1

So I have been studying Hyperledger Sawtooth for my next project and I wanted to ask if it's possible to create permissions based on the state of the blockchain. For example for the Transaction Family IntegerKey I want only one specific User to change the value of a variable X.

Adamos2468
  • 151
  • 1
  • 9

1 Answers1

2

It is possible. The smart contract logic in your Transaction Handler for the IntegerKey should verify that the specific user (you're intending to) is updating the value of a variable X.

The out of the box identity-tp will help you restrict access to the client who can perform IntegerKey transaction. Also, it will help you to restrict run only allowed Transaction Family on the network. But when it comes to specific variable, it depends on the way you decide to store the value in the global state. Once you decide on the way to store the variable in the global state, you may optionally have a verification logic to check if the transaction is indeed sent by the right person.

You could make use of the transaction header sent in the TpProcessRequest. This is what you see in the apply() method of your transaction handler. You get both the batcher's and the transaction signer's public key information from the transaction header.

Following explains a way to do this in Go:

In case of the Go SDK https://github.com/hyperledger/sawtooth-sdk-go/blob/727bba445a90dbcc5eb730fb20bf85084874d090/processor/handler.go#L65 is how the context is passed to the apply() method of the transaction handler. Notice the header parameter in the request https://github.com/hyperledger/sawtooth-sdk-go/blob/8422a911dbc13e735f3acbcc593914521468697d/protos/processor.proto#L82. Notice the signer's public key information https://github.com/hyperledger/sawtooth-sdk-go/blob/8422a911dbc13e735f3acbcc593914521468697d/protos/transaction.proto#L54.

Let's say you use the settings-tp, and store your own settings key to know allowed users for each value. In case of variable X, that would be something like settings.variable.X=[List of <PUBLIC_KEY_OF_USER_INTENDED_FOR_X>]. In your transaction handler, you could see if that variable X is being updated. If so, then the read the settings key you stored earlier. Check if the public key matches the one in the transaction request's header.

Arun
  • 592
  • 3
  • 13