XLS-70d Credentials

include/xrpl/protocol/ErrorCodes.h

@@ -148,7 +148,10 @@ enum error_code_i {
     // Oracle
     rpcORACLE_MALFORMED = 94,
 
-    rpcLAST = rpcORACLE_MALFORMED  // rpcLAST should always equal the last code.
+    // deposit_authorized + credentials
+    rpcBAD_CREDENTIALS = 95,
+
+    rpcLAST = rpcBAD_CREDENTIALS  // rpcLAST should always equal the last code.
 };
 
 /** Codes returned in the `warnings` array of certain RPC commands.

include/xrpl/protocol/Feature.h

@@ -80,7 +80,7 @@ namespace detail {
 // Feature.cpp. Because it's only used to reserve storage, and determine how
 // large to make the FeatureBitset, it MAY be larger. It MUST NOT be less than
 // the actual number of amendments. A LogicError on startup will verify this.
-static constexpr std::size_t numFeatures = 82;
+static constexpr std::size_t numFeatures = 83;
 
 /** Amendments that this server supports and the default voting behavior.
    Whether they are enabled depends on the Rules defined in the validated

include/xrpl/protocol/HashPrefix.h

@@ -84,6 +84,9 @@ enum class HashPrefix : std::uint32_t {
 
     /** Payment Channel Claim */
     paymentChannelClaim = detail::make_hash_prefix('C', 'L', 'M'),
+
+    /** Credentials signature */
+    credential = detail::make_hash_prefix('C', 'R', 'D'),
 };
 
 template <class Hasher>

include/xrpl/protocol/Indexes.h

@@ -30,6 +30,7 @@
 #include <xrpl/protocol/Serializer.h>
 #include <xrpl/protocol/UintTypes.h>
 #include <xrpl/protocol/jss.h>
+
 #include <cstdint>
 
 namespace ripple {
@@ -189,6 +190,11 @@ check(uint256 const& key) noexcept
 Keylet
 depositPreauth(AccountID const& owner, AccountID const& preauthorized) noexcept;
 
+Keylet
+depositPreauth(
+    AccountID const& owner,
+    std::set<std::pair<AccountID, Slice>> const& authCreds) noexcept;
+
 inline Keylet
 depositPreauth(uint256 const& key) noexcept
 {
@@ -287,6 +293,18 @@ did(AccountID const& account) noexcept;
 Keylet
 oracle(AccountID const& account, std::uint32_t const& documentID) noexcept;
 
+Keylet
+credential(
+    AccountID const& subject,
+    AccountID const& issuer,
+    Slice const& credType) noexcept;
+
+inline Keylet
+credential(uint256 const& key) noexcept
+{
+    return {ltCREDENTIAL, key};
+}
+
 Keylet
 mptIssuance(std::uint32_t seq, AccountID const& issuer) noexcept;
 

include/xrpl/protocol/LedgerFormats.h

@@ -186,6 +186,9 @@ enum LedgerSpecificFlags {
 
     // ltMPTOKEN
     lsfMPTAuthorized = 0x00000002,
+
+    // ltCREDENTIAL
+    lsfAccepted = 0x00010000,
 };
 
 //------------------------------------------------------------------------------

include/xrpl/protocol/Protocol.h

@@ -95,6 +95,15 @@ std::size_t constexpr maxDIDAttestationLength = 256;
 /** The maximum length of a domain */
 std::size_t constexpr maxDomainLength = 256;
 
+/** The maximum length of a URI inside a Credential */
+std::size_t constexpr maxCredentialURILength = 256;
+
+/** The maximum length of a CredentialType inside a Credential */
+std::size_t constexpr maxCredentialTypeLength = 64;
+
+/** The maximum number of credentials can be passed in array */
+std::size_t constexpr maxCredentialsArraySize = 8;
+
 /** The maximum length of MPTokenMetadata */
 std::size_t constexpr maxMPTokenMetadataLength = 1024;
 

include/xrpl/protocol/TER.h

@@ -343,6 +343,7 @@ enum TECcodes : TERUnderlyingType {
     tecARRAY_EMPTY = 190,
     tecARRAY_TOO_LARGE = 191,
     tecLOCKED = 192,
+    tecBAD_CREDENTIALS = 193,
 };
 
 //------------------------------------------------------------------------------

include/xrpl/protocol/UintTypes.h

@@ -134,6 +134,12 @@ struct hash<ripple::Directory> : ripple::Directory::hasher
     explicit hash() = default;
 };
 
+template <>
+struct hash<ripple::uint256> : ripple::uint256::hasher
+{
+    explicit hash() = default;
+};
+
 }  // namespace std
 
 #endif

include/xrpl/protocol/detail/features.macro

@@ -29,6 +29,8 @@
 // If you add an amendment here, then do not forget to increment `numFeatures`
 // in include/xrpl/protocol/Feature.h.
 
