Add ERC: Grant Permissions from Wallets #436
Open
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
eip-review-bot
changed the title
abcoathup
reviewed
May 24, 2024
abcoathup
reviewed
May 24, 2024
abcoathup
reviewed
May 24, 2024
Co-authored-by: Andrew B Coathup <28278242+abcoathup@users.noreply.github.com>
Co-authored-by: Andrew B Coathup <28278242+abcoathup@users.noreply.github.com>
Co-authored-by: Andrew B Coathup <28278242+abcoathup@users.noreply.github.com>
filmakarov
reviewed
Jul 4, 2024
Comment on lines
+568
to
+575
| // Alice sends the transaction by calling redeemDelegation on Bob's account | ||
| const tx = await bob.sendTransaction({ | ||
| to: delegationManager, | ||
| data: bob.interface.encodeFunctionData('redeemDelegation', [ | ||
| permissionsContext, | ||
| action | ||
| ]) | ||
| }); |
There was a problem hiding this comment.
Is this correct?
- Why
bob.sendTransaction? shouldn't it bealice.sendTransaction? - Why
bobhas interface ofredeemDelegation?bobis Delegator, so it hasERC7710interface withexecuteDelegatedActionmethod.redeemDelegationlives in theERC7710Managerinterface implemented bydelegationManager.
ERC-7710 for reference
GregTheGreek
reviewed
Jul 5, 2024
ERCS/erc-7715.md
Outdated
| policies: [ | ||
| { | ||
| type: 'gas-limit', | ||
| data: { |
There was a problem hiding this comment.
just did a pretty big dive into this and can't really see concrete definitions with data in the context of policies. It also might make sense to try and define the permissions/policies deeper before getting into examples like these
erensanlier
reviewed
Jul 6, 2024
ERCS/erc-7715.md
Outdated
| ], | ||
| required: true, | ||
| data: { | ||
| address: '0x...', |
There was a problem hiding this comment.
I think there shouldn't be address field in native-token-transfer permission.
17 tasks
SamWilsn
previously approved these changes
Jul 9, 2024
|
|
||
| ## Abstract | ||
|
|
||
| We define a new JSON-RPC method `wallet_grantPermissions` for DApp to request a Wallet to grant permissions in order to execute transactions on the user’s behalf. This enables two use cases: |
There was a problem hiding this comment.
The wording here is a bit awkward. How about:
Suggested change
| We define a new JSON-RPC method `wallet_grantPermissions` for DApp to request a Wallet to grant permissions in order to execute transactions on the user’s behalf. This enables two use cases: | |
| We define a new JSON-RPC method `wallet_grantPermissions`. With it, a DApp can request that a wallet grant permissions in order to execute transactions on the user’s behalf. This enables two use cases: |
|
|
||
| Currently most DApps implement a flow similar to the following: | ||
|
|
||
| ```mermaid |
There was a problem hiding this comment.
Not sure if mermaid diagrams will render properly in Jekyll. If not, we have a slight preference for SVGs.
There was a problem hiding this comment.
I checked, and no, this will not render.
eip-review-bot
previously approved these changes
Jul 9, 2024
|
. |
auto-merge was automatically disabled
July 29, 2024 15:29
Head branch was pushed to by a user without write access
moldy530
reviewed
Sep 3, 2024
ERCS/erc-7715.md
Outdated
Comment on lines
60
to
67
| permission: { | ||
| type: string; // enum defined by ERCs | ||
| data: Record<string, any>; | ||
| }; | ||
| policies: { | ||
| type: string; // enum defined by ERCs | ||
| data: Record<string, any>; | ||
| }[]; |
There was a problem hiding this comment.
any reason not to be consistent with permission and policies either both being an Array or both being singletons?
looking at some examples policies vs permissions below, it's also not super clear what the difference is between them. a NativeTokenSpendPolicy seems similar to an Erc20TokenTransferPermission. They both define limits on the spend of some funds.
There was a problem hiding this comment.
