ICRC-28 defines a standard method to provide global delegations to relying parties while ensuring that malicious actors cannot gain permission to manage user data in arbitrary canisters (i.e. drain a user's wallet of its assets).
This specification outlines a mechanism for relying parties to request extensions of global delegations to include canisters that the dapp does not control as targets.
Terminology
signer: A service that manages a user's keys and can sign and perform canister calls on their behalf.
relying party: A service that wants to request calls on a specific canister.
targets: A list of canisters to be permitted a delegation identity for.
Methods
icrc81_extend_targets
The purpose of the icrc81_extend_targets method is for the relying party to request extensions of global delegations to include canisters that the dapp does not control as targets. If the set of targets is not empty, the signer SHOULD pick only the inverse of targets from the icrc28_get_trusted_origins method and SHOULD request user approval before responding with the delegation with extended targets.
Prerequisites
None
Request Params
targets: Array of canisters to extend the global delegation with
Result
delegation:
Message Processing
The relying party sends a icrc81_extend_delegation message to the signer.
Depending if the signer supports user approval:
If the signer does support user approval, it will display to the user a request to allow the relying party to manage data in those canisters on the user's behalf.
If the user approves the request, the signer will create a delegation with the new canisters listed as targets and respond back to the relying party with it.
Errors
The error is an object comprising the code, message and optional data fields as described in the JSON-RPC 2.0 Specification. In addition to the pre-defined errors, the following values are defined applying to all methods (including extension standards):
General (code: 1xxx)
Code
Message
Meaning
Data
1000
Generic error
Generic error not fitting another, more specific error category.
(text): description of the error intended for developers
Not supported (code: 2xxx)
Code
Message
Meaning
Data
2000
Not supported
The operation is not supported by the signer.
(text): description of the error intended for developers
User action (code: 3xxx)
Code
Message
Meaning
Data
3000
Permission not granted
The signer has rejected the request due to insufficient permissions.
ICRC-81: Extend global delegation with arbitrary targets (ICRC-28 extension)
icrc81_extend_delegationSummary
ICRC-28 defines a standard method to provide global delegations to relying parties while ensuring that malicious actors cannot gain permission to manage user data in arbitrary canisters (i.e. drain a user's wallet of its assets).
This specification outlines a mechanism for relying parties to request extensions of global delegations to include canisters that the dapp does not control as targets.
Terminology
Methods
icrc81_extend_targetsThe purpose of the
icrc81_extend_targetsmethod is for the relying party to request extensions of global delegations to include canisters that the dapp does not control as targets. If the set of targets is not empty, the signer SHOULD pick only the inverse of targets from theicrc28_get_trusted_originsmethod and SHOULD request user approval before responding with the delegation with extended targets.Prerequisites
None
Request Params
targets: Array of canisters to extend the global delegation withResult
delegation:Message Processing
icrc81_extend_delegationmessage to the signer.Errors
The error is an object comprising the
code,messageand optionaldatafields as described in the JSON-RPC 2.0 Specification. In addition to the pre-defined errors, the following values are defined applying to all methods (including extension standards):1xxx)text): description of the error intended for developers2xxx)text): description of the error intended for developers3xxx)4xxx)status(int): HTTP status codemessage(text, optional): message