diff --git a/docs/contracts/overview/KeyManager.md b/docs/contracts/overview/KeyManager.md index 9a46025e76..a87bd6652f 100644 --- a/docs/contracts/overview/KeyManager.md +++ b/docs/contracts/overview/KeyManager.md @@ -21,6 +21,28 @@ To illustrate, in the case of Universal Profile and the browser extension, you c Afterwards, you can grant partial access to dApp and protocol (more specifically the smart contract addresses behind them), so that they can use your Universal Profile to interact on your behalf. This catalyze interactions on the blockchain, where your Universal Profile can do more and operate automatically in controlled manner, without requiring the main profile owner to have to do everything. +### Allowed Calls + +:::note + +If controller has `CALL` permission but has no `AllowedCalls`, controller will not be able to use the `CALL` permission at all. + +::: + +Key Manager allows for restricting controller addresses to be able to call specific functions on specific addresses which should be of a specific standard. In order to achieve such functionallity one could encode a set of type calls, addresses, standards and functions to [`bytes32[CompactBytesArray]`](https://github.com/lukso-network/LIPs/blob/main/LSPs/LSP-2-ERC725YJSONSchema.md#bytesncompactbytesarray), and store them under the [Allowed Calls](../../standards/universal-profile/lsp6-key-manager.md#allowed-calls) data key. + +_E.g._ + +Supposedly we have the following `AllowedCalls`: +`0x002000000002cafecafecafecafecafecafecafecafecafecafe24871b3d7f23690c002000000003cafecafecafecafecafecafecafecafecafecafe24871b3d44c028fe` + +It can be decoded as: + +| Allowed Calls | +| :------------ | :- | :- | +| First allowed call | **Call Types** - `0x00000002` (Call)
**Address** - `0xcafecafecafecafecafecafecafecafecafecafe`
**Standard** - `0x24871b3d` (LSP0)
**Function** - `0x7f23690c` (`setData(bytes32,bytes)`) | - This allowed call permits the controller to use the function `setData(bytes32,bytes)` in the contract deployed at address `0xcafecafecafecafecafecafecafecafecafecafe`.
- When calling that function the operation type has to be `CALL` with no value being sent.
- The address `0xcafecafecafecafecafecafecafecafecafecafe` has to return true to `ERC165.supportsInterface(0x24871b3d)`. | +| Second allowed call | **Call Types** - `0x00000003` (Transfervalue & Call)
**Address** - `0xcafecafecafecafecafecafecafecafecafecafe`
**Standard** - `0x24871b3d` (LSP0)
**Function** - `0x44c028fe` (`execute(uint256,address,uint256,bytes)`) | - This allowed call permits the controller to use the function `execute(uint256,address,uint256,bytes)` in the contract deployed at address `0xcafecafecafecafecafecafecafecafecafecafe`.
- When calling that function the operation type has to be `CALL`, you can send value as well.
- The address `0xcafecafecafecafecafecafecafecafecafecafe` has to return true to `ERC165.supportsInterface(0x24871b3d)`. | + ## Further Reading - [The Bytecode episode #4 (Youtube) - overview of the Solidity code of the `LSP6KeyManagerCore.sol` by Jean Cavallera](https://www.youtube.com/watch?v=2Sm9LsCPjdE) \ No newline at end of file