Documentation
¶
Overview ¶
Package boolpolicy provides a spend-coordination protocol for policy identity tokens. For OR policies a single co-owner can spend unilaterally; for AND policies all co-owners must endorse. The RequestSpendView / ReceiveSpendTxView pair mirrors the multisig spend protocol and is reused for the AND case.
Index ¶
- func GetWallet(context view.Context, id string, opts ...token.ServiceOption) *token.OwnerWallet
- func NewFinalityView(tx *Transaction, opts ...ttx.TxOption) view.View
- func RequestRecipientIdentity(context view.Context, policy string, parties []token.Identity, ...) (token.Identity, error)
- type EscrowAuth
- func (s *EscrowAuth) AmIAnAuditor() bool
- func (s *EscrowAuth) IsMine(ctx context.Context, tok *token3.Token) (string, []string, bool)
- func (s *EscrowAuth) Issued(_ context.Context, _ driver.Identity, _ *token3.Token) bool
- func (s *EscrowAuth) OwnerType(raw []byte) (driver.IdentityType, []byte, error)
- type OwnerWallet
- func (w *OwnerWallet) ListTokens(ctx context.Context, opts ...token.ListTokensOption) (*token2.UnspentTokens, error)
- func (w *OwnerWallet) ListTokensIterator(ctx context.Context, opts ...token.ListTokensOption) (iterators.Iterator[*token2.UnspentToken], error)
- func (w *OwnerWallet) VerifyApprover(tok *token2.UnspentToken, approver token.Identity) error
- type QueryEngine
- type ReceiveSpendRequestView
- type ReceiveSpendTxView
- type RequestSpendView
- type SpendRequest
- type SpendResponse
- type TokenVault
- type Transaction
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
func GetWallet ¶
func GetWallet(context view.Context, id string, opts ...token.ServiceOption) *token.OwnerWallet
GetWallet returns the owner wallet for the given id.
func NewFinalityView ¶
func NewFinalityView(tx *Transaction, opts ...ttx.TxOption) view.View
NewFinalityView returns a view that waits for the given transaction to reach finality.
func RequestRecipientIdentity ¶
func RequestRecipientIdentity(context view.Context, policy string, parties []token.Identity, opts ...token.ServiceOption) (token.Identity, error)
RequestRecipientIdentity requests a policy identity from the given parties. The policy expression (e.g. "$0 OR $1") governs how component signatures are evaluated.
Types ¶
type EscrowAuth ¶
type EscrowAuth struct {
WalletService driver.WalletService
}
EscrowAuth implements the Authorization interface for policy identity tokens.
func NewEscrowAuth ¶
func NewEscrowAuth(walletService driver.WalletService) *EscrowAuth
NewEscrowAuth returns a new EscrowAuth.
func (*EscrowAuth) AmIAnAuditor ¶
func (s *EscrowAuth) AmIAnAuditor() bool
AmIAnAuditor returns false; policy identities are never auditors.
func (*EscrowAuth) IsMine ¶
IsMine returns true if any component identity of the policy token belongs to one of our owner wallets.
func (*EscrowAuth) OwnerType ¶
func (s *EscrowAuth) OwnerType(raw []byte) (driver.IdentityType, []byte, error)
OwnerType returns the identity type and inner bytes of a typed identity.
type OwnerWallet ¶
type OwnerWallet struct {
// contains filtered or unexported fields
}
OwnerWallet is a wallet wrapper that exposes policy-identity-filtered token lists.
func Wallet ¶
func Wallet(context view.Context, wallet *token.OwnerWallet) *OwnerWallet
Wallet returns an OwnerWallet wrapping the given wallet with policy-token filtering.
func (*OwnerWallet) ListTokens ¶
func (w *OwnerWallet) ListTokens(ctx context.Context, opts ...token.ListTokensOption) (*token2.UnspentTokens, error)
ListTokens returns unspent tokens whose owner is a policy identity and whose component identities include at least one belonging to this wallet.
func (*OwnerWallet) ListTokensIterator ¶
func (w *OwnerWallet) ListTokensIterator(ctx context.Context, opts ...token.ListTokensOption) (iterators.Iterator[*token2.UnspentToken], error)
ListTokensIterator is the iterator variant of ListTokens.
