updates eip5573 to reflect changes in CACAO and UCAN specs#7
updates eip5573 to reflect changes in CACAO and UCAN specs#7
Conversation
|
The commit 67ecd38 (as a parent of 58e533f) contains errors. Please inspect the Run Summary for details. |
|
The commit 342e0d8 (as a parent of ee86ef2) contains errors. Please inspect the Run Summary for details. |
|
The commit cda31ca (as a parent of ec3e3cd) contains errors. Please inspect the Run Summary for details. |
chunningham
force-pushed
the
feat/update-eip5573
branch
from
cda31ca to
67ecd38
Compare
|
The commit 67ecd38 (as a parent of 288a6f9) contains errors. Please inspect the Run Summary for details. |
|
The commit bd697ac (as a parent of da1411e) contains errors. Please inspect the Run Summary for details. |
chunningham
force-pushed
the
feat/update-eip5573
branch
from
bd697ac to
0db8b64
Compare
|
The commit 0db8b64 (as a parent of 4a41bd9) contains errors. Please inspect the Run Summary for details. |
EIPS/eip-5573.md
Outdated
|
|
||
| While SIWE focuses on authenticating the Ethereum account against the service (relying party or SIWE client) initiating the SIWE flow, there is no canonical way to interact with a third-party service (resource service) on behalf of the authenticated Ethereum account. For example, a relying party might want to interact with another service on behalf of the Ethereum account, for example a service that provides data storage for the Ethereum account. This specification introduces a mechanism, that allows the service (or more generally a delegee) to combine authentication and authorization of such while preserving security and optimizing UX. | ||
|
|
||
| Note, this approach is a similar mechanism to combining OpenID Connect (SIWE auth) and OAuth2 (SIWE ReCap) whereas SIWE ReCap follows an Object Capability-based approach. |
There was a problem hiding this comment.
I'm finding this sentence a bit difficult to parse. I'm not sure of the exact intention, but maybe something like:
| Note, this approach is a similar mechanism to combining OpenID Connect (SIWE auth) and OAuth2 (SIWE ReCap) whereas SIWE ReCap follows an Object Capability-based approach. | |
| Note, this approach is a similar mechanism to combining OpenID Connect (SIWE auth) and OAuth2 (SIWE ReCap), however SIWE ReCap follows an Object Capability-based approach [as opposed to X in OAuth2]. |
There was a problem hiding this comment.
Also not sure of the intended meaning here, tried to clarify by relating siwe to IODC and recap to OAuth2
There was a problem hiding this comment.
SIWE + Recap = OpenID (ID tokens) + OAuth2 (Access Tokens with DPoP and scopes)
EIPS/eip-5573.md
Outdated
| example.com wants you to sign in with your Ethereum account: | ||
| 0x0000000000000000000000000000000000000000 | ||
|
|
||
| I further authorize did:key:example to perform the following actions on my behalf: (1) "example": "append", "read" for "https://example.com". (2) "other": "action" for "https://example.com". (3) "example": "append", "delete" for "my:resource:uri.1". (4) "example": "append" for "my:resource:uri.2". (5) "example": "append" for "my:resource:uri.3". |
There was a problem hiding this comment.
Are we updating the statement to stated URI instead of the in-line URI?
EIPS/eip-5573.md
Outdated
| This example is also expected to transform into the following `recap-uri`: | ||
|
|
||
| ```text | ||
| urn:recap:eyJhdHQiOnsiaHR0cHM6Ly9leGFtcGxlLmNvbS9waWN0dXJlcyI6eyJjcnVkL2RlbGV0ZSI6W10sImNydWQvdXBkYXRlIjpbXSwib3RoZXIvYWN0aW9uIjpbXX0sIm1haWx0bzp1c2VybmFtZUBleGFtcGxlLmNvbSI6eyJtc2cvcmVjaWV2ZSI6W3sibWF4X2NvdW50Ijo1LCJ0ZW1wbGF0ZXMiOlsibmV3c2xldHRlciIsIm1hcmtldGluZyJdfV0sIm1zZy9zZW5kIjpbeyJ0byI6ImpvZUBlbWFpbC5jb20ifV19fSwicHJmIjpbImJhZnliZWlnazdseTNwb2c2dXVweGt1M2I2YnViaXJyNDM0aWI2dGZheW12b3g2Z290YWFhYWFhYWFhIl19 |
There was a problem hiding this comment.