+XRPL_FEATURE(Credentials,                Supported::yes, VoteBehavior::DefaultNo)
+XRPL_FEATURE(AMMClawback,                Supported::yes, VoteBehavior::DefaultNo)
 XRPL_FIX    (AMMv1_2,                    Supported::yes, VoteBehavior::DefaultNo)
 // InvariantsV1_1 will be changes to Supported::yes when all the
 // invariants expected to be included under it are complete.
@@ -96,7 +98,7 @@ XRPL_FIX    (1513,                       Supported::yes, VoteBehavior::DefaultYe
 XRPL_FEATURE(FlowCross,                  Supported::yes, VoteBehavior::DefaultYes)
 XRPL_FEATURE(Flow,                       Supported::yes, VoteBehavior::DefaultYes)
 XRPL_FEATURE(OwnerPaysFee,               Supported::no,  VoteBehavior::DefaultNo)
-XRPL_FEATURE(AMMClawback,                Supported::yes,  VoteBehavior::DefaultYes)
+
 
 // The following amendments are obsolete, but must remain supported
 // because they could potentially get enabled.

include/xrpl/protocol/detail/ledger_entries.macro

@@ -245,10 +245,11 @@ LEDGER_ENTRY(ltOFFER, 0x006f, Offer, ({
  */
 LEDGER_ENTRY(ltDEPOSIT_PREAUTH, 0x0070, DepositPreauth, ({
     {sfAccount,              soeREQUIRED},
-    {sfAuthorize,            soeREQUIRED},
+    {sfAuthorize,            soeOPTIONAL},
     {sfOwnerNode,            soeREQUIRED},
     {sfPreviousTxnID,        soeREQUIRED},
     {sfPreviousTxnLgrSeq,    soeREQUIRED},
+    {sfAuthorizeCredentials, soeOPTIONAL},
 }))
 
 /** A claim id for a cross chain transaction.
@@ -420,3 +421,18 @@ LEDGER_ENTRY(ltMPTOKEN, 0x007f, MPToken, ({
     {sfPreviousTxnID,            soeREQUIRED},
     {sfPreviousTxnLgrSeq,        soeREQUIRED},
 }))
+
+/** A ledger object which tracks Credential
+    \sa keylet::credential
+ */
+LEDGER_ENTRY(ltCREDENTIAL, 0x0081, Credential, ({
+    {sfSubject,              soeREQUIRED},
+    {sfIssuer,               soeREQUIRED},
+    {sfCredentialType,       soeREQUIRED},
+    {sfExpiration,           soeOPTIONAL},
+    {sfURI,                  soeOPTIONAL},
+    {sfIssuerNode,           soeREQUIRED},
+    {sfSubjectNode,          soeREQUIRED},
+    {sfPreviousTxnID,        soeREQUIRED},
+    {sfPreviousTxnLgrSeq,    soeREQUIRED},
+}))

include/xrpl/protocol/detail/sfields.macro

@@ -140,6 +140,8 @@ TYPED_SFIELD(sfAssetPrice,               UINT64,    23)
 TYPED_SFIELD(sfMaximumAmount,            UINT64,    24, SField::sMD_BaseTen|SField::sMD_Default)
 TYPED_SFIELD(sfOutstandingAmount,        UINT64,    25, SField::sMD_BaseTen|SField::sMD_Default)
 TYPED_SFIELD(sfMPTAmount,                UINT64,    26, SField::sMD_BaseTen|SField::sMD_Default)
+TYPED_SFIELD(sfIssuerNode,               UINT64,    27)
+TYPED_SFIELD(sfSubjectNode,              UINT64,    28)
 
 // 128-bit
 TYPED_SFIELD(sfEmailHash,                UINT128,    1)
@@ -258,6 +260,7 @@ TYPED_SFIELD(sfData,                     VL,        27)
 TYPED_SFIELD(sfAssetClass,               VL,        28)
 TYPED_SFIELD(sfProvider,                 VL,        29)
 TYPED_SFIELD(sfMPTokenMetadata,          VL,        30)
+TYPED_SFIELD(sfCredentialType,           VL,        31)
 
 // account (common)
 TYPED_SFIELD(sfAccount,                  ACCOUNT,    1)
@@ -280,12 +283,14 @@ TYPED_SFIELD(sfAttestationSignerAccount, ACCOUNT,   20)
 TYPED_SFIELD(sfAttestationRewardAccount, ACCOUNT,   21)
 TYPED_SFIELD(sfLockingChainDoor,         ACCOUNT,   22)
 TYPED_SFIELD(sfIssuingChainDoor,         ACCOUNT,   23)
+TYPED_SFIELD(sfSubject,                  ACCOUNT,   24)
 
