6 releases
| 0.3.1 | Oct 10, 2022 |
|---|---|
| 0.3.0 | Oct 7, 2022 |
| 0.2.2 | Aug 18, 2022 |
| 0.2.0 | Jul 29, 2022 |
| 0.1.0 | Jul 21, 2022 |
#11 in #delegation
23 downloads per month
29KB
587 lines
Capgrok - capabilities for humans to read.
Use this crate to build wallet-signable messages with capability delegations. The generated message contains two representations of the capabilities: an unambiguous machine-readable representation, and a human-readable description. Of the two representations, the latter is deterministically generated from the former.
Message formats
We currently support the following message formats:
- EIP-4361: Sign-In With Ethereum (SIWE)
SIWE Examples
An example with:
- the capability to
presentany credential - the capability to
presentcredentials of typetype1(technically redundant) - the capability to
list,getand retrievemetadatafrom the kepler locationkepler:ens:example.eth://default/kv - the capability to
list,get, retrievemetadata,putanddeletefrom the kepler locationskepler:ens:example.eth://default/kv/publicandkepler:ens:example.eth://default/kv/dapp-space
let credential: Namespace = "credential".parse().unwrap();
let kepler: Namespace = "kepler".parse().unwrap();
let msg = Builder::new()
.with_default_actions(&credential, ["present"])
.with_actions(&credential, "type:type1", ["present"])
.with_actions(
&kepler,
"kepler:ens:example.eth://default/kv",
["list", "get", "metadata"],
)
.with_actions(
&kepler,
"kepler:ens:example.eth://default/kv/public",
["list", "get", "metadata", "put", "delete"],
)
.with_actions(
&kepler,
"kepler:ens:example.eth://default/kv/dapp-space",
["list", "get", "metadata", "put", "delete"],
)
.build(Message {
domain: "example.com".parse().unwrap(),
address: Default::default(),
statement: None,
uri: "did:key:example".parse().unwrap(),
version: siwe::Version::V1,
chain_id: 1,
nonce: "mynonce1".into(),
issued_at: "2022-06-21T12:00:00.000Z".parse().unwrap(),
expiration_time: None,
not_before: None,
request_id: None,
resources: vec![],
})?;
Which produces this SIWE message:
example.com wants you to sign in with your Ethereum account:
0x0000000000000000000000000000000000000000
I further authorize did:key:example to perform the following actions on my behalf: (1) credential: present for any. (2) credential: present for type:type1. (3) kepler: list, get, metadata for kepler:ens:example.eth://default/kv. (4) kepler: list, get, metadata, put, delete for kepler:ens:example.eth://default/kv/dapp-space, kepler:ens:example.eth://default/kv/public.
URI: did:key:example
Version: 1
Chain ID: 1
Nonce: mynonce1
Issued At: 2022-06-21T12:00:00.000Z
Resources:
- urn:capability:credential:eyJkZWZhdWx0QWN0aW9ucyI6WyJwcmVzZW50Il0sInRhcmdldGVkQWN0aW9ucyI6eyJ0eXBlOnR5cGUxIjpbInByZXNlbnQiXX19
- urn:capability:kepler:eyJ0YXJnZXRlZEFjdGlvbnMiOnsia2VwbGVyOmVuczpleGFtcGxlLmV0aDovL2RlZmF1bHQva3YiOlsibGlzdCIsImdldCIsIm1ldGFkYXRhIl0sImtlcGxlcjplbnM6ZXhhbXBsZS5ldGg6Ly9kZWZhdWx0L2t2L2RhcHAtc3BhY2UiOlsibGlzdCIsImdldCIsIm1ldGFkYXRhIiwicHV0IiwiZGVsZXRlIl0sImtlcGxlcjplbnM6ZXhhbXBsZS5ldGg6Ly9kZWZhdWx0L2t2L3B1YmxpYyI6WyJsaXN0IiwiZ2V0IiwibWV0YWRhdGEiLCJwdXQiLCJkZWxldGUiXX1
Sign-in only
A Message can be built without any capabilities, in which case a statement with only the "sign-in" message is generated:
let msg: Message = DelegationBuilder::new()
.build(Message {
domain: "example.com".parse().unwrap(),
address: Default::default(),
statement: None,
uri: "did:key:example".parse().unwrap(),
version: siwe::Version::V1,
chain_id: 1,
nonce: "mynonce1".into(),
issued_at: "2022-06-21T12:00:00.000Z".parse().unwrap(),
expiration_time: None,
not_before: None,
request_id: None,
resources: vec![],
}))?;
Which produces this SIWE message:
'example.com wants you to sign in with your Ethereum account:
0x0000000000000000000000000000000000000000
URI: did:key:example
Version: 1
Chain ID: 1
Nonce: mynonce1
Issued At: 2022-06-21T12:00:00.000Z
Dependencies
~8.5MB
~147K SLoC