https://github.com/ethereum/EIPs/blob/master/EIPS/eip-725.md

eip title author discussions-to status type category created
725
Proxy Identity
Fabian Vogelsteller (@frozeman)
Draft
Standards Track
ERC
2017-10-02

Simple Summary

Proxy contract for key management and execution, to establish a Blockchain identity.

代理合约是通过建立区块链身份来实现密钥的管理和执行的

Abstract

The following describes standard functions for a unique identity for humans, groups, objects and machines. This identity can hold keys to sign actions (transactions, documents, logins, access, etc), and claims, which are attested from third parties (issuers) and self attested (#ERC735), as well as a proxy function to act directly on the blockchain.

下面描述了给予人、组、物体、机器唯一身份的标准函数的实现。这个身份可以管控密钥来签名所做的操作;claims是通过第三方(发行商)和自己来进行证明的。代理函数是直接在区块链上操作的。

Motivation

This standardised identity interface will allow Dapps, smart contracts and thirdparties to check the validity of a person, organisation, object or machine through 2 steps as described in the function XXX. Trust is here transfered to the issuers of claims.

就是通过调用身份接口来证明这些人、组、物体、机器的有效性,通过以下两步进行:

The most important functions to verify an identity are: XXX

The most important functions to manage an identity are: XXX

Definitions

  • keys: Keys are public keys from either external accounts, or contract addresses.来自外部账户或合约账户的公钥
  • claim issuer: is another smart contract or external account, which issues claims about this identity. The claim issuer can be an identity contract itself.身份发行商
  • claim: For details about claims 身份  see #ERC735

Specification

Key Management

Keys are cryptographic public keys, or contract addresses associated with this identity. The structure should be as follows:

keys就是加密后的公钥(当为EOA账户时)或者与这个身份相关的合约地址

  • key: A public key owned by this identity

    • purposeuint256[] Array of the key types, like 1 = MANAGEMENT, 2 = ACTION, 3 = CLAIM, 4 = ENCRYPTION,这个key的作用是什么,下面有解释
    • keyType: The type of key used, which would be a uint256 for different key types. e.g. 1 = ECDSA, 2 = RSA, etc.key使用的加密方法
    • keybytes32 The public key. // for non-hex and long keys, its the Keccak256 hash of the key
struct Key {
uint256[] purposes;
uint256 keyType;
bytes32 key;
}

getKey

Returns the full key data, if present in the identity.

function getKey(bytes32 _key) constant returns(uint256[] purposes, uint256 keyType, bytes32 key);

keyHasPurpose

Returns the TRUE if a key has is present and has the given purpose. If key is not present it returns FALSE.

function keyHasPurpose(bytes32 _key, uint256 purpose) constant returns(bool exists);

getKeysByPurpose

Returns an array of public key bytes32 hold by this identity.

function getKeysByPurpose(uint256 _purpose) constant returns(bytes32[] keys);

addKey

Adds a _key to the identity. The _purpose specifies the purpose of key. Initially we propose four purposes:

key的作用

  • 1: MANAGEMENT keys, which can manage the identity,用来管理身份
  • 2: ACTION keys, which perform actions in this identities name (signing, logins, transactions, etc.)在这个身份下执行操作
  • 3: CLAIM signer keys, used to sign claims on other identities which need to be revokable.用来在别的身份上签署claims,这个身份是可以取消的
  • 4: ENCRYPTION keys, used to encrypt data e.g. hold in claims.用来加密数据

MUST only be done by keys of purpose 1, or the identity itself. If its the identity itself, the approval process will determine its approval.

Triggers Event: KeyAdded

function addKey(bytes32 _key, uint256 _purpose, uint256 _keyType) returns (bool success)

removeKey

Removes _key from the identity.

MUST only be done by keys of purpose 1(即MANAGEMENT), or the identity itself. If its the identity itself, the approval process will determine its approval.

Triggers Event: KeyRemoved

function removeKey(bytes32 _key, uint256 _purpose) returns (bool success)

Identity usage身份的使用

execute

Executes an action on other contracts, or itself, or a transfer of ether. SHOULD require approve to be called with one or more keys of purpose 1(MANAGEMENT) or 2 (ACTION)to approve this execution.执行对其他合约、合约本身或eth的转让的操作。应该通过调用包含一个或多个实现目的1(管理)或2(动作)key的approve去批准执行。

Execute COULD be used as the only accessors for addKeyremoveKey and replaceKey and removeClaim.

Execute可以作为addKey、removeKey和replaceKey以及removeClaim的唯一途径

Returns executionId: SHOULD be send to the approve function, to approve or reject this execution.
返回executionId:应该发送到approve函数,以批准或拒绝此执行。

Triggers Event: ExecutionRequested Triggers on direct execution Event: Executed

function execute(address _to, uint256 _value, bytes _data) returns (uint256 executionId)

approve

Approves an execution or claim addition. This SHOULD require n of m approvals of keys purpose 1, if the _to of the execution is the identity contract itself, to successfull approve an execution. And COULD require n of m approvals of keys purpose 2, if the _to of the execution is another contract, to successfull approve an execution.

批准执行或添加有关身份的claim。如果执行的_to是identity合约本身,那么要成功地批准执行,应该需要m个目的1(管理)密钥中n个的批准。如果执行的_to是另一个合约,则可能需要m个目的2(动作)密钥中n个的批准才能成功地批准执行。

Triggers Event: Approved Triggers on successfull execution Event: Executed Triggers on successfull claim addition Event: ClaimAdded

function approve(uint256 _id, bool _approve) returns (bool success)

Identity verification

Requires: ERC 735

The following changes to ERC 735 are REQUIRED:

addClaim

This SHOULD create a pending claim, which SHOULD to be approved or rejected by n of m approve calls from keys of purpose 1.创建一个待定的claim,应该需要m个目的1(管理)密钥中n个的批准

Only Events: Triggers if the claim is new Event and approval process exists: ClaimRequested Triggers if the claim index existed Event: ClaimChanged

removeClaim

MUST only be done by the issuer of the claim, or keys of purpose 1, or the identity itself. If its the identity itself, the approval process will determine its approval.

只有claim发行商、目的一的密钥或身份本身能执行。如果是身份本身,审批过程将决定其审批。

问题:key,claim,identity之间的关系到底是什么,看本博客ERC 725 and ERC 735 的实现及关系

Events

KeyAdded

MUST be triggered when addKey was successfully called.

event KeyAdded(bytes32 indexed key, uint256 indexed purpose, uint256 indexed keyType)

KeyRemoved

MUST be triggered when removeKey was successfully called.

event KeyRemoved(bytes32 indexed key, uint256 indexed purpose, uint256 indexed keyType)

ExecutionRequested

MUST be triggered when execute was successfully called.

event ExecutionRequested(uint256 indexed executionId, address indexed to, uint256 indexed value, bytes data)

Executed

MUST be triggered when approve was called and the execution was successfully approved.

event Executed(uint256 indexed executionId, address indexed to, uint256 indexed value, bytes data)

Approved

MUST be triggered when approve was successfully called.

event Approved(uint256 indexed executionId, bool approved)
The following changes to ERC 735 are REQUIRED:

ClaimRequested

MUST be triggered when addClaim was successfully called.

ClaimAdded

MUST be triggered when approve was called and the claim was successfully added.

Constraints

  • A claim can only be one type per type per issuer.对于每个发行者,每个类型的claim只能是一种类型

Implementation

Solidity Interface

pragma solidity ^0.4.;

contract ERC725 {

    uint256 constant MANAGEMENT_KEY = ;
uint256 constant ACTION_KEY = ;
uint256 constant CLAIM_SIGNER_KEY = ;
uint256 constant ENCRYPTION_KEY = ; event KeyAdded(bytes32 indexed key, uint256 indexed purpose, uint256 indexed keyType);
event KeyRemoved(bytes32 indexed key, uint256 indexed purpose, uint256 indexed keyType);
event ExecutionRequested(uint256 indexed executionId, address indexed to, uint256 indexed value, bytes data);
event Executed(uint256 indexed executionId, address indexed to, uint256 indexed value, bytes data);
event Approved(uint256 indexed executionId, bool approved); struct Key {
uint256 purpose; //e.g., MANAGEMENT_KEY = 1, ACTION_KEY = 2, etc.
uint256 keyType; // e.g. 1 = ECDSA, 2 = RSA, etc.
bytes32 key;
} function getKey(bytes32 _key) public constant returns(uint256[] purposes, uint256 keyType, bytes32 key);
function keyHasPurpose(bytes32 _key, uint256 _purpose) public constant returns (bool exists);
function getKeysByPurpose(uint256 _purpose) public constant returns (bytes32[] keys);
function addKey(bytes32 _key, uint256 _purpose, uint256 _keyType) public returns (bool success);
function removeKey(bytes32 _key, uint256 _purpose) public returns (bool success);
function execute(address _to, uint256 _value, bytes _data) public returns (uint256 executionId);
function approve(uint256 _id, bool _approve) public returns (bool success);
}

ethereum/EIPs-725的更多相关文章

  1. ethereum/EIPs-1078 Universal login / signup using ENS subdomains

    https://github.com/ethereum/EIPs/blob/master/EIPS/eip-1078.md eip title author discussions-to status ...