URI is out of date. Not sure about whether we want padding.
| urn:recap:eyJhdHQiOnsiaHR0cHM6Ly9leGFtcGxlLmNvbS9waWN0dXJlcyI6eyJjcnVkL2RlbGV0ZSI6W10sImNydWQvdXBkYXRlIjpbXSwib3RoZXIvYWN0aW9uIjpbXX0sIm1haWx0bzp1c2VybmFtZUBleGFtcGxlLmNvbSI6eyJtc2cvcmVjaWV2ZSI6W3sibWF4X2NvdW50Ijo1LCJ0ZW1wbGF0ZXMiOlsibmV3c2xldHRlciIsIm1hcmtldGluZyJdfV0sIm1zZy9zZW5kIjpbeyJ0byI6ImpvZUBlbWFpbC5jb20ifV19fSwicHJmIjpbImJhZnliZWlnazdseTNwb2c2dXVweGt1M2I2YnViaXJyNDM0aWI2dGZheW12b3g2Z290YWFhYWFhYWFhIl19 | |
| urn:recap:eyJhdHQiOnsiaHR0cHM6Ly9leGFtcGxlLmNvbS9waWN0dXJlcy8iOnsiY3J1ZC9kZWxldGUiOltdLCJjcnVkL3VwZGF0ZSI6W10sIm90aGVyL2FjdGlvbiI6W119LCJtYWlsdG86dXNlcm5hbWVAZXhhbXBsZS5jb20iOnsibXNnL3JlY2VpdmUiOlt7Im1heF9jb3VudCI6NSwidGVtcGxhdGVzIjpbIm5ld3NsZXR0ZXIiLCJtYXJrZXRpbmciXX1dLCJtc2cvc2VuZCI6W3sidG8iOiJzb21lb25lQGVtYWlsLmNvbSJ9LHsidG8iOiJqb2VAZW1haWwuY29tIn1dfX0sInByZiI6WyJiYWZ5YmVpZ2s3bHkzcG9nNnV1cHhrdTNiNmJ1YmlycjQzNGliNnRmYXltdm94NmdvdGFhYWFhYWFhYSJdfQ== |
There was a problem hiding this comment.
without padding imo but not a strong opinion
Co-authored-by: Jacob <[email protected]>
Co-authored-by: Jacob <[email protected]>
|
The commit 88b42fc (as a parent of eabf3fd) contains errors. Please inspect the Run Summary for details. |
|
The commit 6e9cc65 (as a parent of 203f49b) contains errors. Please inspect the Run Summary for details. |
Co-authored-by: Jacob <[email protected]>
|
The commit a49de60 (as a parent of 341ad41) contains errors. Please inspect the Run Summary for details. |
|
The commit a17114a (as a parent of 07c9c6e) contains errors. Please inspect the Run Summary for details. |
Co-authored-by: Jacob <[email protected]>
Co-authored-by: Jacob <[email protected]>
|
The commit 58c11ce (as a parent of 45b6367) contains errors. Please inspect the Run Summary for details. |
|
The commit f0eb17b (as a parent of 9fdae0b) contains errors. Please inspect the Run Summary for details. |
Co-authored-by: Jacob <[email protected]>
|
The commit 87d256b (as a parent of 0c6b552) contains errors. Please inspect the Run Summary for details. |
Co-authored-by: Jacob <[email protected]>
Co-authored-by: Jacob <[email protected]>
Co-authored-by: Jacob <[email protected]>
|
The commit a0a06a0 (as a parent of a82bfda) contains errors. Please inspect the Run Summary for details. |
|
The commit a9f0f73 (as a parent of 007c007) contains errors. Please inspect the Run Summary for details. |
|
The commit 561e0b1 (as a parent of 3089a22) contains errors. Please inspect the Run Summary for details. |
|
The commit f63a8b5 (as a parent of de6fbf4) contains errors. Please inspect the Run Summary for details. |
|
The commit e35acd7 (as a parent of 7f44ac2) contains errors. Please inspect the Run Summary for details. |
|
The commit 9a0ff9b (as a parent of 235ea36) contains errors. Please inspect the Run Summary for details. |
|
The commit b81f87a (as a parent of ec0dad6) contains errors. Please inspect the Run Summary for details. |
|
The commit c161ef7 (as a parent of 056e405) contains errors. Please inspect the Run Summary for details. |
|
The commit 5f41553 (as a parent of 197a773) contains errors. Please inspect the Run Summary for details. |
* EIP Motivation and Specification for "Multi-operator, per-token ERC721 approval."
