The EIP-5539 draft proposes a new RBAC-enabled revocation registry that can be used by any valid Ethereum address to maintain a set of revocation lists. In those, arbitrary revocation keys can be marked as either revoked or not. Additionally, the registry includes a set of management features that enables owners to have features like delegates, owner changes, and meta transactions.
This repository includes a well-tested reference implementation that implements all described features in EIP-5539.
A namespace is a representation of an Ethereum address
inside the registry that corresponds to its owners address
. All revocation lists within a namespace are initially owned by the namespace's owner address
. All namespaces are already claimed by their corresponding owners.
A namespace can contain an (almost) infinite number of revocation lists. Each revocation list is identified by a unique key of the type bytes32
that can be used to address it in combination with the namespace address
.
A revocation list can contain an (almost) infinite number of revocation keys of the type bytes32
. In combination with the namespace address
and the revocation list key, it resolves to a boolean value that indicates whether the revocation key is revoked or not. Revocations can always be undone.
An Ethereum address
that has modifying rights to revocation lists within its own and possibly foreign namespaces. An owner can give up modifying rights of revocation lists within its namespace by transferring ownership to another address
. The revocation list will still reside in its original namespace though.
An Ethereum address
that received temporary access to a revocation list in a namespace. It has to be granted by the current owner of the revocation list in question.
Owners and delegates can provide a signed payload off-band to another address
(transaction sender) that initiates the Ethereum interaction with the smart contract. This might be helpful for services providing easy-to-use access to the registry.
The usage in Verifiable Credentials is defined in the EthrRevocationRegistry2022 specification found here: https://spherity.github.io/vc-ethr-revocation-registry/.
Implementers can call all methods of the registry directly with already existing web3 libraries. Alternatively, the Typescript library Ethereum-Revocation-Registry-Controller can be used as an easy-to-use interface to interact with the registry. A plugin for resolving credential states in Veramo can be found here: https://github.com/spherity/ethr-revocation-registry-veramo-plugin
Network Name | name | chainId | hexChainId | Registry Address | Registry version |
---|---|---|---|---|---|
Mainnet | mainnet | 1 | 0x01 | ||
Goerli | goerli | 5 | 0x05 | 0x185D1Cf733e2C85A7Eda4f188036baA5b7a11182 | 1.0.0 |
To get the test suite running you need a local instance of Ganache.
This projects supplies a docker-compose
that starts up a local instance:
npm run init
The migration will deploy the contract to the local chain:
npm run migrate
Then you can generate the contract's types:
npm run types
Everytime you change something at the contract and the interface changes you need to rerun the type generation.
To start the test suite, you can call:
npm run test
To get a coverage report you need to run:
npm run test:coverage
The Truffle migration feature is used to deploy the contracts to the different networks which ensures that the logic and proxy contract get upgraded correctly. Fot MINOR version updates, the contracts .sol file can be edited directly. The the following process has to be followed:
- Copy the
X_upgrade_contract.ts
file from themigrations
folder to a new file with an increased number at the front and telling description. - Run
npm run types
to generate the types for the updated contract. - Run
npm run migrate
to deploy the new contract to the local network. - If everything works, commit your changes.
For MAJOR version updates, the following steps have to be followed:
- Copy the RevocationRegistry.sol file to a new file with the new version number attached to it. (like
RevocationRegistryV2.sol
) - Copy the
X_upgrade_contract.ts
file from themigrations
folder to a new file with an increased number at the front and telling description. ALSO: Reference the new contracts artefact that should be deployed. - Run
npm run types
to generate the types for the updated contract. - Run
npm run migrate
to deploy the new contract to the local network. - If everything works, commit your changes.
When creating a new release, a GitHub action will automatically upgrade the contract on the networks. The files in the networks
and .openzeppelin
are needed for the migrations to keep track what contracts are deployed to what addresses on which networks. Don't modify or delete them. The updated versions of those files will be committed in a new pull request that needs to be merged by owners or maintainers.
This repository has three deliverables with versions:
- node module
- contract
- contract types
All of these leverage semantic versioning.
The node module version is separated from the other ones.
The contract's version will always be bumped in a major version when the public interface changes (public methods, public fields). If this happens, a new contract file should be used with the changes you intend to apply.
The contract types version will follow the contract's version accordingly, but will only carry the major version in their name (V1, V2).