Skip to content
Snippets Groups Projects

feat(identity): explicit revocation

Merged feat(identity): explicit revocation
idty_revoke into master
Merged Pascal Engélibert requested to merge idty_revoke into master
Compare
and
5 files
+ 79
2
Compare changes
  • Side-by-side
  • Inline
Files
5
pallets/identity/src/lib.rs
+ 36
1
@@ -35,7 +35,7 @@ pub use types::*;
@@ -35,7 +35,7 @@ pub use types::*;
use crate::traits::*;
use crate::traits::*;
use codec::Codec;
use codec::Codec;
use frame_support::dispatch::Weight;
use frame_support::dispatch::Weight;
use sp_runtime::traits::{AtLeast32BitUnsigned, One, Saturating, Zero};
use sp_runtime::traits::{AtLeast32BitUnsigned, IdentifyAccount, One, Saturating, Verify, Zero};
use sp_std::fmt::Debug;
use sp_std::fmt::Debug;
use sp_std::prelude::*;
use sp_std::prelude::*;
@@ -93,6 +93,10 @@ pub mod pallet {
@@ -93,6 +93,10 @@ pub mod pallet {
/// Handle the logic that remove all identity consumers.
/// Handle the logic that remove all identity consumers.
/// "identity consumers" mean all things that rely on the existence of the identity.
/// "identity consumers" mean all things that rely on the existence of the identity.
type RemoveIdentityConsumers: RemoveIdentityConsumers<Self::IdtyIndex>;
type RemoveIdentityConsumers: RemoveIdentityConsumers<Self::IdtyIndex>;
 
/// Signing key of revocation payload
 
type RevocationSigner: IdentifyAccount<AccountId = Self::AccountId>;
 
/// Signature of revocation payload
 
type RevocationSignature: Parameter + Verify<Signer = Self::RevocationSigner>;
}
}
// GENESIS STUFF //
// GENESIS STUFF //
@@ -362,6 +366,33 @@ pub mod pallet {
@@ -362,6 +366,33 @@ pub mod pallet {
Ok(().into())
Ok(().into())
}
}
 
#[pallet::weight(0)]
 
pub fn revoke_identity(
 
origin: OriginFor<T>,
 
payload: RevocationPayload<T::AccountId, T::Hash>,
 
payload_sig: T::RevocationSignature,
 
) -> DispatchResultWithPostInfo {
 
let _ = ensure_signed(origin)?;
 
if payload.genesis_hash != frame_system::Pallet::<T>::block_hash(T::BlockNumber::zero())
 
{
 
return Err(Error::<T>::BadGenesisHash.into());
 
}
 
if !payload.using_encoded(|bytes| payload_sig.verify(bytes, &payload.owner_key)) {
 
return Err(Error::<T>::BadProof.into());
 
}
 
if let Some(idty_index) = <IdentityIndexOf<T>>::take(payload.owner_key) {
 
if let Ok(_idty_value) = <Identities<T>>::try_get(idty_index) {
 
T::OnIdtyChange::on_idty_change(idty_index, IdtyEvent::Removed {});
 
} else {
 
panic!("storage corrupted");
 
}
 
Self::do_remove_identity(idty_index);
 
Ok(().into())
 
} else {
 
Err(Error::<T>::IdtyNotFound.into())
 
}
 
}
 
#[pallet::weight(0)]
#[pallet::weight(0)]
pub fn remove_identity(
pub fn remove_identity(
origin: OriginFor<T>,
origin: OriginFor<T>,
@@ -418,6 +449,10 @@ pub mod pallet {
@@ -418,6 +449,10 @@ pub mod pallet {
#[pallet::error]
#[pallet::error]
pub enum Error<T> {
pub enum Error<T> {
 
/// Genesis hash does not match
 
BadGenesisHash,
 
/// Signature is invalid
 
BadProof,
/// Creator not allowed to create identities
/// Creator not allowed to create identities
CreatorNotAllowedToCreateIdty,
CreatorNotAllowedToCreateIdty,
/// Identity already confirmed
/// Identity already confirmed