When receiving a signed request for data not owned by the signer, idOS nodes use these smart contracts as the source of truth for authorizing (or denying) the request.
The contract functionality is straightforward:
- a grant is an idOS object representing a data access grant from an owner to a grantee for a given data ID (optionally with a timelock)
- the contract stores a collection of grants
- anyone can list grants
- a signer can
- create a grant that they own
- delete a grant that they own (unless timelocked)
Implementations:
Target VM | Language | Source |
---|---|---|
EVM | Solidity | evm/ |
NEAR VM | Rust | near-rs/ |
Deployments:
Source | Chain | Address |
---|---|---|
evm/ |
Sepolia | 0xA5Ac9B9703Bd661cd2aC05B41FE57d1A5DD332AA |
evm/ |
Arbitrum Sepolia | 0x350829c8FCb3DF16EeaE9ADDa2565090348426f9 |
evm/ |
Arbitrum One | 0x350829c8FCb3DF16EeaE9ADDa2565090348426f9 |
evm/ |
Etherlink Testnet | 0xeed5537b68baD728A3Bb433d8e06ebab81ac0EAB |
evm/ |
Etherlink | 0xeed5537b68baD728A3Bb433d8e06ebab81ac0EAB |
near-rs/ |
NEAR Testnet | idos-dev-4.testnet |
near-rs/ |
NEAR Mainnet | idos-dev-4.near |
- Copy
.env
file to.env.local
and fill it in accordingly - Run
npx hardhat --network sepolia run scripts/deploy.js
- Run
npx hardhat --network sepolia verify $RESULTING_ADDRESS
Use hardhat to run local node.
- Run node in separate process
npx hardhat node
- Compile a contract
npx hardhat compile
- Deploy the contract
npx hardhat --network locahost run scripts/deploy.js
Note
This interface description uses mixedCase, but each implementation follows the respective language's style guide, e.g.:
- in EVM + Solidity, we use mixedCase (
insertGrant
) - in NEAR VM + Rust/TypeScript, we use snake_case (
insert_grant
).
Represents an access grant from a data owner, to a grantee, for a given data ID, until a given time.
Variables
owner
: addressgrantee
: addressdataId
: stringlockedUntil
: 256-bit unsigned integer
Creates a new access grant.
Arguments
- required
grantee
: addressdataId
: string
- optional
lockedUntil
: 256-bit unsigned integer
Implements
- creates
Grant(signer, grantee, dataId, lockedUntil)
- reverts if this grant already exists
Deletes an existing access grant.
Arguments
- required
grantee
: addressdataId
: string
- optional
lockedUntil
: 256-bit unsigned integer
Implements
- if given
lockedUntil
- deletes
Grant(signer, grantee, dataId, lockedUntil)
- reverts if
lockedUntil
is in the future
- deletes
- else
- deletes all
Grant(signer, grantee, dataId, *)
- reverts if any
lockedUntil
is in the future
- deletes all
Lists grants matching the provided arguments.
Arguments
- required (both or either)
owner
: addressgrantee
: address
- optional
dataId
: string
Implements
Performs a wildcard search, matching existing grants to given arguments, which must follow one of these patterns:
{ owner, grantee, dataId }
{ owner, grantee, ****** }
{ owner, *******, dataId }
{ owner, *******, ****** }
{ *****, grantee, dataId }
{ *****, grantee, ****** }
Returns
A list of 0+ Grant
s