China Mobile Chain is a China Mobile blockchain service platform built on the premise of meeting the needs of my country's informatization supervision and compliance and controllability. If China Mobile Chain is compared to a computer system, then the system contract is the system setting part of China Mobile Chain, which is used to configure and manage the resources and behavior of the chain. In computer systems, system settings provide low-level control over the computer system to enable it to run various applications efficiently. Similarly, in China Mobile Chain, the system contract is the underlying protocol in China Mobile Chain, which is responsible for the configuration and management of accounts, transactions, RAM, CPU, network bandwidth, etc.
01
Account and permission system introduction
In China Mobile Chain, accounts are closely related to system contracts, and all accounts must be created and managed by system contracts. System contract execution requires a chain account to initiate. The chain account is an important participant in China Mobile Chain, which is used to manage users' assets, execute smart contracts and interact. China Mobile Chain accounts can set multiple permissions and roles. This flexible authority management mechanism enables China Mobile Chain accounts to conduct transactions more securely. And this mechanism is realized by the system contract.
When creating a new account, the following parameters need to be specified by default: account name, Active and Owner permission public keys, and required resources (the account needs to have a certain amount of resources to conduct transactions and operations, these resources include RAM, CPU, and NET).
Account name: In China Mobile Chain, the account name is a unique identifier, which is used to identify the account and receive China Mobile Chain resources. The account name must be a 12-character string, which can only contain lowercase letters az and numbers 1-5.
Public key and private key: An account can have multiple public keys, and different public keys can be used in different scenarios to encrypt and sign transactions. A private key is a string of characters associated with a public key, which is used to sign transactions and decrypt encrypted messages. Private keys must remain confidential and cannot be shared or revealed.
Permissions: There are many types of account permissions in China Mobile Chain, such as active permissions (Active), owner permissions (Owner) and contract permissions. These permissions are used to manage the access control of the account, such as restricting who can access the account, transfer funds to the account or modify account information, etc. The permissions in China Mobile Chain are very flexible, allowing account owners to define their own access rules and security policies.
If a more complex signature encryption method is required, it can be realized through multi-signature, which allows multiple signers to cooperate with multiple public-private key pairs to achieve the purpose of multi-party authorization. For example, an enterprise account can be set with 3 signers. When performing sensitive operations, at least 2 signers must be jointly authorized to complete the operation. The following figure briefly illustrates the concept of multi-signature.
We can think of Alice's authority and authorization table in the blockchain as a list that tells us how much weight she needs to sign with her own Active authority. Assuming her Active authority threshold is 2, then only when the weight reaches 2, her Active authority can be used to sign. If we change the weights of Bob and Stacy in Alice's Active permission table to 1, then their two permissions can add up to 2, and Alice's Active permission can be used to sign.
02
System contract and transaction introduction
At present, the main system contracts of China Mobile Chain are as follows:
The various sub-contracts in the China Mobile Chain system contract cooperate with each other to jointly maintain the normal operation of the system. To execute the system contract of China Mobile Chain, users need to sign it with their private key and initiate a transaction request. Transactions are then broadcast to the network and verified by network participants. Taking the transfer contract as an example, the overall execution process is as follows:
1. The user initiates a transaction and signs it with the public and private key of the corresponding authority;
2. After the node receives the transaction, it sends it to the consensus node;
3. After the consensus node receives the transaction, it sorts the transaction;
4. Transaction execution;
5. Transaction packaging and block generation;
6. Blocks are synchronized across the entire network, and transactions are run on each node;
7. The data of each node in the blockchain network is synchronized and consistent;
In order to ensure the security of the execution of the contract, the execution of the contract needs to be signed by an account, and the account authority of the signature must meet the requirements of the contract execution. For example, if a contract needs to perform a transfer operation, the account it depends on needs to have the corresponding transfer authority. If the account does not have such permissions, then the execution of the contract will fail.
03
Renovation of system contract authority management and control functions
Through the understanding of account permissions and system contract execution process, it is not difficult to find that although there is a flexible combination of permissions to confirm the attribution of account permissions, at the system contract level, it is impossible to effectively control the execution of important system contracts, such as new chain accounts, Important operations such as resource purchase, redemption, and election of consensus nodes can be called only after the signature is passed and the requirements for creating resources are met. Administrators cannot be designated to manage the permissions of these system contracts, which obviously does not conform to the management model of the open consortium chain .
In order to enhance security and meet the needs of the open consortium chain, China Mobile Chain has added the verification logic of the authority group to the main function of the system contract. When calling contracts that require permissions such as transfers and resource purchases, it is necessary to verify whether the permissions are passed. The following is the command to set up the administrator in advance:
Taking the contract for purchasing resources as an example, before purchasing resources, China Mobile Chain will pre-set the administrator authority table in the system contract for purchasing resources, and assign different administrators to different system resources. When a user purchases memory, it will check whether the current user is in the permission group. In this way, when the calling account does not have administrator privileges, an exception will be thrown and the contract will be refused to be called. This modification only adds administrators and narrows the scope of permissions, so it is backward compatible and will not cause a hard fork. The advantage of this upgrade is that it can introduce new functions and upgrade systems without interrupting the chain, making the entire system more secure and reliable.
| System contract function | Transformation of the former | After transformation |
|---|---|---|
| New chain account | Create as long as there are resources | Only chain account administrators can create |
| Buy RAM resources | Purchase with TOKEN | Memory administrators can purchase and allocate |
| Buy CPU resources | Purchase with TOKEN | CPU admins are required to purchase allocations |
| ... | ... | ... |
Through the flexible configuration of the permission table, China Mobile Chain has realized the system contract management and control function. Sensitive contracts only allow the corresponding administrators in the permission table to operate. For example, when creating a chain account, only chain account administrators are allowed to operate, and resources are sold and redeemed, only resource administrators are allowed to operate, ensuring the security and stability of data and system contracts on the chain, and also in line with the needs and requirements of the BSN open alliance chain. Target.
04
System contract authority control function verification
1. Use the administrator account to create two test accounts: testaccount2 and testaccount5. The account information is as follows:
2. Set the test account testaccount2 as an administrator account
3. The test administrator testaccount2 purchases resources, and the purchase is successful.
4. Then use the testaccount5 of the ordinary account to test the purchase of resources, and the purchase fails.
5. Now remove testaccount2 from the permission table, and perform the resource purchase test again.
6. After the permissions are removed, testaccount2 becomes a normal account and fails to purchase resources.
China Mobile Chain is committed to building an open, secure, efficient and easy-to-use blockchain infrastructure network to meet the needs of various enterprises and developers. In the future, we will continue to enhance the capabilities of the underlying framework of China Mobile Chain, and provide more diversified technology choices and more reliable infrastructure guarantees for enterprises and developers in the BSN ecosystem.
05
References
[1] BSN open alliance chain:
https://opb.bsnbase.com/main/index
[2] Official EOSIO account and authority introduction:
https://developers.eos.io/welcome/latest/protocol-guides/accounts_and_permissions
[3] Official EOSIO transaction introduction:
https://developers.eos.io/welcome/latest/protocol-guides/transactions_protocol
[4] Official EOSIO smart contract introduction:
https://developers.eos.io/welcome/latest/smart-contract-guides/index
-END-