rippled icon indicating copy to clipboard operation
rippled copied to clipboard
verified publisher icon XRPLF

XLS-70d Credentials

Open oleks-rip opened this issue 1 year ago • 6 comments

High Level Overview of Change

Implementation of Credentials feature. It extend usage of Deposit Authorization Now account that require pre-authorization can setup DepositPreauth object with allowed credentials. And only accounts that have been authorized by the specified issuer (and get credentials from them) will be allowed to send the payments. Please check XLS-70d for detailed description of the feature.

Context of Change

  • Added new ledger object CREDENTIAL and its transactions - CredentialCreate, CredentialAccept, CredentialDelete
  • DEPOSIT_PREAUTH ledger object updated to be able to use credentials. Updated transactions: DepositPreauth,
  • Updated transactions to use credentials in their parameters: Payment, EscrowFinish, AccountDelete, PaymentChannelClaim

API Impact

  • [x] Public API: deposit_authorized added credentials field.
  • [x] Public API: ledger_entry added authorize_credentials to deposit_preauth field.
  • [x] Public API: ledger_entry added credential parameter.

oleks-rip avatar Aug 23 '24 17:08 oleks-rip

Codecov Report

Attention: Patch coverage is 97.15142% with 19 lines in your changes missing coverage. Please review.

Project coverage is 77.8%. Comparing base (c5c0e70) to head (cd9b5c9). Report is 2 commits behind head on develop.

Files with missing lines Patch % Lines
src/xrpld/app/misc/CredentialHelpers.cpp 93.6% 8 Missing :warning:
src/xrpld/app/tx/detail/Credentials.cpp 96.7% 6 Missing :warning:
src/xrpld/app/tx/detail/DepositPreauth.cpp 96.4% 4 Missing :warning:
src/xrpld/app/tx/detail/PayChan.cpp 93.8% 1 Missing :warning:
Additional details and impacted files

Impacted file tree graph

@@            Coverage Diff            @@
##           develop   #5103     +/-   ##
=========================================
+ Coverage     77.7%   77.8%   +0.2%     
=========================================
  Files          779     782      +3     
  Lines        66015   66614    +599     
  Branches      8156    8163      +7     
=========================================
+ Hits         51261   51859    +598     
- Misses       14754   14755      +1
Files with missing lines Coverage Δ
include/xrpl/protocol/ErrorCodes.h 100.0% <ø> (ø)
include/xrpl/protocol/Feature.h 100.0% <ø> (ø)
include/xrpl/protocol/HashPrefix.h 100.0% <ø> (ø)
include/xrpl/protocol/Indexes.h 100.0% <100.0%> (ø)
include/xrpl/protocol/TER.h 100.0% <ø> (ø)
include/xrpl/protocol/UintTypes.h 100.0% <100.0%> (ø)
include/xrpl/protocol/detail/ledger_entries.macro 100.0% <100.0%> (ø)
include/xrpl/protocol/detail/transactions.macro 100.0% <100.0%> (ø)
src/libxrpl/protocol/ErrorCodes.cpp 71.4% <ø> (ø)
src/libxrpl/protocol/Indexes.cpp 98.0% <100.0%> (+0.1%) :arrow_up:
... and 21 more

... and 15 files with indirect coverage changes

Impacted file tree graph

codecov[bot] avatar Aug 23 '24 18:08 codecov[bot]

One thing I did find is that traditional deposit auth will override the credentials. Meaning if the destination adds deposit auth credentials, then deposit auth's my account, I dont need the credentials. I'm sure you knew that but it might be worth notating in the documentation.

dangell7 avatar Sep 17 '24 23:09 dangell7

One thing I did find is that traditional deposit auth will override the credentials. Meaning if the destination adds deposit auth credentials, then deposit auth's my account, I dont need the credentials. I'm sure you knew that but it might be worth notating in the documentation.

The behavior will depend on credentialIDs parameter provided. If you provide it - rippled will look for deposit auth with credentials, if not - it will look for traditional deposit auth. But it will be 2 different ledger objects.

oleks-rip avatar Sep 18 '24 13:09 oleks-rip

Rebased with the latest develop.

oleks-rip avatar Sep 18 '24 19:09 oleks-rip

Changed functionality for credentials creation:

  • Issuer must be present in the Ripple ledger.
  • Credentials can be created by issuer only and accepted by subject.
  • Shared node ownership of credentials between issuer and subject.
  • Deleting issuer or subject lead to deleting credentials.

oleks-rip avatar Sep 20 '24 14:09 oleks-rip

Squashed and rebased on the latest develop

oleks-rip avatar Oct 17 '24 16:10 oleks-rip

https://github.com/XRPLF/rippled/pull/5042 is blocked by this PR

Bronek avatar Oct 23 '24 17:10 Bronek

Rebased with latest develop

oleks-rip avatar Oct 31 '24 18:10 oleks-rip

@ximinez this is ready to merge.

Commit message:

Introduce Credentials support (XLS-70d): (#5103)
    
    Amendment:
    - Credentials
    
    New Transactions:
    - CredentialCreate
    - CredentialAccept
    - CredentialDelete
    
    Modified Transactions:
    - DepositPreauth
    - Payment
    - EscrowFinish
    - PaymentChannelClaim
    - AccountDelete
    
    New Object:
    - Credential

    Modified Object:
    - DepositPreauth
    
    API updates:
    - ledger_entry
    - account_objects
    - ledger_data
    - deposit_authorized
    
    Read full spec: https://github.com/XRPLF/XRPL-Standards/tree/master/XLS-0070d-credentials

mvadari avatar Nov 06 '24 21:11 mvadari