ICRC icon indicating copy to clipboard operation
ICRC copied to clipboard

Published 20 hours ago verified publisher icon dfinity

ICRC-81: Extend global delegation with arbitrary targets (ICRC-28 extension)

Open dostro opened this issue 9 months ago • 0 comments

ICRC-81: Extend global delegation with arbitrary targets (ICRC-28 extension)

Status Badge

  • ICRC-81: Extend global delegation with arbitrary targets
    • Summary
    • Terminology
    • Methods
      • icrc81_extend_delegation
        • Prerequisites
        • Request Params
        • Result
        • Message Processing
        • Example
        • Errors

Summary

ICRC-28 defines a standard method to provide global delegations to relying parties while ensuring that malicious actors cannot gain permission to manage user data in arbitrary canisters (i.e. drain a user's wallet of its assets).

This specification outlines a mechanism for relying parties to request extensions of global delegations to include canisters that the dapp does not control as targets.

Terminology

  • signer: A service that manages a user's keys and can sign and perform canister calls on their behalf.
  • relying party: A service that wants to request calls on a specific canister.
  • targets: A list of canisters to be permitted a delegation identity for.

Methods

icrc81_extend_targets

The purpose of the icrc81_extend_targets method is for the relying party to request extensions of global delegations to include canisters that the dapp does not control as targets. If the set of targets is not empty, the signer SHOULD pick only the inverse of targets from the icrc28_get_trusted_origins method and SHOULD request user approval before responding with the delegation with extended targets.

Prerequisites

None

Request Params

targets: Array of canisters to extend the global delegation with

Result

delegation:

Message Processing

  1. The relying party sends a icrc81_extend_delegation message to the signer.
  2. Depending if the signer supports user approval:
    • If the signer does support user approval, it will display to the user a request to allow the relying party to manage data in those canisters on the user's behalf.
  3. If the user approves the request, the signer will create a delegation with the new canisters listed as targets and respond back to the relying party with it.

Errors

The error is an object comprising the code, message and optional data fields as described in the JSON-RPC 2.0 Specification. In addition to the pre-defined errors, the following values are defined applying to all methods (including extension standards):

  • General (code: 1xxx)
Code Message Meaning Data
1000 Generic error Generic error not fitting another, more specific error category. (text): description of the error intended for developers
  • Not supported (code: 2xxx)
Code Message Meaning Data
2000 Not supported The operation is not supported by the signer. (text): description of the error intended for developers
  • User action (code: 3xxx)
Code Message Meaning Data
3000 Permission not granted The signer has rejected the request due to insufficient permissions. N/A
3001 Action aborted The user has canceled the action. N/A
  • Network (code: 4xxx)
Code Message Meaning Data
4000 Network error The network call failed. (optional) Error details:
  • status (int): HTTP status code
  • message (text, optional): message

dostro avatar May 22 '24 23:05 dostro