Problem: producing attestations is not gated

[outerlook]

Currently, anyone can request attestations. In the future, we will prevent DDoS by charging per workload.

However, since we will launch this before it can be charged, we could add some protection by using our already implemented Roles mechanism. The downside is needing to know who is interested upfront.

[outerlook]

Hey @vinarmani, this is not on specs, as I thought about it recently. Do you think it's a good one for the current iteration?

[vinarmani]

@outerlook Attestation requests are a transaction type. Currently only whitelisted wallets should be able to broadcast transactions and have them accepted. The whitelist will be removed once all transactions require a fee.

Was attestation request not implemented as a transaction type? I believed it was spec'd as one.

[outerlook]

@vinarmani yes, we made that a role: NETWORK_WRITER, we use to gate current basic write TXs.

Got it, the role should encompass any kind of write-actions TXs, including this.

[vinarmani]

@outerlook Yes, exactly.

Your response makes me a bit curious though... isn't every transaction processed by the validators a write action? View actions are not (technically) transactions since they are not broadcast to the network.

[outerlook]

@vinarmani

Yes, all write actions are transactions.

The confusion is regarding how, during TX gating spec, we chose to protect our transactions based on whitelisting.

It is not intrinsically tied to TXs, but we tie to it based on a role-check on the actions we chose to protect (create_streams, insert_records, create data provider, etc), which are all that prevent public writing to the network (matches TX gating effect)

example

CREATE OR REPLACE ACTION create_streams(
    $stream_ids TEXT[],
    $stream_types TEXT[]
) PUBLIC {
    $has_permission BOOL := false;
    for $row in are_members_of('system', 'network_writer', ARRAY[$lower_caller]) {
        if $row.wallet = $lower_caller AND $row.is_member {
            $has_permission := true;
            break;
        }
    }
    if NOT $has_permission {
        ERROR('Caller does not have the required system:network_writer role to create streams.');
    }
	...

I was first imagining that only a separate, special set of wallets could create attestations, but now I understand that it's the same set that is able to produce the these other TXs