Threshold Access Control (TACo)
  • Getting Started
    • Introduction to TACo
    • How TACo Works
    • Quickstart (Testnet)
  • For Developers
    • Integrate TACo Into Apps
      • Testnets
      • Mainnet Access
      • Mainnet Deployment
    • Ecosystem Integrations
      • OrbisDB
      • Waku
      • Irys
      • ComposeDB
      • Turbo
    • API
      • Encryptor Allowlist
      • Encrypt & Decrypt
      • Authentication
        • Condition Context
      • Access Control
        • TimeCondition
        • RpcCondition
        • ContractCondition
          • Use custom contract calls
          • Implement access revocation via smart contract
        • JSON Endpoint Conditions
          • JsonApiCondition
          • JsonRpcCondition
        • JWT Conditions
        • Logical Conditions
          • CompoundCondition
          • IfThenElseCondition
          • SequentialCondition
        • WIP / Feature Requests
          • Any (Major) EVM Chain Condition Support
    • Blueprints & Inspiration
      • Seed phrase recovery & transfer
      • Digital Rights Management for on-chain assets
      • Trustless channels for journalists, archivists & whistleblowers
      • Crowdsourcing real-world data with trustless contribution
  • For Product Leads
    • Value Propositions
    • Capabilities & Extensions
    • Use cases
      • Seed phrase recovery & transfer
      • Digital Rights Management for on-chain assets
      • Trustless channels for journalists, archivists & whistleblowers
      • Crowdsourcing real-world data with trustless contribution
    • Mainnet Fees
    • Trust Assumptions
      • Mainnet Trust Disclosure (Provider Answers)
      • Mainnet Trust Model Foundation
      • Trust levers & parameter packages
  • Reference
    • Contract Addresses
    • Architecture
      • Porter
    • Github
    • TACo Playground
    • TACo Scan
  • For Node Operators
    • Getting Set Up
      • Minimum System Requirements
      • Run a TACo Node with Docker
    • Operations
      • TACo Node Management
      • TACo Node Recovery
      • Stake Authorization
    • Duties, Compensation & Penalties
    • Run a Porter Instance
Powered by GitBook
On this page
  • Base Conditions
  • returnValueTest
  • Context Variables
  • Logical Conditions
  1. For Developers
  2. API

Access Control

PreviousCondition ContextNextTimeCondition

Last updated 7 months ago

This section focuses on Condition types, composition and usage.

Base Conditions

Base conditions define specific criteria for access, and each includes a returnValueTest to compare the actual execution result with the expected value. These include:

  • – time-based conditions using block height and other blockchain-based timestamps. Example: only allow access after a certain timestamp.

  • – based on RPC calls as defined in Ethereum's Official . Example: allow access if the requestor address holds a minimum ETH balance.

  • – uses on-chain state, allowing arbitrary contract function calls. Example: allow access if this requestor holds a special-purpose NFT.

  • - uses state from a JSON HTTPS endpoint. Example: allow discount on event tickets/merchandise if there is "bad" weather according to a specific weather API.

Each base condition defines a used to compare the obtained execution value with the expected value for the condition.

returnValueTest

A returnValueTest is a mechanism used by a condition to evaluate whether a specific execution result meets a specified criterion. It allows dynamic comparisons between the actual returned value and the expected value.

It consists of three key components:

  • comparator: defines the comparison operation to apply between the actual value obtained and the expected value. The available operators include:

    • ==: equal to

    • !=: not equal to

    • >: greater than

    • <: less than

    • >=: greater than or equal to

    • <=: less than or equal to

  • value: the expected value to compare against the actual returned value.

  • index (optional): indicates the position of the value to use for comparison within a list or array when multiple values are returned. If the response includes several values, this index determines which entry to evaluate. If the index is not specified, the entire response is used. For instance, if the array ["apple", "banana", "grape"] is returned during execution, an index of 1 would select "banana" as the value for comparison.

Context Variables

Logical Conditions

Logical conditions use control structures to determine overall condition outcomes based on the results of underlying conditions. These include:

Since condition evaluations may require making remote calls (e.g. RPC calls, etc.), the number of conditions allowed within a Logical Condition is limited.

A single Logical Conditioncan contain a maximum of five conditions. Additionally, the nesting of a Logical Condition within a Logical Condition is allowed, but the maximum nesting depth is restricted to two levels. Therefore, a Logical Condition can contain a sub-Logical Condition but that sub-Logical Condition cannot subsequently contain a Logical Condition.

provide the ability for placeholder values to be defined within conditions at encryption time, and be dynamically populated at decryption time e.g. current user wallet address.

- allows access conditions to be combined using logical operators such as or, and & not .

- chains access conditions to be executed in a specific order, where the outcome of one condition can be used by subsequent conditions.

- implements branching logic for access conditions where the flow follows an if-then-else structure i.e. IF CONDITION_A THEN CONDITION_B ELSE CONDITION_C

Context variables
CompoundCondition
SequentialCondition
IfThenElseCondition
TimeCondition
RpcCondition
API
ContractCondition
JsonApiCondition
returnValueTest