-
Notifications
You must be signed in to change notification settings - Fork 266
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
docs: adding some authwit docs #2711
Conversation
@LHerskind hope you don't mind I pushed some grammar fixes |
deactivate AC; | ||
``` | ||
|
||
:::info **TODO** |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
do we have the blogs now?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Its the ones @rahul-kothari have been working on, so partially.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Looks good to me! I added a bunch of suggestions, but none that prevents from merging. I do think there's a pass needed for reviewing styling issues, but maybe devrel can own it?
|
||
In the EVM world, this is often accomplished by having the user `approve` the protocol to transfer funds from their account, and then calling a `deposit` function on it afterwards. | ||
|
||
```mermaid |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Whoa, fancy! Does our docusaurus support this..?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Yep, it is quite nice for making it easier to update the docs without leaving the markdown files.
|
||
To limit the annoyance for return-users, some front-ends will use the `approve` function with an infinite amount, which means that the user will only has to sign the `approve` transaction once, and every future `deposit` with then use some of that "allowance" to transfer funds from the user's account to the protocol's account. | ||
|
||
This can lead to a series of issues though, eg: |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I'd argue that another issue is that you cannot know for sure how your approval will be used by the protocol. You just give them carte blanche to manage your funds, and hope that the protocol is properly designed so they are not lost.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Here you kinda still know how your funds are getting used, just where the transfer is going, but it could be lost or send it into the abyss afterwards still 🤷.
|
||
If you recall from [State model](./../state_model.md), private state is generally only known by its owner and those they have shared it with. Because it relies on secrets, private state might be "owned" by a contract, but it needs someone with knowledge of these secrets to actually spend it. You might see where this is going. | ||
|
||
If we were to implement the `approve` with an allowance in private, you might know the allowance, but unless you also know about the individual notes that make up the user's balances, it would be of no use to you! It is private after all. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I'd clarify that "know about the individual notes that make up the user's balances" requires access to the user's decryption keys, to make it even more obvious
|
||
// Example action that authenticates: | ||
// defi to transfer 1000 tokens to itself on behalf of alice_account | ||
action = H( |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Let's use the same name authentication_witness_action
as above
|
||
Given the action, the developer can ask the `on_behalf_of` account contract if the action is authenticated or not. | ||
|
||
```mermaid |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I'd personally remove the diagram from here to avoid duplication
|
||
### General utilities | ||
|
||
The primary general utility is the `compute_authwit_message_hash` function which computes the action hash from its components. This is useful for when you need to generate a hash that is not for the current call, such as when you want to update a public approval state value that is later used for [authentication in public](#updating-approval-state-in-noir). |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
This is useful for when you need to generate a hash that is not for the current call
I get the sense that generating a hash for the current call is the most common use case, right? If so, I'd introduce it first, and then present this utility later.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
If the action is mainly one-step yes, but when doing more complex where the contract also need to approve we want to use it.
|
||
The first thing we see in the snippet above, is that if `from` is not the call we are calling the `assert_current_call_valid_authwit` function from [earlier](#private-functions). If the call is not throwing, we are all good and can continue with the transfer. | ||
|
||
In the snippet we are constraining the `else` case such that only `nonce = 0` is supported. This is not strictly necessary, but because I can't stand dangling useless values. By making it constrained, we can limit what people guess it does, I hope. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
😆, but it feels odd for the "I" to suddenly pop up in the middle of the doc
docs/docs/dev_docs/contracts/resources/common_patterns/authwit.md
Outdated
Show resolved
Hide resolved
|
||
To outline an example as mentioned earlier, let's say that we have a token that implements `AuthWit` such that transfer funds from A to B is valid if A is doing the transfer, or there is a witness that authenticates the caller to transfer funds from A's account. While this specifies the spending rules, one must also know of the notes to use them for anything. This means that a witness in itself is only half the information. | ||
|
||
Creating the authentication action for the transfer of funds to the Defi contract would look like this: |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Creating the authentication action for the transfer of funds to the Defi contract would look like this: | |
Creating the authentication action for the transfer of funds to a Defi contract would look like this: |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
the
was used as it was that specific defi and not just any
|
||
The main difference is that we are not setting up an allowance, but allowing the execution of a specific action. We decided on this option as the default since it is more explicit and the user can agree exactly what they are signing. | ||
|
||
Also, most uses of the approvals are for contracts where the following interactions are called by the user themselves, so it is not a big issue that they are not as easily "transferrable" as the `permit`s. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Another difference - in the public case, all "approvals" are stored in your contract as opposed to being spread out across all contracts
|
||
### Other use-cases | ||
|
||
We don't need to limit ourselves to the `transfer` function, we can use the same scheme for any function that requires authentication. For example, for authenticating to burn or shield assets or to vote in a governance contract or perform an operation on a lending protocol. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
+1 need next steps that link to the common patterns and the dev docs on how to actually use authwit.
Also in both the pages (dev docs, common patterns), lets link this too
|
||
Authentication Witness is a scheme for authentication actions on Aztec, so users can allow third-parties (eg protocols or other users) to execute an action on their behalf. | ||
|
||
How it works logically is explained in the [foundational concepts](./../../../../concepts/foundation/accounts/authwit.md) but we will do a short recap here. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
add prerequisite reading at the top in a separate section?
docs/docs/dev_docs/contracts/resources/common_patterns/authwit.md
Outdated
Show resolved
Hide resolved
docs/docs/dev_docs/contracts/resources/common_patterns/authwit.md
Outdated
Show resolved
Hide resolved
|
||
All of these issues have been discussed in the community for a while, and there are many proposals to solve them. However, none of them have been widely adopted - ERC20 is so commonly used and changing a standard is hard. | ||
|
||
## In Aztec |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
do we not want to talk about how partial addresses are used to generate this witness?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Can you elaborate on what you mean here? What would you want to be added?
2c82481
to
5db7cb6
Compare
Co-authored-by: Santiago Palladino <[email protected]> Co-authored-by: Rahul Kothari <[email protected]>
5db7cb6
to
2130583
Compare
Benchmark resultsAll benchmarks are run on txs on the L2 block published to L1Each column represents the number of txs on an L2 block published to L1.
L2 chain processingEach column represents the number of blocks on the L2 chain where each block has 16 txs.
Circuits statsStats on running time and I/O sizes collected for every circuit run across all benchmarks.
|
Writing docs for AuthWit as part of #2710.
Checklist:
Remove the checklist to signal you've completed it. Enable auto-merge if the PR is ready to merge.