ERC-1761: 作用域授权接口
| Authors | Witek Radomski <witek@enjin.io>, Andrew Cooke <ac0dem0nk3y@gmail.com>, James Therien <james@enjin.io>, Eric Binet <eric@enjin.io> |
|---|---|
| Created | 2019-02-18 |
| Discussion Link | https://github.com/ethereum/EIPs/issues/1761 |
| Requires | EIP-165 |
简要概括
一个标准接口,通过定义一个或多个 Token ID 的“作用域”来允许在 token 合约中进行受限授权。
摘要
此接口设计用于具有“ID”域的 token 合约,例如 ERC-1155 或 ERC-721。这允许对一个或多个 Token ID 的特定“作用域”进行受限授权。当考虑一个智能合约管理来自多个不同域的 token 时,将授权限制在这些域是有意义的。作用域授权是这个想法的泛化。实现者可以根据需要定义作用域。
作用域的示例用例:
- 一家公司可以在区块链上表示其车队,并且可以为每个区域办事处创建一个作用域。
- 游戏开发者可以共享一个 ERC-1155 合约,其中每个开发者管理指定作用域下的 token。
- 不同价值的 token 可以分成不同的作用域。高价值 token 可以保存在较小的独立作用域中,而低价值 token 可以保存在共享作用域中。用户可以将整个低价值 token 作用域授权给第三方智能合约、交易所或其他应用程序,而不必担心在出现问题时会丢失其高价值 token。
动机
在某些应用中,可能需要限制授权。受限授权可以防止用户未审计他们授权的合约时造成的损失。没有提供标准 API 来管理作用域,因为这是特定于实现的。某些实现可以选择提供固定数量的作用域,或将特定的一组作用域分配给某些类型。其他实现可能会向其用户开放作用域配置,并提供创建作用域和将 ID 分配给作用域的方法。
规范
pragma solidity ^0.5.2;
/**
Note: The ERC-165 identifier for this interface is 0x30168307.
*/
interface ScopedApproval {
/**
@dev MUST emit when approval changes for scope.
*/
event ApprovalForScope(address indexed _owner, address indexed _operator, bytes32 indexed _scope, bool _approved);
/**
@dev MUST emit when the token IDs are added to the scope.
By default, IDs are in no scope.
The range is inclusive: _idStart, _idEnd, and all IDs in between have been added to the scope.
_idStart must be lower than or equal to _idEnd.
*/
event IdsAddedToScope(uint256 indexed _idStart, uint256 indexed _idEnd, bytes32 indexed _scope);
/**
@dev MUST emit when the token IDs are removed from the scope.
The range is inclusive: _idStart, _idEnd, and all IDs in between have been removed from the scope.
_idStart must be lower than or equal to _idEnd.
*/
event IdsRemovedFromScope(uint256 indexed _idStart, uint256 indexed _idEnd, bytes32 indexed _scope);
/** @dev MUST emit when a scope URI is set or changes.
URIs are defined in RFC 3986.
The URI MUST point a JSON file that conforms to the "Scope Metadata JSON Schema".
*/
event ScopeURI(string _value, bytes32 indexed _scope);
/**
@notice Returns the number of scopes that contain _id.
@param _id The token ID
@return The number of scopes containing the ID
*/
function scopeCountForId(uint256 _id) public view returns (uint32);
/**
@notice Returns a scope that contains _id.
@param _id The token ID
@param _scopeIndex The scope index to query (valid values are 0 to scopeCountForId(_id)-1)
@return The Nth scope containing the ID
*/
function scopeForId(uint256 _id, uint32 _scopeIndex) public view returns (bytes32);
/**
@notice Returns a URI that can be queried to get scope metadata. This URI should return a JSON document containing, at least the scope name and description. Although supplying a URI for every scope is recommended, returning an empty string "" is accepted for scopes without a URI.
@param _scope The queried scope
@return The URI describing this scope.
*/
function scopeUri(bytes32 _scope) public view returns (string memory);
/**
@notice Enable or disable approval for a third party ("operator") to manage the caller's tokens in the specified scope.
@dev MUST emit the ApprovalForScope event on success.
@param _operator Address to add to the set of authorized operators
@param _scope Approval scope (can be identified by calling scopeForId)
@param _approved True if the operator is approved, false to revoke approval
*/
function setApprovalForScope(address _operator, bytes32 _scope, bool _approved) external;
/**
@notice Queries the approval status of an operator for a given owner, within the specified scope.
@param _owner The owner of the Tokens
@param _operator Address of authorized operator
@param _scope Scope to test for approval (can be identified by calling scopeForId)
@return True if the operator is approved, false otherwise
*/
function isApprovedForScope(address _owner, address _operator, bytes32 _scope) public view returns (bool);
}
作用域元数据 JSON 模式
此模式允许本地化。{id} 和 {locale} 应由客户端替换为适当的值。
{
"title": "Scope Metadata",
"type": "object",
"required": ["name"],
"properties": {
"name": {
"type": "string",
"description": "Identifies the scope in a human-readable way.",
},
"description": {
"type": "string",
"description": "Describes the scope to allow users to make informed approval decisions.",
},
"localization": {
"type": "object",
"required": ["uri", "default", "locales"],
"properties": {
"uri": {
"type": "string",
"description": "The URI pattern to fetch localized data from. This URI should contain the substring `{locale}` which will be replaced with the appropriate locale value before sending the request."
},
"default": {
"type": "string",
"description": "The locale of the default data within the base JSON"
},
"locales": {
"type": "array",
"description": "The list of locales for which data is available. These locales should conform to those defined in the Unicode Common Locale Data Repository (http://cldr.unicode.org/)."
}
}
}
}
}
本地化
元数据本地化应该标准化,以提高所有语言的呈现一致性。因此,提出了一种简单的覆盖方法来实现本地化。如果元数据 JSON 文件包含 localization 属性,则可以使用其内容为需要它的字段提供本地化值。localization 属性应该是一个包含三个属性的子对象:uri、default 和 locales。如果字符串 {locale} 存在于任何 URI 中,则所有客户端软件都必须将其替换为所选的语言环境。
理由
最初的设计是作为 ERC-1155 的扩展提出的:Discussion Thread - Comment 1。经过一些讨论:Comment 2 以及社区关于在外部合约中实现此授权机制的建议 Comment 3,最终决定作为接口标准,此设计将允许许多不同的 token 标准(如 ERC-721 和 ERC-1155)实现作用域授权,而无需将系统强制应用到 token 的所有实现中。
元数据 JSON
添加了作用域元数据 JSON 模式,以便支持以多种语言显示人类可读的作用域名称和描述。
参考
标准
实现
文章 & 讨论
版权
Copyright and related rights waived via CC0.
Citation
Please cite this document as:
Witek Radomski <witek@enjin.io>, Andrew Cooke <ac0dem0nk3y@gmail.com>, James Therien <james@enjin.io>, Eric Binet <eric@enjin.io>, "ERC-1761: 作用域授权接口 [DRAFT]," Ethereum Improvement Proposals, no. 1761, February 2019. [Online serial]. Available: https://eips.ethereum.org/EIPS/eip-1761.