* Add remaining authors' names
* Interface overhaul with explanation in EIP markdown.
* Add `Abstract` and `@dev` note about interplay with `setApprovalForAll()`.
* Partial response to cxkoda review
* Full response to cxkoda review
* Explicitly include OZ `IERC{165,721}.sol` instead of using a submodule
* Minor typo and wording changes to draft.
* Prune authors to active participants as they can always be re-added later
* Revert `.gitignore` so as to not change it in the EIP draft (#7)
* Set presumptive EIP number and fix linter complaints (#5)
* Rename files and directories to include EIP number
* Address linter (`EIP Walidator`) issues
* Add presumed EIP number based on PR: 6464
* Revert `.gitignore` to get through initial draft acceptance
* Do the last commit properly ;)
* Add ERC category
* Fix linter issues (#8)
* Update EIP- references to ERC-
* Remove OpenZeppelin interfaces and replace with original EIP versions; change 6464 license to CC0
* Add `solidity` language tag to code block
|
The commit 01b8c29 (as a parent of 26c8469) contains errors. |
) * updates eip5573 to reflect changes in CACAO and UCAN specs (#7) * updates eip5573 to reflect changes in CACAO and UCAN specs * clearly define the meaning of lexicographic ordering * Update EIPS/eip-5573.md Co-authored-by: Jacob <[email protected]> * Update EIPS/eip-5573.md Co-authored-by: Jacob <[email protected]> * remove unnecessary comma * Update EIPS/eip-5573.md Co-authored-by: Jacob <[email protected]> * Update EIPS/eip-5573.md Co-authored-by: Jacob <[email protected]> * Update EIPS/eip-5573.md Co-authored-by: Jacob <[email protected]> * Update EIPS/eip-5573.md Co-authored-by: Jacob <[email protected]> * remove uri field from statement * update recap-uri example * clarify that recap uris go at the end of the resource list * clarify comparison to OIDC/OAuth2 * specify how recap objects can be combined * remove mention of namespace * Update EIPS/eip-5573.md Co-authored-by: Jacob <[email protected]> * better wording of recap purpose/niche * specify b64 without padding * Update EIPS/eip-5573.md Co-authored-by: Jacob <[email protected]> * Update EIPS/eip-5573.md Co-authored-by: Jacob <[email protected]> * Update EIPS/eip-5573.md Co-authored-by: Jacob <[email protected]> * Update EIPS/eip-5573.md Co-authored-by: Jacob <[email protected]> * Update EIPS/eip-5573.md Co-authored-by: Jacob <[email protected]> * consistent spelling * rename delegee -> Relying Party * update example recap uri * fix abstract wording a little bit * use reference for b64url link * fix references layout * apply markdown linter --------- Co-authored-by: Jacob <[email protected]> Co-authored-by: Samuel Gbafa <[email protected]> * change EIP to ERC, remove non-relative link (#8) --------- Co-authored-by: chunningham <[email protected]> Co-authored-by: Jacob <[email protected]>
4 participants
This PR updates EIP5573 to enable easier integration with CACAO and UCAN by:
tarandextfields withattandprfattcontaining URIs as keys and objects as values<namespace>/<name>ability strings as keys and an array of note-bene/restriction objects as values.+*-_prfcontaining an array of CIDs representing prior authorisationsrecap-objectto have lexicographically ordered keysrecap-uriper SIWE message that must appear as the final entry in the resource listrecap-uriBy matching the
recap-objectto theattandprfstructure of ucan/cacao, interoperability between them becomes possible by treating a SIWE-recap as just one way of representing the same information, for signature verification purposes.