Technical description of the platform
Permissions¶
The Waves Enterprise blockchain platform implements a permissioned blockchain model: only authorized participants can have access to it.
The platform also has a role (permission) model which allows to separate permissions of the network participants. Permission management is performed with the use of the 102 Permission Transaction.
Description of permissions¶
permissioner
A participant with the permissioner
role is a network administrator and is entitled to add or remove any roles of participants. The first permissioner
is appointed upon the start of the blockchain network.
sender
A participant with the sender
role is entitled to send transactions into the network.
This role can be enabled with the use of the sender-role-enabled
parameter which is to be found in the genesis
block of the node configuration file.
blacklister
A participant with the blacklister
role is entitled to temporarily or constantly restrict the activity of other participants by adding the banned
role to their accounts. To do this, a blacklister
sends the 102 transaction with the corresponding parameters.
miner
A participant with the miner
role can be chosen as a round miner. In this case he will be entitled to form a next blockchain block.
issuer
A participant with the issuer
role is entitled to issue, reissue and burn tokens.
contract_developer
A participant with the contract_developer
role is entitled to create smart contracts in the blockchain.
Learn more about smart contracts and usage of this role in the Smart contracts article.
contract_validator
A participant with the contract_validator
role is entitled to validate smart contracts to be created or updated in the blockchain.
Learn more about smart contracts and usage of this role in the Smart contract validation article.
connection-manager
A participant with the connection-manager
role is entitled to connect and disconnect network nodes. As a rule, a network administrator is also appointed as a connection-manager
.
Learn more about node connection and disconnection in the article Connection and removing of nodes.
banned
A participant with the banned
role cannot perform any actions in the blockchain temporarily or constantly . An address with the banned
role is added to the blacklist of nodes.
Permission management¶
A permission list can be changed only by a node with the permissioner
role. Roles are added and removed with the use of the 102 Permission Transaction.
The process of participant permission adding and removing is described in the article Permission management.
Prior to sending of the 102 transaction, a node checks the following:
A sender of the 102 transaction is not included in the blacklist.
A sender address has the
permissioner
role.The
permissioner
role of the address is active at the moment of transaction sending.A role stated in the 102 transaction is not active in case of its adding to the address and, vice versa, is not active in case of its removing.
Adding and removing permissions is performed by broadcasting the corresponding transactions in the blockchain. Permissions can be arbitrarily combined for any address; a permission can be removed at any moment.