When I was first looking at this, I was thinking it would be used like:
{
permission: { type: "owner" }, // or maybe "root" or "admin" type?
policies: [], // no need to for policies because this is a root permission
}
or
{
permission: { type: "session-key", data: { expiry: fifteenMinutesInMs } },
policies: [
... // spend limits, etc
]
}
VGabriel45
suggested changes
Oct 1, 2024
|
|
||
| [ERC-7679](./eip-7679.md) UserOp Builder contract defines `bytes calldata context` parameter in all of its methods. It’s equivalent to the`permissionsContext` returned by the `wallet_grantPermissions` call. | ||
|
|
||
| Example of formatting userOp signature using the [ERC-7679](./eip-7679.md) UserOp Builder |
There was a problem hiding this comment.
Clicking ERC-7579 is giving 404.
Suggested change
| Example of formatting userOp signature using the [ERC-7679](./eip-7679.md) UserOp Builder | |
| Example of formatting userOp signature using the [ERC-7679](./erc-7679.md) UserOp Builder |
|
|
||
| #### ERC-7679 with `Key` type signer | ||
|
|
||
| `wallet_grantPermissions` replies with `permissionsContext` and `userOpBuilder` address inside the `signerMeta` field. DApps can use that data with methods provided by [ERC-7679](./eip-7679.md) to build the [ERC-4337](./eip-4337.md) userOp. |
There was a problem hiding this comment.
Clicking ERC-4337 and ERC-7679 is giving 404.
Suggested change
| `wallet_grantPermissions` replies with `permissionsContext` and `userOpBuilder` address inside the `signerMeta` field. DApps can use that data with methods provided by [ERC-7679](./eip-7679.md) to build the [ERC-4337](./eip-4337.md) userOp. | |
| `wallet_grantPermissions` replies with `permissionsContext` and `userOpBuilder` address inside the `signerMeta` field. DApps can use that data with methods provided by [ERC-7679](./erc-7679.md) to build the [ERC-4337](./erc-4337.md) userOp. |
|
|
||
| `wallet_grantPermissions` replies with `permissionsContext` and `userOpBuilder` address inside the `signerMeta` field. DApps can use that data with methods provided by [ERC-7679](./eip-7679.md) to build the [ERC-4337](./eip-4337.md) userOp. | ||
|
|
||
| [ERC-7679](./eip-7679.md) UserOp Builder contract defines `bytes calldata context` parameter in all of its methods. It’s equivalent to the`permissionsContext` returned by the `wallet_grantPermissions` call. |
There was a problem hiding this comment.
Clicking ERC-7579 is giving 404.
Suggested change
| [ERC-7679](./eip-7679.md) UserOp Builder contract defines `bytes calldata context` parameter in all of its methods. It’s equivalent to the`permissionsContext` returned by the `wallet_grantPermissions` call. | |
| [ERC-7679](./erc-7679.md) UserOp Builder contract defines `bytes calldata context` parameter in all of its methods. It’s equivalent to the`permissionsContext` returned by the `wallet_grantPermissions` call. |
|
|
||
| The `permissionsContext` field is meant to be an opaque string that's maximally flexible and can encode arbitrary information for different permissions schemes. We specifically had three schemes in mind: | ||
|
|
||
| - If a DApp leverages [ERC-7679](./eip-7679.md), it could use `permissionsContext` as the `context` parameter when interacting with the UserOp builder. |
There was a problem hiding this comment.
Suggested change
| - If a DApp leverages [ERC-7679](./eip-7679.md), it could use `permissionsContext` as the `context` parameter when interacting with the UserOp builder. | |
| - If a DApp leverages [ERC-7679](./erc-7679.md), it could use `permissionsContext` as the `context` parameter when interacting with the UserOp builder. |
| The `permissionsContext` field is meant to be an opaque string that's maximally flexible and can encode arbitrary information for different permissions schemes. We specifically had three schemes in mind: | ||
|
|
||
| - If a DApp leverages [ERC-7679](./eip-7679.md), it could use `permissionsContext` as the `context` parameter when interacting with the UserOp builder. | ||
| - If a DApp leverages [ERC-7710](./eip-7710.md), it could use `permissionsContext` as the `_data` when interacting with the delegation manager. |
There was a problem hiding this comment.
