boolpolicy

package
v0.14.2 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Jul 10, 2026 License: Apache-2.0 Imports: 17 Imported by: 0

Documentation

Overview

Package boolpolicy provides a spend-coordination protocol for policy identity tokens. For OR policies a single co-owner can spend unilaterally; for AND policies all co-owners must endorse. The RequestSpendView / ReceiveSpendTxView pair mirrors the multisig spend protocol and is reused for the AND case.

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

func GetWallet

func GetWallet(context view.Context, id string, opts ...token.ServiceOption) *token.OwnerWallet

GetWallet returns the owner wallet for the given id.

func NewFinalityView

func NewFinalityView(tx *Transaction, opts ...ttx.TxOption) view.View

NewFinalityView returns a view that waits for the given transaction to reach finality.

func RequestRecipientIdentity

func RequestRecipientIdentity(context view.Context, policy string, parties []token.Identity, opts ...token.ServiceOption) (token.Identity, error)

RequestRecipientIdentity requests a policy identity from the given parties. The policy expression (e.g. "$0 OR $1") governs how component signatures are evaluated.

Types

type EscrowAuth

type EscrowAuth struct {
	WalletService driver.WalletService
}

EscrowAuth implements the Authorization interface for policy identity tokens.

func NewEscrowAuth

func NewEscrowAuth(walletService driver.WalletService) *EscrowAuth

NewEscrowAuth returns a new EscrowAuth.

func (*EscrowAuth) AmIAnAuditor

func (s *EscrowAuth) AmIAnAuditor() bool

AmIAnAuditor returns false; policy identities are never auditors.

func (*EscrowAuth) IsMine

func (s *EscrowAuth) IsMine(ctx context.Context, tok *token3.Token) (string, []string, bool)

IsMine returns true if any component identity of the policy token belongs to one of our owner wallets.

func (*EscrowAuth) Issued

func (s *EscrowAuth) Issued(_ context.Context, _ driver.Identity, _ *token3.Token) bool

Issued always returns false; policy identities are not issuers.

func (*EscrowAuth) OwnerType

func (s *EscrowAuth) OwnerType(raw []byte) (driver.IdentityType, []byte, error)

OwnerType returns the identity type and inner bytes of a typed identity.

type OwnerWallet

type OwnerWallet struct {
	// contains filtered or unexported fields
}

OwnerWallet is a wallet wrapper that exposes policy-identity-filtered token lists.

func Wallet

func Wallet(context view.Context, wallet *token.OwnerWallet) *OwnerWallet

Wallet returns an OwnerWallet wrapping the given wallet with policy-token filtering.

func (*OwnerWallet) ListTokens

func (w *OwnerWallet) ListTokens(ctx context.Context, opts ...token.ListTokensOption) (*token2.UnspentTokens, error)

ListTokens returns unspent tokens whose owner is a policy identity and whose component identities include at least one belonging to this wallet.

func (*OwnerWallet) ListTokensIterator

func (w *OwnerWallet) ListTokensIterator(ctx context.Context, opts ...token.ListTokensOption) (iterators.Iterator[*token2.UnspentToken], error)

ListTokensIterator is the iterator variant of ListTokens.

func (*OwnerWallet) VerifyApprover

func (w *OwnerWallet) VerifyApprover(tok *token2.UnspentToken, approver token.Identity) error

VerifyApprover checks that tok is owned by a policy identity and that approver is listed as one of its component identities. It returns an error when the token is not a policy token or when approver is absent from the policy's identity list.

type QueryEngine

type QueryEngine interface {
	UnspentTokensIteratorBy(ctx context.Context, id string, tokenType token2.Type) (driver.UnspentTokensIterator, error)
}

QueryEngine knows how to iterate over unspent tokens.

type ReceiveSpendRequestView

type ReceiveSpendRequestView struct{}

ReceiveSpendRequestView is the responder-side view that reads a SpendRequest.

