Skip to content

Add runtime API for authorizations#491

Merged
bkontur merged 12 commits into
mainfrom
auth-runtime-api
May 21, 2026
Merged

Add runtime API for authorizations#491
bkontur merged 12 commits into
mainfrom
auth-runtime-api

Conversation

@franciscoaguirre
Copy link
Copy Markdown
Contributor

@franciscoaguirre franciscoaguirre commented May 5, 2026
edited
Loading

Addresses #495

We have recently changed the AuthorizationExtent fields with data irrelevant for most client applications. I'm adding a runtime API for returning a simpler and more stable version of authorizations for client applications to use.

TODO

  • Add expiration

@franciscoaguirre franciscoaguirre marked this pull request as draft May 5, 2026 14:01
bkontur
bkontur reviewed May 5, 2026
View reviewed changes
Comment thread pallets/transaction-storage/runtime-api/src/lib.rs Outdated
bkontur
bkontur reviewed May 5, 2026
View reviewed changes
Comment thread pallets/transaction-storage/runtime-api/src/lib.rs Outdated
bkontur
bkontur reviewed May 8, 2026
View reviewed changes
Comment thread pallets/transaction-storage/runtime-api/Cargo.toml
bkontur
bkontur reviewed May 8, 2026
View reviewed changes
Comment thread runtimes/bulletin-paseo/src/lib.rs Outdated
bkontur
bkontur reviewed May 8, 2026
View reviewed changes
Comment thread pallets/transaction-storage/runtime-api/src/lib.rs
#[derive(Clone, Copy, Debug, Default, PartialEq, Eq, Encode, Decode, TypeInfo)]
pub struct AccountAuthorization<BlockNumber> {
/// Block at which this account's authorization expires.
pub expires_at: BlockNumber,
Copy link
Copy Markdown
Collaborator

@bkontur bkontur May 8, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

not sure if client will be able to interpret this - relay block, Bulletin para block?

Copy link
Copy Markdown
Contributor Author

@franciscoaguirre franciscoaguirre May 13, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Do you want to use time? Relay chain block would be better for me, I'm vouching for that

Copy link
Copy Markdown
Collaborator

@bkontur bkontur May 13, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Do you want to use time? Relay chain block would be better for me, I'm vouching for that

Well, I don't know now, we don't use relay chain blocks, and everything is in Bulletin parachain blocks. I am not sure about the time. For now, with actual impl, I would just consider this Bulletin para block number and client could interpret this to the real clock time?

Copy link
Copy Markdown
Contributor Author

@franciscoaguirre franciscoaguirre May 20, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

With authorization slots, this will be relay blocks

bkontur
bkontur reviewed May 8, 2026
View reviewed changes
Comment thread pallets/transaction-storage/runtime-api/src/lib.rs Outdated
bkontur
bkontur reviewed May 8, 2026
View reviewed changes
Comment thread runtimes/bulletin-paseo/src/lib.rs Outdated
bkontur
bkontur reviewed May 9, 2026
View reviewed changes
Comment thread pallets/transaction-storage/runtime-api/src/lib.rs Outdated
@franciscoaguirre franciscoaguirre self-assigned this May 15, 2026
@franciscoaguirre franciscoaguirre marked this pull request as ready for review May 15, 2026 19:55
bkontur
bkontur reviewed May 20, 2026
View reviewed changes
Comment thread pallets/transaction-storage/src/lib.rs Outdated
bkontur
bkontur reviewed May 20, 2026
View reviewed changes
Comment thread pallets/transaction-storage/src/lib.rs Outdated
karolk91
karolk91 reviewed May 21, 2026
View reviewed changes
Comment thread pallets/transaction-storage/src/lib.rs Outdated
/// - `who` has an unexpired authorization entry
/// - per-account hard cap: `bytes_permanent + size <= bytes_allowance`
/// - chain-wide hard cap: `PermanentStorageUsed + size <= MaxPermanentStorageSize`
pub fn can_renew(who: &T::AccountId, content_hash: ContentHash) -> bool {
Copy link
Copy Markdown
Collaborator