  2. go ethereum源码分析 PartIV Transaction相关

    核心数据结构: core.types.transaction.go type Transaction struct { data txdata // caches hash atomic.Value ...

  3. 【转】干货 | 【虚拟货币钱包】从 BIP32、BIP39、BIP44 到 Ethereum HD Wallet

    虚拟货币钱包 钱包顾名思义是存放$$$.但在虚拟货币世界有点不一样,我的帐户资讯(像是我有多少钱)是储存在区块链上,实际存在钱包中的是我的帐户对应的 key.有了这把 key 我就可以在虚拟货币世界证 ...

  4. ethereum/EIPs-1271 smart contract

    https://github.com/PhABC/EIPs/blob/is-valid-signature/EIPS/eip-1271.md Standard Signature Validation ...

  5. ethereum/EIPs-1

    https://github.com/ethereum/EIPs/blob/master/EIPS/eip-1.md 介绍了什么是EIP等等的详细信息: eip title status type a ...

  6. ethereum/EIPs-100 挖矿难度计算

    https://github.com/ethereum/EIPs/blob/master/EIPS/eip-100.md 创世纪区块的难度是131,072,有一个特殊的公式用来计算之后的每个块的难度. ...

  7. ethereum/EIPs-712 Ethereum typed structured data hashing and signing

    https://github.com/ethereum/EIPs/blob/master/EIPS/eip-712.md eip title author discussions-to status ...

  8. ethereum/EIPs-191 Signed Data Standard

    https://github.com/ethereum/EIPs/blob/master/EIPS/eip-191.md eip title author status type category c ...

  9. ethereum/EIPs-161 State trie clearing

    EIP 161: State trie clearing - makes it possible to remove a large number of empty accounts that wer ...

随机推荐

  1. 简单的SpringMVC经典案例

    主题:构建一个基于SpringMVC的HelloWord Web 项目 目的:快速体验什么是SpringMVC 方案: 1.创建工程,命名:SpringMVC 2.导包 3.在SRC下添加spring ...

  2. Java虚拟机--线程安全和锁优化

    Java虚拟机--线程安全和锁优化 线程安全 线程安全:当多线程访问一个对象时,如果不用考虑这些线程在运行时环境下的调度和交替执行,也不需要额外的同步,或者在调用方进行任何其他的协调操作,调用这个对象 ...

  3. 数据结构与算法--最短路径之Floyd算法

    数据结构与算法--最短路径之Floyd算法 我们知道Dijkstra算法只能解决单源最短路径问题,且要求边上的权重都是非负的.有没有办法解决任意起点到任意顶点的最短路径问题呢?如果用Dijkstra算 ...

  4. [转载]常用 SQL Server 规范集锦

    转载者注:据说是某公司(携程)内部规范. 常见的字段类型选择 1.字符类型建议采用varchar/nvarchar数据类型 2.金额货币建议采用money数据类型 3.科学计数建议采用numeric数 ...

  5. Java基础——String类(二)

    今天做了几道String常见操作.先来几个代码实例: 例一:此方法,仅把字符串前后出现的空格去掉了,中间部分不会. class TestTrim { public static void main(S ...

  6. ActiveMQ 概述

    JMS Java Message Service (Java 消息服务), 类似于JDBC的作用. 1.Destination 目的地 2.Provider 生产者 3.Comsumer 消费者 4. ...

  7. 阿里数据源Druid配置详情

    <bean name="dataSource" class="com.alibaba.druid.pool.DruidDataSource" init-m ...

  8. python变量作用域,函数与传参

    一.元组传值: 一般情况下函数传递参数是1对1,这里x,y是2个参数,按道理要传2个参数,如果直接传递元祖,其实是传递一个参数 >>> def show( x, y ): ... p ...

  9. HDU1160(KB12-J DP)

    FatMouse's Speed Time Limit: 2000/1000 MS (Java/Others)    Memory Limit: 65536/32768 K (Java/Others) ...

  10. 看这一篇就够了,css选择器知识汇总

    对大多技术人员来说都比较熟悉CSS选择器,举一例子来说,假设给一个p标签增加一个类(class),可是执行后该class中的有些属性并没有起作用.通过Firebug查看,发现没有起作用的属性被覆盖了, ...