func NewReceiveSpendRequestView

func NewReceiveSpendRequestView() *ReceiveSpendRequestView

NewReceiveSpendRequestView returns a new ReceiveSpendRequestView.

func (*ReceiveSpendRequestView) Call

func (f *ReceiveSpendRequestView) Call(context view.Context) (any, error)

Call implements view.View.

type ReceiveSpendTxView

type ReceiveSpendTxView struct {
	// contains filtered or unexported fields
}

ReceiveSpendTxView is the co-owner's view for AND-policy spends: it ACKs the SpendRequest and returns the assembled transaction received from the initiator without endorsing it. The caller inspects the transaction and, if the checks pass, runs ttx.NewEndorseView(tx) to produce the signature.

Splitting receive from endorse lets the application decide which business-logic checks to apply rather than baking a fixed policy into the library.

func NewReceiveSpendTxView

func NewReceiveSpendTxView(request *SpendRequest) *ReceiveSpendTxView

NewReceiveSpendTxView returns a new ReceiveSpendTxView for the given request.

func (*ReceiveSpendTxView) Call

func (a *ReceiveSpendTxView) Call(context view.Context) (any, error)

Call implements view.View. It sends the SpendResponse ACK, receives the assembled transaction, and returns it without endorsing. Endorsement is the caller's responsibility once any business-logic checks pass.

type RequestSpendView

type RequestSpendView struct {
	// contains filtered or unexported fields
}

RequestSpendView sends a SpendRequest to all co-owners of a policy token and collects their acknowledgements. This is needed for AND policies; OR-policy spends can skip this step.

func NewRequestSpendView

func NewRequestSpendView(unspentToken *token.UnspentToken, opts ...token2.ServiceOption) *RequestSpendView

NewRequestSpendView creates a RequestSpendView for the given policy token.

func (*RequestSpendView) Call

func (c *RequestSpendView) Call(context view.Context) (any, error)

Call implements view.View.

type SpendRequest

type SpendRequest struct {
	Token *token.UnspentToken
}

SpendRequest carries a policy token selected for spending to co-owners.

func ReceiveSpendRequest

func ReceiveSpendRequest(context view.Context) (*SpendRequest, error)

ReceiveSpendRequest receives an incoming SpendRequest on the current session.

func (*SpendRequest) Bytes

func (r *SpendRequest) Bytes() ([]byte, error)

Bytes serialises the request.

func (*SpendRequest) String

func (r *SpendRequest) String() string

String returns a brief description.

type SpendResponse

type SpendResponse struct {
	Err error
}

SpendResponse is the ACK returned by a co-owner after receiving a SpendRequest.

type TokenVault

type TokenVault interface {
	DeleteTokens(ctx context.Context, toDelete ...*token2.ID) error
}

TokenVault supports token deletion.

type Transaction

type Transaction struct {
	*ttx.Transaction
}

Transaction wraps a ttx.Transaction to provide a policy-identity-aware API.

func ReceiveSpendTx

func ReceiveSpendTx(context view.Context, request *SpendRequest) (*Transaction, error)

ReceiveSpendTx is a convenience wrapper that runs ReceiveSpendTxView and returns the unsigned spend transaction so the caller can inspect it before deciding whether to endorse.

func Wrap

func Wrap(tx *ttx.Transaction) *Transaction

Wrap wraps a ttx.Transaction.

func (*Transaction) Lock

func (t *Transaction) Lock(senderWallet *token2.OwnerWallet, tokenType token.Type, amount uint64, recipient token2.Identity, opts ...token2.TransferOption) error

Lock transfers amount tokens of the given type from the sender wallet to the policy recipient.

func (*Transaction) Spend

func (t *Transaction) Spend(senderWallet *token2.OwnerWallet, at *token.UnspentToken, recipient token2.Identity, opts ...token2.TransferOption) error

Spend spends the given unspent token to the recipient.

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL