Guidelines

Permission

What is permission

There are 2 types of FIBOS account permissions: owner、active. An account must be “associated” with owner、active permissions.

Relationships Between Account and Permission

Create FIBOS account

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
var FIBOS = require('fibos.js');

var fibos = FIBOS({
  chainId: 'cf057bbfb72640471fd910bcb67639c22df9f92470936cddc1ade0e2f2e7dc4f',
  keyProvider: 'keyProvider',
  httpEndpoint: 'http://127.0.0.1:8888',
  logger: {
    log: null,
    error: null
  }
});

//Account hellofibos01 public key to
let pubkey = 'your public key';
let prikey = 'your private key';

var name = 'hellofibos01';
fibos.newaccountSync({
  creator: 'helloeosio12',
  name: name,
  owner: pubkey,
  active: pubkey
});

var c = fibos.getAccountSync(name);
console.notice(c);

Result:

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
{
  'account_name': 'hellofibos01',
  'head_block_num': 10,
  'head_block_time': '2018-08-21T09:58:50.500',
  'privileged': false,
  'last_code_update': '1970-01-01T00:00:00.000',
  'created': '2018-08-21T09:58:51.000',
  'ram_quota': -1,
  'net_weight': -1,
  'cpu_weight': -1,
  'net_limit': {
    'used': -1,
    'available': -1,
    'max': -1
  },
  'cpu_limit': {
    'used': -1,
    'available': -1,
    'max': -1
  },
  'ram_usage': 2724,
  'permissions': [
    {
      'perm_name': 'active',
      'parent': 'owner',
      'required_auth': {
        'threshold': 1,
        'keys': [
          {
            'key': 'FO5dZut9MG9ZdqrT1WYdPkp1Txxi6JLRYEgYCtAUDWH6ymNqdJpR',
            'weight': 1
          }
        ],
        'accounts': [],
        'waits': []
      }
    },
    {
      'perm_name': 'owner',
      'parent': '',
      'required_auth': {
        'threshold': 1,
        'keys': [
          {
            'key': 'FO5dZut9MG9ZdqrT1WYdPkp1Txxi6JLRYEgYCtAUDWH6ymNqdJpR',
            'weight': 1
          }
        ],
        'accounts': [],
        'waits': []
      }
    }
  ],
  'total_resources': null,
  'self_delegated_bandwidth': null,
  'refund_request': null,
  'voter_info': null
}

For the string permissions in the result, owner、active permission controller is indeed the owner of public key: FO5dZut9MG9ZdqrT1WYdPkp1Txxi6JLRYEgYCtAUDWH6ymNqdJpR .

Analyze Accounts and Permissions

Select part of the execution script:

1
2
3
4
5
6
fibos.newaccountSync({
    creator: 'eosio',
    name: name,
    owner: pubkey,
    active: pubkey
});

the codes above transferred owner, active permissions to the public key FO5dZut9MG9ZdqrT1WYdPkp1Txxi6JLRYEgYCtAUDWH6ymNqdJpR. That is to say the private key owner corresponding to the public key has owner, active permissions.

Select the part of the execution script:

1
2
3
'ram_quota': -1,
'net_weight': -1,
'cpu_weight': -1,

Use eosio account to create hellofibos01,the resources is unlimited,so RAM、NET、CPU are all -1. The rest of resources we created are all 0,0 represents no resources.

Permission Configuration

Change the active permission of account hellofibos01.

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
var FIBOS = require('fibos.js');

//Public and private key pair of hellofibos01
let pubkey = 'your public key';
let prikey = 'your private key';

//Public and private key pair of hellofibos02 
let pubkey2 = 'your public key2';
let prikey2 = 'your private key2';

var name = 'hellofibos01';
var name2 = 'hellofibos02';

//create hellofibos02 account

var fibos = FIBOS({
  chainId: 'cf057bbfb72640471fd910bcb67639c22df9f92470936cddc1ade0e2f2e7dc4f',
  keyProvider: 'your keyProvider',
  httpEndpoint: 'http://127.0.0.1:8888',
  logger: {
    log: null,
    error: null
  }
});
fibos.newaccountSync({
  creator: 'eosio',
  name: name2,
  owner: pubkey2,
  active: pubkey2
});


