| id | title |
|---|---|
remote_policy |
Remote Policy Service |
The remote policy service feature allows custom policy schemes beyond simple request and operation lookup to be implemented externally.
The hook is called after the standard request type and operation checks. If the hook returned an error the sign operation is denied.
sequenceDiagram
autonumber
participant C as Client
participant S as Signatory
participant R as Remote Policy<br> Service
C->>S: Tezos Operation
S-->>+R: POST operation and metadata
R-->>S: Response 200 OK
S-->>S: Signs
S->>C: 200 OK
alt
R-->>S: 403 Denied
S->>C: 403 Denied
end
The service response can be authenticated using a signature. To do so the service public key must be added to the authorized_keys list.
# config root
policy_hook:
address: host:port
# List of authorized keys in Tezos Base58 format
authorized_keys:
- pub1
- pub2
# ...{
// Base64 encoded raw incoming sign request
"request": "base64",
// Client address
"source": "ip_address",
// Requested public key hash in Tezos Base58 format
"public_key_hash": "base58",
// Client public key hash in Tezos Base58 format. Presents only if the incoming sign request was authenticated
"client_key_hash": "base58",
// One time nonce. Presents only if the policy service call is authenticated
"nonce": "string"
}{
"payload": {
// Must reflect the HTTP status code. The sign operation is allowed if the service returned 2xx
"status": 200,
// An optional error message is the status code is not 2xx
"error": "string",
// The key used to sign the reply
"public_key_hash": "base58",
// The request nonce
"nonce": "string"
},
// Payload signature in Tezos Base58 format
"signature": "base58"
}The signature is calculated from the payload JSON object as it present in the request.
Just the HTTP status code is inspected. The sign operation is allowed if the service returned 2xx