 // vector of 256-bit
 TYPED_SFIELD(sfIndexes,                  VECTOR256,  1, SField::sMD_Never)
 TYPED_SFIELD(sfHashes,                   VECTOR256,  2)
 TYPED_SFIELD(sfAmendments,               VECTOR256,  3)
 TYPED_SFIELD(sfNFTokenOffers,            VECTOR256,  4)
+TYPED_SFIELD(sfCredentialIDs,            VECTOR256,  5)
 
 // path set
 UNTYPED_SFIELD(sfPaths,                  PATHSET,    1)
@@ -337,6 +342,7 @@ UNTYPED_SFIELD(sfXChainCreateAccountProofSig, OBJECT, 29)
 UNTYPED_SFIELD(sfXChainClaimAttestationCollectionElement, OBJECT, 30)
 UNTYPED_SFIELD(sfXChainCreateAccountAttestationCollectionElement, OBJECT, 31)
 UNTYPED_SFIELD(sfPriceData,              OBJECT,    32)
+UNTYPED_SFIELD(sfCredential,             OBJECT,    33)
 
 // array of objects (common)
 // ARRAY/1 is reserved for end of array
@@ -364,3 +370,5 @@ UNTYPED_SFIELD(sfXChainCreateAccountAttestations, ARRAY, 22)
 //                                                  23 unused
 UNTYPED_SFIELD(sfPriceDataSeries,        ARRAY,     24)
 UNTYPED_SFIELD(sfAuthAccounts,           ARRAY,     25)
+UNTYPED_SFIELD(sfAuthorizeCredentials,   ARRAY,     26)
+UNTYPED_SFIELD(sfUnauthorizeCredentials, ARRAY,     27)

include/xrpl/protocol/detail/transactions.macro

@@ -37,6 +37,7 @@ TRANSACTION(ttPAYMENT, 0, Payment, ({
     {sfInvoiceID, soeOPTIONAL},
     {sfDestinationTag, soeOPTIONAL},
     {sfDeliverMin, soeOPTIONAL, soeMPTSupported},
+    {sfCredentialIDs, soeOPTIONAL},
 }))
 
 /** This transaction type creates an escrow object. */
@@ -55,6 +56,7 @@ TRANSACTION(ttESCROW_FINISH, 2, EscrowFinish, ({
     {sfOfferSequence, soeREQUIRED},
     {sfFulfillment, soeOPTIONAL},
     {sfCondition, soeOPTIONAL},
+    {sfCredentialIDs, soeOPTIONAL},
 }))
 
 
@@ -139,6 +141,7 @@ TRANSACTION(ttPAYCHAN_CLAIM, 15, PaymentChannelClaim, ({
     {sfBalance, soeOPTIONAL},
     {sfSignature, soeOPTIONAL},
     {sfPublicKey, soeOPTIONAL},
+    {sfCredentialIDs, soeOPTIONAL},
 }))
 
 /** This transaction type creates a new check. */
@@ -166,6 +169,8 @@ TRANSACTION(ttCHECK_CANCEL, 18, CheckCancel, ({
 TRANSACTION(ttDEPOSIT_PREAUTH, 19, DepositPreauth, ({
     {sfAuthorize, soeOPTIONAL},
     {sfUnauthorize, soeOPTIONAL},
+    {sfAuthorizeCredentials, soeOPTIONAL},
+    {sfUnauthorizeCredentials, soeOPTIONAL},
 }))
 
 /** This transaction type modifies a trustline between two accounts. */
@@ -179,6 +184,7 @@ TRANSACTION(ttTRUST_SET, 20, TrustSet, ({
 TRANSACTION(ttACCOUNT_DELETE, 21, AccountDelete, ({
     {sfDestination, soeREQUIRED},
     {sfDestinationTag, soeOPTIONAL},
+    {sfCredentialIDs, soeOPTIONAL},
 }))
 
 // 22 reserved
@@ -420,6 +426,28 @@ TRANSACTION(ttMPTOKEN_AUTHORIZE, 57, MPTokenAuthorize, ({
     {sfHolder, soeOPTIONAL},
 }))
 
+/** This transaction type create an Credential instance */
+TRANSACTION(ttCREDENTIAL_CREATE, 58, CredentialCreate, ({
+    {sfSubject, soeREQUIRED},
+    {sfCredentialType, soeREQUIRED},
+    {sfExpiration, soeOPTIONAL},
+    {sfURI, soeOPTIONAL},
+}))
+
+/** This transaction type accept an Credential object */
+TRANSACTION(ttCREDENTIAL_ACCEPT, 59, CredentialAccept, ({
+    {sfIssuer, soeREQUIRED},
+    {sfCredentialType, soeREQUIRED},
+}))
+
+/** This transaction type delete an Credential object */
+TRANSACTION(ttCREDENTIAL_DELETE, 60, CredentialDelete, ({
+    {sfSubject, soeOPTIONAL},
+    {sfIssuer, soeOPTIONAL},
+    {sfCredentialType, soeREQUIRED},
+}))
+
+
 /** This system-generated transaction type is used to update the status of the various amendments.
 