Suggested change
| - If a DApp leverages [ERC-7710](./eip-7710.md), it could use `permissionsContext` as the `_data` when interacting with the delegation manager. | |
| - If a DApp leverages [ERC-7710](./erc-7710.md), it could use `permissionsContext` as the `_data` when interacting with the delegation manager. |
|
|
||
| First note that the response contains all of the parameters of the original request and it is not guaranteed that the values received are equivalent to those requested. | ||
|
|
||
| `context` is a catch-all to identify a permission for revoking permissions or submitting userOps, and can contain non-identifying data as well. It MAY be the `context` as defined in [ERC-7679](./eip-7679.md) and [ERC-7710](./eip-7710.md). See “Rationale” for details. |
There was a problem hiding this comment.
Suggested change
| `context` is a catch-all to identify a permission for revoking permissions or submitting userOps, and can contain non-identifying data as well. It MAY be the `context` as defined in [ERC-7679](./eip-7679.md) and [ERC-7710](./eip-7710.md). See “Rationale” for details. | |
| `context` is a catch-all to identify a permission for revoking permissions or submitting userOps, and can contain non-identifying data as well. It MAY be the `context` as defined in [ERC-7679](./erc-7679.md) and [ERC-7710](./erc-7710.md). See “Rationale” for details. |
|
|
||
| `context` is a catch-all to identify a permission for revoking permissions or submitting userOps, and can contain non-identifying data as well. It MAY be the `context` as defined in [ERC-7679](./eip-7679.md) and [ERC-7710](./eip-7710.md). See “Rationale” for details. | ||
|
|
||
| `accountMeta` is optional but when present then fields for `factory` and `factoryData` are required as defined in [ERC-4337](./eip-4337.md). They are either both specified, or none. If the account has not yet been deployed, the wallet MUST return `accountMeta`, and the DApp MUST deploy the account by calling the `factory` contract with `factoryData` as the calldata. |
There was a problem hiding this comment.
Suggested change
| `accountMeta` is optional but when present then fields for `factory` and `factoryData` are required as defined in [ERC-4337](./eip-4337.md). They are either both specified, or none. If the account has not yet been deployed, the wallet MUST return `accountMeta`, and the DApp MUST deploy the account by calling the `factory` contract with `factoryData` as the calldata. | |
| `accountMeta` is optional but when present then fields for `factory` and `factoryData` are required as defined in [ERC-4337](./erc-4337.md). They are either both specified, or none. If the account has not yet been deployed, the wallet MUST return `accountMeta`, and the DApp MUST deploy the account by calling the `factory` contract with `factoryData` as the calldata. |
|
|
||
| `accountMeta` is optional but when present then fields for `factory` and `factoryData` are required as defined in [ERC-4337](./eip-4337.md). They are either both specified, or none. If the account has not yet been deployed, the wallet MUST return `accountMeta`, and the DApp MUST deploy the account by calling the `factory` contract with `factoryData` as the calldata. | ||
|
|
||
| `signerMeta` is dependent on the account type. If the signer type is `wallet` then it's not required. If the signer type is `key` or `keys` then `userOpBuilder` is required as defined in [ERC-7679](./eip-7679.md). If the signer type is `account` then `delegationManager` is required as defined in [ERC-7710](./eip-7710.md). |
There was a problem hiding this comment.
Suggested change
| `signerMeta` is dependent on the account type. If the signer type is `wallet` then it's not required. If the signer type is `key` or `keys` then `userOpBuilder` is required as defined in [ERC-7679](./eip-7679.md). If the signer type is `account` then `delegationManager` is required as defined in [ERC-7710](./eip-7710.md). | |
| `signerMeta` is dependent on the account type. If the signer type is `wallet` then it's not required. If the signer type is `key` or `keys` then `userOpBuilder` is required as defined in [ERC-7679](./erc-7679.md). If the signer type is `account` then `delegationManager` is required as defined in [ERC-7710](./erc-7710.md). |
Update 7715: Remove policies and update signer types
|
The commit 23fa360 (as a parent of 57c37c6) contains errors. |
|
Note to self: this is still blocked on #433. I've locked this PR because too much of the discussion is technical in nature. Please discuss anything technical on the discussion thread. Do not update the links to |
Sign up for free
to subscribe to this conversation on GitHub.
Already have an account?
Sign in.
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Adds JSON-RPC method for granting permissions from a wallet