Safe, simple, flexible building-blocks for smart-contract systems.
A DSAuthority for up to 256 roles
authority for ds-auth
which facilitates access to lists of user roles and capabilities. Works as a
set of lookup tables for the
canCall function to provide boolean answers
as to whether a user is authorized to call a given function at given address.
The ability to check permissions in constant time is entirely due to the artificial constraint on the number of roles. 256 was chosen because this lets us abuse the large word size and cheap bitwise operations.
In the context of providing
authority for DSAuth, a
user is the
DSRoles provides 3 different ways of permitting/forbidding function call access
to users, with root access being the most permissive:
Root Users - any users added to the
whitelist will be authorized to call any function regardless of what roles or
capabilities might be defined.
Public Capabilities - public capabilities are global capabilities which apply to all users and take precedence over any user specific role-capabilities which might be defined.
Role Capabilities - capabilities which are associated with a particular role. Role capabilities are only checked if the user does not have root access and the capability is not public.
Roles are assigned to users by number:
uint8 owner_role = 0; uint8 user_role = 1; setUserRole(owner_address, owner_role, true); setUserRole(user_address, user_role, true);
Capabilities can be assigned to anyone (public) or to a
role permitting/forbidding access to a particular function
at a given address:
address target = 0x123; // code address bytes4 withdraw_sig = bytes4(sha3("withdrawAll()")); setRoleCapability(owner_role, target, withdraw_sig, true); setRoleCapability(user_role, target, withdraw_sig, false); bytes4 deposit_sig = bytes4(sha3("deposit(uint256)")); setRoleCapability(user_role, target, deposit_sig, true);
grant root access to a given user (requires auth)
assign a role to given user (requires auth)
set public permissions for a given capability (requires auth)
set a capability for a given role (requires auth)
We believe that the free software movement is the most important cultural predecessor to the modern-day renaissance in decentralized technologies.
To catalyze the growth of this ecosystem, and to empower hackers to participate, we’re building a comprehensive suite of blockchain-oriented developer tools in the spirit of the Unix philosophy.
Dapp is all you need to start developing for Ethereum. It creates new dapps, runs Solidity unit tests, debugs, deploys, launches testnets, and more.
Seth is a handy tool for slicing and dicing transactions, querying the blockchain, converting between data formats, performing remote calls, and other everyday tasks.
Hevm is our own EVM
implementation with a nimble terminal-based Solidity debugger.
It’s used for
We also maintain Dappsys, an audited collection of smart contract building blocks designed to complement each other. They include;
ds-token— a generic EIP-20 coin;
ds-group— a multisig;
ds-guard— a flexible authority rule;
ds-proxy— a transaction proxy; and
ds-cache— a store of expiring values.
Using these proven parts lets us focus on the novel features of the systems we develop. We share Dappsys to benefit the smart contract ecosystem.