     For details, see: https://xrpl.org/amendments.html
@@ -455,3 +483,4 @@ TRANSACTION(ttUNL_MODIFY, 102, UNLModify, ({
     {sfLedgerSequence, soeREQUIRED},
     {sfUNLModifyValidator, soeREQUIRED},
 }))
+

include/xrpl/protocol/jss.h

@@ -63,6 +63,7 @@ JSS(BidMin);               // in: AMM Bid
 JSS(Bridge);               // ledger type.
 JSS(Check);                // ledger type.
 JSS(ClearFlag);            // field.
+JSS(Credential);           // ledger type.
 JSS(DID);                  // ledger type.
 JSS(DeliverMax);           // out: alias to Amount
 JSS(DeliverMin);           // in: TransactionSign
@@ -75,6 +76,7 @@ JSS(FeeSettings);          // ledger type.
 JSS(Flags);                // in/out: TransactionSign; field.
 JSS(Holder);               // field.
 JSS(Invalid);              //
+JSS(Issuer);               // in: Credential transactions
 JSS(LastLedgerSequence);   // in: TransactionSign; field
 JSS(LastUpdateTime);       // field.
 JSS(LedgerHashes);         // ledger type.
@@ -107,6 +109,7 @@ JSS(Sequence);                           // in/out: TransactionSign; field.
 JSS(SetFlag);                            // field.
 JSS(SignerList);                         // ledger type.
 JSS(SigningPubKey);                      // field.
+JSS(Subject);                            // in: Credential transactions
 JSS(TakerGets);                          // field.
 JSS(TakerPays);                          // field.
 JSS(Ticket);                             // ledger type.
@@ -165,6 +168,7 @@ JSS(attestations);
 JSS(attestation_reward_account);
 JSS(auction_slot);            // out: amm_info
 JSS(authorized);              // out: AccountLines
+JSS(authorized_credentials);   // in: ledger_entry DepositPreauth
 JSS(auth_accounts);           // out: amm_info
 JSS(auth_change);             // out: AccountInfo
 JSS(auth_change_queued);      // out: AccountInfo
@@ -228,6 +232,9 @@ JSS(converge_time_s);         // out: NetworkOPs
 JSS(cookie);                  // out: NetworkOPs
 JSS(count);                   // in: AccountTx*, ValidatorList
 JSS(counters);                // in/out: retrieve counters
+JSS(credential);              // in: LedgerEntry Credential
+JSS(credentials);             // in: deposit_authorized
+JSS(credential_type);         // in: LedgerEntry DepositPreauth
 JSS(ctid);                    // in/out: Tx RPC
 JSS(currency_a);              // out: BookChanges
 JSS(currency_b);              // out: BookChanges
@@ -614,6 +621,7 @@ JSS(streams);                 // in: Subscribe, Unsubscribe
 JSS(strict);                  // in: AccountCurrencies, AccountInfo
 JSS(sub_index);               // in: LedgerEntry
 JSS(subcommand);              // in: PathFind
+JSS(subject);                 // in: LedgerEntry Credential
 JSS(success);                 // rpc
 JSS(supported);               // out: AmendmentTableImpl
 JSS(sync_mode);               // in: Submit

src/libxrpl/protocol/ErrorCodes.cpp

@@ -108,7 +108,8 @@ constexpr static ErrorInfo unorderedErrorInfos[]{
     {rpcTOO_BUSY,               "tooBusy",              "The server is too busy to help you now.", 503},
     {rpcTXN_NOT_FOUND,          "txnNotFound",          "Transaction not found.", 404},
     {rpcUNKNOWN_COMMAND,        "unknownCmd",           "Unknown method.", 405},
-    {rpcORACLE_MALFORMED,       "oracleMalformed",      "Oracle request is malformed.", 400}};
+    {rpcORACLE_MALFORMED,       "oracleMalformed",      "Oracle request is malformed.", 400},
+    {rpcBAD_CREDENTIALS,        "badCredentials",       "Credentials do not exist, are not accepted, or have expired.", 400}};
 // clang-format on
 
 // Sort and validate unorderedErrorInfos at compile time.  Should be