Node Permission

Question

I am wondering how I would go about setting up permission in a multi-node environment such that:

a:  The Master node can add and remove 'child' nodes' and allow mining (for transaction security)
b:  The master node is the only node that can issue assets and create streams
c:  Child nodes can create addresses for sending and receiving assets
d:  Child nodes can read and publish to already created streams.

The model is that along with setting up various nodes,  others may run a node and write applications that connect to thier node to send transactions etc.      They may use our wrapper API but I cannot guarantee that they do not use the json-rpc to connect to their node directly.

Answer 1

This is straightforward using MultiChain permissions.

First, leave the anyone-can-* blockchain parameters on their default settings when the chain is created, but change anyone-can-send and anyone-can-receive to true.

Second, if we call the node that started the chain the "master node", then that node will automatically have all other permissions assigned to its first address. This will allow it to change the connect permissions of other nodes (to allow them to use the chain or not), issue assets, create streams, decide who can mine, and so on. No other node will be able to do this.

If every stream created is left as open (see that parameter to the create command) then child nodes will automatically be able to write to that stream (and in any event everyone can read from it).

The one issue you might have is that an address cannot transact on the blockchain before a transaction has been sent to it (in technical terms, it needs a UTXO or unspent transaction output). So after creating a new address on a child node, you'll need to send a transaction to that address from another address on the child node. This can be a transaction that transfers zero assets so it need not be an actual change of ownership.