valid votes / members is calculated after the counting of votes. If it is greater than the effective threshold of this operation, the corresponding operation takes effect.

The expiration time of voting setting is fixed and unchangeable according to the block height, which is 10 times of blockLimit.

The addition and revocation of operation and maintenance roles must be operated by the role of committee members. At the beginning of the chain, there is no operation and maintenance account, and when at least one operation and maintenance account exists, the permissions of the operation and maintenance begin to be controlled.

The business account can call the query API on the chain and the write interface of the contract specified by the operation and maintenance staff.

Compatibility description

At present, the role permission model is based on the write permission control of all kinds of tables in the system. We have tried our best to be consistent with the experience of previous versions, but for the sake of complete and rigorous permission control, the console grantPermissionManager directive is no longer valid for the new chain of FISCO BCOS v2.5, and the permissions of the original PermissionManager belong to the committee role. For chains prior to v2.5, this instruction is still valid.

How do I use role permissions?

This section will take "committee members add and delete" and "operation and maintenance add and delete" as examples for a brief practical demonstration. The document contains more operations related to role permissions. Welcome to check it out.

Https://fisco-bcos-documentation.readthedocs.io/zh_CN/latest/docs/manual/permission_control.html

Addition and deletion of committee members

Use the get_account.sh script included in the console v1.0.10 or above to generate three following accounts. The following operations are demonstrated with these three accounts. After the console is configured, load three private keys and start three consoles using the-pem option of the console.

# account 10x61d88abf7ce4a7f8479cff9cc1422bef2dac9b9a.pem# account 20x85961172229aec21694d742a5bd577bedffcfec3.pem# account 30x0b6f526d797425540ea70becd7adac7d50f4a7c0.pem

Add account number 1 as a member

To increase the number of members, the chain governance committee needs to vote, and the valid vote is greater than the threshold before it can take effect. Here, only account 1 is a member, so account 1 can take effect by voting.

Use account 1 to add account 2 as a member

Here, since only account 1 is a committee member, the judgment of meeting the threshold will take effect immediately after voting on account 1.

Revoke the authority of the committee member of account 2

At this time, there are two members in the system, account 1 and account 2, and the default voting threshold is 50%. Therefore, it is necessary for both members to vote to revoke the member authority of account 2, and the number of valid votes / total votes = 2 / 2 > 0.5 in order to meet the condition.

Account 1 votes to revoke the rights of members of account 2, as shown in the following figure:

Account 2 operates to vote to revoke the rights of members of account 2, as shown in the following figure:

Add and delete operation and maintenance staff

Members can add or revoke OPS roles. The permissions of OPS roles include deploying contracts, creating tables, freezing and unfreezing deployed contracts, using CNS services, and so on.

Use account 1 to add account 3 for operation and maintenance

Deploy HelloWorld using account 3

Account 3 is the role of operation and maintenance, and contracts can be deployed. The details are as follows:

Deploy HelloWorld using account 1

Account 1 is a member and does not have the permission to deploy the contract. The deployment of the contract failed, as shown below:

Use account 1 to revoke the operation and maintenance rights of account 3

Account 1 means that the committee member can cancel the operation and maintenance, as shown below:

Is it helpful for you to read the above content? If you want to know more about the relevant knowledge or read more related articles, please follow the industry information channel, thank you for your support.

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.