Let me take the IOU daml contract as an example. If Alice wants to send Bob an Iou, she needs the unique identifier of Bob as an argument in order to exercise the TransferIou choice. But now that she has Bob’s unique identifier, what’s stopping her from just using Bob’s identifier in the ActAs field and archive the contract. Let’s assume that both the parties exist on the same participant.
I am new to Daml and may be making some wrong assumptions here, so please feel free to correct me. Is there any other way to refer to Bob without using their unique partyID?
The Ledger API has a concept of authentication and authorization via JWTs and the user management APIs. The sandbox runs without these which means any agent can impersonate any party as you suggest.
On a production system:
- The node admin creates parties
- The node admin creates users
- The node admin gives
uAlice read/write access to
pAlice and similar for Bob.
- The node admin sets up an identity management system such that Alice can obtain a JWT that identifies her as
- Alice obtains a JWT via some OAuth flow or similar.
- Alice sense the JWT as part of every API call.
- The participant node checks whether the authenticated user has sufficient authorization for the API call.
So if Alice were to set
pBob as the
actAs party, but as per 3. above her user
uAlice only has
actAs rights to
pAlice, the API call will be rejected.
I have looked into the concept of users, but I am unsure how to deploy them. I have deployed my canton in development mode using the simple topology and made parties using the participant1.parties.enable(“Alex”) command, but I wasn’t able to find one for users. Can you tell me the commands I can use to make these users. Additionally, I would be grateful if you could link me the method to do the same using HTTPS JSON API as well.
See here for JSON API endpoints reference
See here for Canton Console commands reference.
See here for sample user setup in Daml Script.
See here for User Management main docs.