New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Hedera Schedule Service System Contract #755
Conversation
Signed-off-by: Nana Essilfie-Conduah <nana@swirldslabs.com>
✅ Deploy Preview for hedera-hips ready!
To edit notification comments on pull requests, go to your Netlify site configuration. |
Signed-off-by: Nana Essilfie-Conduah <nana@swirldslabs.com>
|
||
Since smart contracts executions do not utilize the Hedera signature map they are unable to carry along the authorizations that the Hedera ledger uses to confirm an accounts participation and acknowledgment in a transaction. | ||
|
||
To address this Smart Contracts could utilize the Hedera Schedule Service by submitting a scheduled transaction to which accounts can sign / authorize as an acceptance of the desired transaction. This flow provides as easy route for asynchronous coordination of transaction approval. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
To address this Smart Contracts could utilize the Hedera Schedule Service by submitting a scheduled transaction to which accounts can sign / authorize as an acceptance of the desired transaction. This flow provides as easy route for asynchronous coordination of transaction approval. | |
To address this, Smart Contracts could utilize the Hedera Schedule Service by submitting a scheduled transaction which accounts can subsequently sign / authorize to indicate acceptance of the desired transaction. This flow provides an easy route for asynchronous coordination of transaction approval. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Updated
|
||
In many decentralized scenarios a contract may issue a transaction that would require participation by multiple entities. | ||
|
||
However, under the Hedera Smart Contract Service (HSCS) Security Model v2 it is not possible to authorize a contract in advance to modify an accounts property or cause a debit to their balance without their authorization. This essentially means multi party operations made challenging if not infeasible on smart contracts. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
However, under the Hedera Smart Contract Service (HSCS) Security Model v2 it is not possible to authorize a contract in advance to modify an accounts property or cause a debit to their balance without their authorization. This essentially means multi party operations made challenging if not infeasible on smart contracts. | |
This essentially means multi party operations are made challenging if not infeasible when using smart contracts. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Updated
|
||
## Rationale | ||
|
||
By providing a secure mechanism to acquire asynchronous authorization from multiple accounts, smart contracts can continue to be used for more decentralized operations whiles still maintaining the integrity of account sovereignty by allowing accounts to approve confirm their participation in a transaction. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
By providing a secure mechanism to acquire asynchronous authorization from multiple accounts, smart contracts can continue to be used for more decentralized operations whiles still maintaining the integrity of account sovereignty by allowing accounts to approve confirm their participation in a transaction. | |
By providing a secure mechanism to acquire asynchronous authorization from multiple accounts, smart contracts can continue to be used for more decentralized operations while still maintaining the integrity of account sovereignty by allowing accounts to approve and confirm their participation in a transaction. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Updated
|
||
## Specification | ||
|
||
The ledger HSCS will utilize the existing scheduled transaction service supported on the ledger within the system contract logic. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
The ledger HSCS will utilize the existing scheduled transaction service supported on the ledger within the system contract logic. | |
HSCS will utilize the existing scheduled transaction service supported on the ledger within the system contract logic. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Updated
|
||
Since `signSchedule(address scheduleAddress) returns (int64 responseCode)` relies on an implicit signature it will only callable by EOA’s via the IHRC facade. | ||
In this case the signature will be the inner ECDSA signature found in the RLP encoded `EthereumTransaction`. | ||
For `Contract` and `ContractCreate` any applicable signature found in the signature map will be utilized as in `ScheduleSign`. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I'm not sure if I understand what this sentence means? What is ScheduleSign
referencing?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
This is referencing the ScheduleSign transaction. Basically, just as the network pulls signatures for ScheduleSign
it should also pull signatures from the map for ContractCall
and ContractCreate
if the execution logic applies to scheduled transactions
## Security Implications | ||
|
||
Existing security consideration such as throttles will remain applicable. | ||
Additional considerations may include |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Finish or remove.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
The rest of the section are the completion of the section. Let me update it to be more explicit
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Updated
Signed-off-by: Nana Essilfie-Conduah <nana@swirldslabs.com>
Signed-off-by: Nana Essilfie-Conduah <nana@swirldslabs.com>
Description:
This proposal addresses the feature gap of a smart contracts ability to issue scheduled transactions via the HAPI scheduled transactions.
Since smart contracts executions do not utilize the Hedera signature map they are unable to carry along the authorizations that the Hedera ledger uses to confirm an accounts participation and acknowledgment in a transaction.
To address this Smart Contracts could utilize the Hedera Schedule Service by submitting a scheduled transaction to which accounts can sign / authorize as an acceptance of the desired transaction. This flow provides as easy route for asynchronous coordination of transaction approval.
Related issue(s):
Fixes #
Notes for reviewer:
Checklist