func (*OwnerWallet) VerifyApprover ¶
func (w *OwnerWallet) VerifyApprover(tok *token2.UnspentToken, approver token.Identity) error
VerifyApprover checks that tok is owned by a policy identity and that approver is listed as one of its component identities. It returns an error when the token is not a policy token or when approver is absent from the policy's identity list.
type QueryEngine ¶
type QueryEngine interface {
UnspentTokensIteratorBy(ctx context.Context, id string, tokenType token2.Type) (driver.UnspentTokensIterator, error)
}
QueryEngine knows how to iterate over unspent tokens.
type ReceiveSpendRequestView ¶
type ReceiveSpendRequestView struct{}
ReceiveSpendRequestView is the responder-side view that reads a SpendRequest.
func NewReceiveSpendRequestView ¶
func NewReceiveSpendRequestView() *ReceiveSpendRequestView
NewReceiveSpendRequestView returns a new ReceiveSpendRequestView.
type ReceiveSpendTxView ¶
type ReceiveSpendTxView struct {
// contains filtered or unexported fields
}
ReceiveSpendTxView is the co-owner's view for AND-policy spends: it ACKs the SpendRequest and returns the assembled transaction received from the initiator without endorsing it. The caller inspects the transaction and, if the checks pass, runs ttx.NewEndorseView(tx) to produce the signature.
Splitting receive from endorse lets the application decide which business-logic checks to apply rather than baking a fixed policy into the library.
func NewReceiveSpendTxView ¶
func NewReceiveSpendTxView(request *SpendRequest) *ReceiveSpendTxView
NewReceiveSpendTxView returns a new ReceiveSpendTxView for the given request.
func (*ReceiveSpendTxView) Call ¶
func (a *ReceiveSpendTxView) Call(context view.Context) (any, error)
Call implements view.View. It sends the SpendResponse ACK, receives the assembled transaction, and returns it without endorsing. Endorsement is the caller's responsibility once any business-logic checks pass.
type RequestSpendView ¶
type RequestSpendView struct {
// contains filtered or unexported fields
}
RequestSpendView sends a SpendRequest to all co-owners of a policy token and collects their acknowledgements. This is needed for AND policies; OR-policy spends can skip this step.
func NewRequestSpendView ¶
func NewRequestSpendView(unspentToken *token.UnspentToken, opts ...token2.ServiceOption) *RequestSpendView
NewRequestSpendView creates a RequestSpendView for the given policy token.
type SpendRequest ¶
type SpendRequest struct {
Token *token.UnspentToken
}
SpendRequest carries a policy token selected for spending to co-owners.
func ReceiveSpendRequest ¶
func ReceiveSpendRequest(context view.Context) (*SpendRequest, error)
ReceiveSpendRequest receives an incoming SpendRequest on the current session.
func (*SpendRequest) Bytes ¶
func (r *SpendRequest) Bytes() ([]byte, error)
Bytes serialises the request.
func (*SpendRequest) String ¶
func (r *SpendRequest) String() string
String returns a brief description.
type SpendResponse ¶
type SpendResponse struct {
Err error
}
SpendResponse is the ACK returned by a co-owner after receiving a SpendRequest.
type TokenVault ¶
TokenVault supports token deletion.
type Transaction ¶
type Transaction struct {
*ttx.Transaction
}
Transaction wraps a ttx.Transaction to provide a policy-identity-aware API.
func ReceiveSpendTx ¶
func ReceiveSpendTx(context view.Context, request *SpendRequest) (*Transaction, error)
ReceiveSpendTx is a convenience wrapper that runs ReceiveSpendTxView and returns the unsigned spend transaction so the caller can inspect it before deciding whether to endorse.
func (*Transaction) Lock ¶
func (t *Transaction) Lock(senderWallet *token2.OwnerWallet, tokenType token.Type, amount uint64, recipient token2.Identity, opts ...token2.TransferOption) error
Lock transfers amount tokens of the given type from the sender wallet to the policy recipient.
func (*Transaction) Spend ¶
func (t *Transaction) Spend(senderWallet *token2.OwnerWallet, at *token.UnspentToken, recipient token2.Identity, opts ...token2.TransferOption) error
Spend spends the given unspent token to the recipient.