This repository is archived.
You can still use onchain permissioning with Besu however we do not plan to further develop either the specific implementation of these contracts or the dapp that is contained in this repository.
Additionally, due to outdated dependencies, the below instructions to build and run the dapp may not work for new users.
Version 1 of these contracts was audited by a third party. Read the report here
The contents of this repository are Apache 2.0 licensed. Important: The dependency chain for this Dapp includes web3js which is LGPL licensed.
You probably got here from Besu. The Besu documentation describes how to use the contracts for onchain permissioning with Besu.
We recommend you use the latest released version of this project.
Note: The build process for the Dapp is currently not supported on Windows. Please use the provided distribution available at the projects release page if on Windows.
Run yarn install
to initialize project dependencies. This step is only required when setting up the project
for the first time.
Linting is set up for contracts using solium
, and for source files using prettier
. To run linting over your code execute yarn run lint
.
yarn test
The Dapp will facilitate managing permissioning rules and maintaining the list of admin accounts that can edit rules.
Note: if you want to run against Besu, follow the Besu docs.
ONLY use these instructions if you are doing development work on the Dapp itself, in which case connecting to a development server (Ganache) will enable faster development.
This is the easiest way to get started for development with the permissioning Dapp:
- Delete your environment variables named
NODE_INGRESS_CONTRACT_ADDRESS
,ACCOUNT_INGRESS_CONTRACT_ADDRESS
,ACCOUNT_STORAGE_CONTRACT_ADDRESS
,NODE_STORAGE_CONTRACT_ADDRESS
ANDCHAIN_ID
- you might need to restart your terminal session to have your changes applied. If you are using a.env
file, you can comment out the variables. - Start a terminal session and start a Truffle Ganache node running
truffle develop
. This will start a Ganache node and create a Truffle console session. - In the truffle console, run all migrations from scratch with
migrate --reset
. Keep this terminal session open to maintain your Ganache node running.
- Run
yarn run build
to build the Dapp. - Run
yarn run start
to start the web server that is serving our Dapp. - In your browser, connect MetaMask to the Ganache network (the default endpoint is
http://127.0.0.1:9545/
) - When you start Ganache, it gives you a list of accounts and private keys. Import the first one in MetaMask to impersonate the first admin of the system.
- Navigate to
http://localhost:3000
to access the Permissioning Dapp. - All changes made to the smart contracts or to the Dapp code are automatically refreshed on the website. There is no need to restart the web server after making changes.
Snapshots are compared as part of the test suite, to check any changes made to the Dapp are sensible. If you change the Dapp, you also need to update the snapshots.
yarn jest -u
- or if using npm:
npm run test:app -- -u
- Compile and migrate the contracts
- Run
yarn run build
will assemble index.html and all other files inbuild/
- You can use your preferred web server technology to serve the contents of
build/
as static files. - You will need to set up MetaMask as for the development server
- The Besu documentation describes how to use the contracts for onchain permissioning with Besu, including setting environment variables.
- The following additional environment variables are optional and can be used to prevent redeployment of rules contracts. If set to true, that contract will not be redeployed and current list data will be preserved. If absent or not set to
true
, the specified contract will be redeployed. This allows you, for instance, to retain the Admin contract while redeploying NodeRules and AccountRules, or any other combination.
RETAIN_ADMIN_CONTRACT=true
RETAIN_NODE_RULES_CONTRACT=true
RETAIN_ACCOUNT_RULES_CONTRACT=true
- The following additional environment variables are optional and can be used to permit accounts and nodes during initial contract deployment
INITIAL_ADMIN_ACCOUNTS
: The admin account addresses. Comma-separated multiple addresses can be specifiedINITIAL_ALLOWLISTED_ACCOUNTS
: The permitted account addresses. Comma-separated multiple addresses can be specifiedINITIAL_ALLOWLISTED_NODES
: The enode URLs of permitted nodes. Comma-separated multiple nodes can be specified
- With these environment variables provided, run
truffle migrate --reset
to deploy the contracts. The console will display the addresses of the contracts deployed.
- Obtain the most recent release (tarball or zip) from the projects release page
- Unpack the distribution into a folder that will be available to your webserver
- Add to the root of that folder a file
config.json
with the following contents
Note: The networkID
is defined as the chainID
in the genesis file.
{
"accountIngressAddress": "<Address of the account ingress contract>",
"nodeIngressAddress": "<Address of the node ingress contract>",
"networkId": "<ID of your ethereum network>"
}
- Use a webserver of your choice to host the contents of the folder as static files directing root requests to
index.html