@karolk91 karolk91 May 21, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I think can_renew should also take into account the case of AUTO_RENEWAL_ALREADY_ENABLED - maybe we could extract some common "verify" method between this API and check_signed (related to renews) so these are less likely to diverge

@karolk91
Copy link
Copy Markdown
Collaborator

karolk91 commented May 21, 2026

If we are going the direction of can_renew and can_store, I'm afraid that the most common case will be the need to check against multiple items instead of every single one in separation - even if we can check every item separately, especially in case of can_renew, that will not answer the question if its possible to renew batch of items

@bkontur
Copy link
Copy Markdown
Collaborator

bkontur commented May 21, 2026

If we are going the direction of can_renew and can_store, I'm afraid that the most common case will be the need to check against multiple items instead of every single one in separation - even if we can check every item separately, especially in case of can_renew, that will not answer the question if its possible to renew batch of items

can_store takes bytes, so the client just sum all the chunks -> so should be ok, just one call.

hmm, but can_renew, good question, I mean I am ok to merge as it is now, can_renew(one_tx).

if we go with BulletinTransactionStorageApi::can _renew_batch(batch: Vec<TransactionRef> we need to resolve the nice result type List<Result<(), Error> or something like this + maybe limit the input Vec cize? it can be a follow-up.

@karolk91 what do you suggest?

@karolk91
Copy link
Copy Markdown
Collaborator

karolk91 commented May 21, 2026
edited
Loading

If we are going the direction of can_renew and can_store, I'm afraid that the most common case will be the need to check against multiple items instead of every single one in separation - even if we can check every item separately, especially in case of can_renew, that will not answer the question if its possible to renew batch of items

can_store takes bytes, so the client just sum all the chunks -> so should be ok, just one call.

hmm, but can_renew, good question, I mean I am ok to merge as it is now, can_renew(one_tx).

if we go with BulletinTransactionStorageApi::can _renew_batch(batch: Vec<TransactionRef> we need to resolve the nice result type List<Result<(), Error> or something like this + maybe limit the input Vec cize? it can be a follow-up.

@karolk91 what do you suggest?

Yeah I was thinking about something similar, to allow Vec in the can_renew. But would need to double check what are the possible limits here - how big this Vec could be. We could do some follow-up but current real life scenarios always involve multiple CIDs - no one will use can_renew or can_store and just use account_authorization instead

In addition to above, current APIs also doesn't support preimage authorizations

@bkontur bkontur enabled auto-merge (squash) May 21, 2026 15:59
@bkontur
Copy link
Copy Markdown
Collaborator

bkontur commented May 21, 2026

Yeah I was thinking about something similar, to allow Vec in the can_renew. But would need to double check what are the possible limits here - how big this Vec could be. We could do some follow-up but current real life scenarios always involve multiple CIDs - no one will use can_renew or can_store and just use account_authorization instead

Yes, agree, let's iterate

In addition to above, current APIs also doesn't support preimage authorizations

Well, yes, good point, but who can auhorize_preimage? Only OpenGov now, we don't have use-cases for that, again, we can iterate with follow-ups also.

@bkontur bkontur merged commit 2cd564b into main May 21, 2026
47 checks passed
@bkontur bkontur deleted the auth-runtime-api branch May 21, 2026 18:19
@franciscoaguirre
Copy link
Copy Markdown
Contributor Author

franciscoaguirre commented May 21, 2026

@bkontur I was thinking about ideas for the runtime API. I will make a new PR then :)

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@karolk91 karolk91 karolk91 left review comments

@bkontur bkontur bkontur approved these changes

Assignees

@franciscoaguirre franciscoaguirre

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@franciscoaguirre @karolk91 @bkontur