Add Authorization to EOS Blockchain Based Smart Contract

1.0  Introduction

In our last article, we leaned, how to write smart contract in EOS blockchain. Our hi action can be called even with mismatched authorization. In this article, we will learn, how to add authorization to our smart contract so that mismatched authorization will result in error message.

2.0  Authorization

EOS blockchian implemented asymmetric cryptography also known as public-key cryptography to verify that the account submitting a transaction has signed it with the matching private key.  To know more about eos network, visit https://eossupport.io. 

Following functions are used to implement authorization checks in EOS smart contract:

·        has_auth(name n);

·        require_auth(name n);

·        require_auth2(capi_name name, capi_name permission);

·        check(bool pred, ...)

We will use require_auth function to implement authorization.

3.0  Implementation

Replace our previously written hi action by the following lines of code:

[[eosio::action]] void hi( eosio::name user ) { 

            require_auth( user );

            print( "Hello, ", user);

        }        

Please note that we have added the line require_auth( user ); to our previously written hi action. Now, the hi action can be executed only by the user that is sent as parameter.

The complete smart contract looks like this:

#include <eosio/eosio.hpp>

 

class [[eosio::contract]] hello : public eosio::contract {

    public:

        using eosio::contract::contract;

        [[eosio::action]] void hi( eosio::name user ) {

            require_auth( user );

            print( "Hello, ", user);

        }

};        

4.0 Compile and deploy

While you are in hello directory, use the following command to recompile and deploy modified smart contract:

eosio-cpp -abigen -o hello.wasm hello.cpp        

Your abi file is not changed, need not to set it again, but wasm file is changed set it again:

cleos set code hello hello.wasm        

5.0 Test your smart contract

We will create two accounts called luv and kush to test authorization of our smart contract:

a) Create the account luv using the command given below:

cleos create account eosio luv EOS6MRyAjQq8ud7hVNYcfnVPJqcVpscN5So8BhtHuGYqET5GDW5CV        

b) Create the account kush using the command given below:

cleos create account eosio kush EOS6MRyAjQq8ud7hVNYcfnVPJqcVpscN5So8BhtHuGYqET5GDW5CV        

c) Call hi action with mismatched authorization. Try to say “Hello, luv” with the signing authority of kush:

cleos push action hello hi '["luv"]' -p kush@active        

Check that “Missing required authority” error message is displayed.

d) Now, call hi action with proper authorization. Try to say “Hello, luv” with the signing authority of luv:

cleos push action hello hi '["luv"]' -p luv@active        

Check that “Hello, luv” message is displayed. Now, authorization has been incorporated in your smart contract.

6.0  Conclusion

In this article, we have learned, how to set authorization in eos blockchain based smart contract.  We have used require_auth function to implement authorization, but there are many other functions for the same purpose, you can try out them.