Enforce Capability Constraints
This guide demonstrates how to issue address-bound capabilities and verify that unauthorized wallets cannot use them. It also shows that capability revocation takes effect immediately.
Prerequisites
- An existing Audit Trail on the IOTA network
- An admin address owning an admin role capability as been shown in Create an Audit Trail
- Familiarity with Role-Based Access Control
Steps
1. Set Up Multiple Wallets
Create an admin wallet, an intended writer, and a wrong writer to demonstrate address binding.
Used Utility Functions
2. Issue an Address-Bound Capability
Create a role and issue a capability bound to the intended writer's address using the issued_to parameter.
Used Utility Functions
3. Verify Unauthorized Access Is Denied
A different wallet attempts to add a record — this fails because the capability is bound to a different address.
4. Verify Authorized Access Succeeds
The intended wallet uses the capability successfully.
5. Revoke the Capability and Verify Immediate Effect
After revocation, even the previously authorized wallet can no longer use the capability.
Expected Behavior
- Address-bound capabilities can only be used by the specified wallet address.
- Any other wallet attempting to use the trail is rejected, even if they hold a different capability.
- Revocation is instant — the revoked capability is immediately unusable.
Running Examples Locally
In order to run the examples, you will need to run an IOTA network locally. See the local network setup guide.
Full Example Code
- Rust
- Typescript (Node.js)
examples/audit-trail/advanced/10_capability_constraints.rs
loading...
bindings/wasm/audit_trail_wasm/examples/src/advanced/10_capability_constraints.ts
loading...