Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Extend allow logic hierarchy & subscription manager to include 'authorization administrator' role (Managed Allow List) #257

Open
arjunhassard opened this issue Apr 17, 2024 · 0 comments
Assignees

Comments

@arjunhassard
Copy link
Member

Creation of AuthAdmin role to sit in between the CohortAdmin (partner) and Encryptor (data producer) in the hierarchy of power. In most cases, AuthAdmin is an adopting developer of a joint SDK/offering between TACo & the partner. The AuthAdmin role is templated with a default configuration to make it easier for partners to understand, implement and parametrize the constraints of AuthAdmin/Encryptor behavior and onboarding.

Four-tier hierarchy of roles, where:

  • Partner = CohortAdmin. This role controls the DKG public key can add or remove AuthAdmin based on arbitrary logic defined in its own contract(s).
  • Developers adopting the joint partner + TACo SDK = AuthAdmin. This role can add or remove Encryptors to the allow list based on arbitrary logic defined in their own contract(s).
  • End-users (data producers) = Encryptors.
  • End-users (data consumers) are Requestors.

Allow logic contract flow:

  1. Allow logic contract verifies that the Partner has a valid subscription in place.
  2. Allow logic contract calls a Partner-defined contract to see if a given AuthAdmin is currently approved.
  3. Allow logic does whatever logic is codified (e.g. checking a simple allow list for certain Encryptor addresses).

Impact on fee model, and consequences if CohortAdmin fails to pay/top-up to be detailed in separate issue.

Improvements:

See #255

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

No branches or pull requests

3 participants