Security key
Allows accounts to post on behalf of other addresses
Inside most Messages there is an βaddressβ field. This is the address for which the message applies (for which address to apply this aggregate, who posted that itemβ¦).
The pyaleph client validates that the message sender (the one signing the message) has the right to publish on this address's behalf.
obvious case: if the sender == the content address, it is authorized.
the βsecurityβ key in the address aggregate has an entry for this address
Security key with authorizations subkey in value object
This key is a special case in the Aggregate system. It can only be changed by sending an AGGREGATE message on the βsecurityβ channel.
For now, only the address itself (sender == content.address) has the right to send an AGGREGATE message on this channel (βsecurityβ) with this key (βsecurityβ). This behavior might change in the future.
The value to be created for the security key:
is an object
has the authorizations subkey
the authorizations subkey value is an array of objects structured as follows
If some filter is set only messages that match the filter set (all options selected) will be accepted except for:
post_types only apply to POST Messages,
aggregate_keys only apply to AGGREGATE Messages
address - required
account address to authorize to write on behalf of the aggregate's address
types - optional
Can be Post, Aggregate, or Store; Only these types will be accepted from this address
post_types - optional
Only those post types will be writeable by the address
aggregate_keys - optional
Only those keys will be writeable by the address
chain - optional
Only accept the passed address on a specific chain
channels - optional
Only the messages of these types on these channels will be accepted
Last updated