Technical description of the platform

Permissions

The Waves Enterprise blockchain platform implements a permissioned blockchain model: only authorized participants can have access to it.

The platform also has a role (permission) model which allows to separate permissions of the network participants. Permission management is performed with the use of the 102 Permission Transaction.

Description of permissions

permissioner

A participant with the permissioner role is a network administrator and is entitled to add or remove any roles of participants. The first permissioner is appointed upon the start of the blockchain network.

sender

A participant with the sender role is entitled to send transactions into the network.

This role can be enabled with the use of the sender-role-enabled parameter which is to be found in the genesis block of the node configuration file.

banned

The banned role temporarily or permanently limits the transaction sending from the participant to the blockchain. The address with the banned role is added to the blacklist of nodes – the list of addresses from which no transactions are accepted.

blacklister

A participant with the blacklister role is entitled to temporarily or constantly restrict the activity of other participants by adding the banned role to their accounts. To do this, a blacklister sends the 102 transaction with the corresponding parameters.

miner

A participant with the miner role can be chosen as a round miner. In this case he will be entitled to form a next blockchain block.

issuer

A participant with the issuer role is entitled to issue, reissue and burn tokens.

contract_developer

A participant with the contract_developer role is entitled to create smart contracts in the blockchain.

Learn more about smart contracts and usage of this role in the Smart contracts article.

contract_validator

A participant with the contract_validator role is entitled to validate smart contracts to be created or updated in the blockchain.

Learn more about smart contracts and usage of this role in the Smart contract validation article.

connection-manager

A participant with the connection-manager role is entitled to connect and disconnect network nodes. As a rule, network administrator is also appointed as a connection-manager.

Learn more about node connection and disconnection in the article Connection and removing of nodes.

Permission management

The permission list can be changed only by a node with the permissioner role. Roles are added and removed with the use of the 102 Permission Transaction. You can sign the transaction using the sign REST API method, and broadcast it using the corresponding gRPC or REST API method.

The process of assigning a permission to and removal from a participant is described in the Role management article.

Prior to sending the 102 transaction, the node performs the following checks:

  1. The sender of the 102 transaction is not included in the blacklist.

  2. The sender address has the permissioner role.

  3. The permissioner role of the address is active at the moment of transaction sending.

  4. The role stated in the 102 transaction is not active in case it is added to the address and, vice versa, is active in case it is removed.

Adding and removing permissions is performed by broadcasting the corresponding transactions into the blockchain. Permissions can be arbitrarily combined for any address; a permission can be removed at any moment.

See also