//Change the active permission of hellofibos01, Client needs to change to the private key of hellofibos01.
fibos = FIBOS({
  chainId: 'cf057bbfb72640471fd910bcb67639c22df9f92470936cddc1ade0e2f2e7dc4f',
  keyProvider: 'your private key',
  httpEndpoint: 'http://127.0.0.1:8888',
  logger: {
    log: null,
    error: null
  }
});

let ctx = fibos.contractSync('eosio');
ctx.updateauthSync({
  account: name,
  permission: 'active',
  parent: 'owner',
  auth: {
    threshold: 1,
    keys: [{
      key: 'FO5UFAzxUsbjQCijL5LtS6TaTtkJgPJACZ8qwDpXyLaW3sE9Ed2D',
      weight: 1
    }]
  }
});

var c = fibos.getAccountSync(name);
console.notice(c);

Results:

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
{
  'account_name': 'hellofibos01',
  'head_block_num': 66,
  'head_block_time': '2018-08-21T09:59:18.500',
  'privileged': false,
  'last_code_update': '1970-01-01T00:00:00.000',
  'created': '2018-08-21T09:58:51.000',
  'ram_quota': -1,
  'net_weight': -1,
  'cpu_weight': -1,
  'net_limit': {
    'used': -1,
    'available': -1,
    'max': -1
  },
  'cpu_limit': {
    'used': -1,
    'available': -1,
    'max': -1
  },
  'ram_usage': 2724,
  'permissions': [
    {
      'perm_name': 'active',
      'parent': 'owner',
      'required_auth': {
        'threshold': 1,
        'keys': [
          {
            'key': 'FO5UFAzxUsbjQCijL5LtS6TaTtkJgPJACZ8qwDpXyLaW3sE9Ed2D',
            'weight': 1
          }
        ],
        'accounts': [],
        'waits': []
      }
    },
    {
      'perm_name': 'owner',
      'parent': '',
      'required_auth': {
        'threshold': 1,
        'keys': [
          {
            'key': 'FO5dZut9MG9ZdqrT1WYdPkp1Txxi6JLRYEgYCtAUDWH6ymNqdJpR',
            'weight': 1
          }
        ],
        'accounts': [],
        'waits': []
      }
    }
  ],
  'total_resources': null,
  'self_delegated_bandwidth': null,
  'refund_request': null,
  'voter_info': null
}

The codes above created hellofibos02,and called updateauthSync method to do permission change operation. We transferred active permiision of hellofibos01 to the public key.FO5UFAzxUsbjQCijL5LtS6TaTtkJgPJACZ8qwDpXyLaW3sE9Ed2D.

Multiple Signature

What is Multiple Signature?

Multiple signiture means signing multiple times. While we use blockchain to do authorized operations, the private key is used to sign all.

Thresholds and Weights

Threshold is the minimum permission you need to access an account. Weight represents the permission level owned by your private key.

Example

Single Signature Account

permission Public Key Weight Threshold
owner 1
FO5dZut9MG9ZdqrT1WYdPkp1Txxi6JLRYEgYCtAUDWH6ymNqdJpR 1 -
active 1
FO5dZut9MG9ZdqrT1WYdPkp1Txxi6JLRYEgYCtAUDWH6ymNqdJpR 1 -

As the table above shows,if you want to get owner permission,the weight of the owner must be greater than or equal to the threshold corresponding to the owner,the example above shows the threshold of owner is 1,and the weight of public key FO6MRyAjQq8ud7hVNYcfnVPJqcVpscN5So8BhtHuGYqET5GDW5CV is 1. Therefore, the owner of the public key can be directly obtained for operation.

Active permissions are the same as explained above, we understand this type of account that only has one public key as the single signature account.

Multi-Signature Account

For correct signature, must satisfy the threshold authorization

Permission Public Key Weight Threshold
owner 2
FO5dZut9MG9ZdqrT1WYdPkp1Txxi6JLRYEgYCtAUDWH6ymNqdJpR 1 -
FO5UFAzxUsbjQCijL5LtS6TaTtkJgPJACZ8qwDpXyLaW3sE9Ed2D 1 -
active 1
FO5dZut9MG9ZdqrT1WYdPkp1Txxi6JLRYEgYCtAUDWH6ymNqdJpR 1 -

As the table above shows,if you want to get owner permission,two public keys must be authorized at the same time.