Core concepts

Security Rules

Security rules are essential for restricting access to resources and data of a smart contract. The following are examples of different security rules that can be implemented in a contract.

No Security Rules

This rule allows unrestricted access to all database documents of the cloud.lmdb service. It is highly recommended to set specific access control rules to protect your data.

{
  "rules_version": "1",
  "service": "cloud.lmdb",
  "/databases/{database}/documents": {
    "/{document=**}": {
      "read": true,
      "write": true
    }
  }
}

When creating security rules, it is important to consider the needs of your contract and implement appropriate restrictions.

Jwt Security Rules

Not Implemented

This is still on our roadmap and will be completed very shortly if there is sufficient interest.

This security rule definition file applies restrictions to specific collections of data stored by the smart contract, such as requiring that only authenticated users with a specific user ID can read or write specific documents.

{
  "rules_version": "1",
  "service": "cloud.lmdb",
  "/databases/{database}/documents": {
    "/MasterUserList/{uId}": {
      "read": "request.auth.uid != null && request.auth.uid == uId",
      "write": "request.auth.uid != null && request.auth.uid == uId"
    },
    "/{document=**}": {
      "read": false,
      "write": false
    }
  }
}

When creating security rules, it is important to consider the needs of your contract and implement appropriate restrictions.

Xrpl Signature Security Rules

The following example shows how to create a security rule file for Xrpl-signed smart contract requests. This security rule file requires that the binary data or path be signed with the private and public key.

{
  "rules_version": "1",
  "service": "cloud.lmdb",
  "/databases/{database}/documents": {
    "/MasterUserList/{uId}": {
      "read": "request.auth.uid != null && request.auth.uid == uId && request.auth.type == xrpl",
      "write": "request.auth.uid != null && request.auth.uid == uId && request.auth.type == xrpl"
    }
  },
  "/{document=**}": {
    "read": false,
    "write": false
  }
}

When creating security rules, it is important to consider the needs of your contract and implement appropriate restrictions.

Customization

It is possible to customize the above rules to suit the needs of specific contracts. For example, you can modify the read and write permissions to allow access to certain paths or users.

By ensuring that your smart contracts have robust security rules in place, you can help prevent unauthorized access and safeguard your data.

Previous
Binary Models
Next
Xrpl Signatures