Using the SDK
Resources
Docs Version Switcher
Cosmos
Hub
IBC
Go
Tendermint
Core
Search

# Messages

In this section we describe the processing of messages for the authz module.

# MsgGrant

An authorization grant is created using the MsgGrant message. If there is already a grant for the (granter, grantee, Authorization) triple, then the new grant overwrites the previous one. To update or extend an existing grant, a new grant with the same (granter, grantee, Authorization) triple should be created.

Copy // MsgGrant is a request type for Grant method. It declares authorization to the grantee // on behalf of the granter with the provided expiration time. message MsgGrant { option (cosmos.msg.v1.signer) = "granter"; string granter = 1 [(cosmos_proto.scalar) = "cosmos.AddressString"]; string grantee = 2 [(cosmos_proto.scalar) = "cosmos.AddressString"]; cosmos.authz.v1beta1.Grant grant = 3 [(gogoproto.nullable) = false]; }

The message handling should fail if:

  • both granter and grantee have the same address.
  • provided Expiration time is less than current unix timestamp (but a grant will be created if no expiration time is provided since expiration is optional).
  • provided Grant.Authorization is not implemented.
  • Authorization.MsgTypeURL() is not defined in the router (there is no defined handler in the app router to handle that Msg types).

# MsgRevoke

A grant can be removed with the MsgRevoke message.

Copy message MsgRevoke { option (cosmos.msg.v1.signer) = "granter"; string granter = 1 [(cosmos_proto.scalar) = "cosmos.AddressString"]; string grantee = 2 [(cosmos_proto.scalar) = "cosmos.AddressString"]; string msg_type_url = 3; }

The message handling should fail if:

  • both granter and grantee have the same address.
  • provided MsgTypeUrl is empty.

NOTE: The MsgExec message removes a grant if the grant has expired.

# MsgExec

When a grantee wants to execute a transaction on behalf of a granter, they must send MsgExec.

Copy message MsgExec { option (cosmos.msg.v1.signer) = "grantee"; string grantee = 1 [(cosmos_proto.scalar) = "cosmos.AddressString"]; // Authorization Msg requests to execute. Each msg must implement Authorization interface // The x/authz will try to find a grant matching (msg.signers[0], grantee, MsgTypeURL(msg)) // triple and validate it. repeated google.protobuf.Any msgs = 2 [(cosmos_proto.accepts_interface) = "sdk.Msg, authz.Authorization"]; }

The message handling should fail if:

  • provided Authorization is not implemented.
  • grantee doesn't have permission to run the transaction.
  • if granted authorization is expired.
Found an Issue?
Help us improve this page by suggesting edits on GitHub.
Questions?
Chat with Cosmos developers in Discord or reach out on the SDK Developer Forum to learn more.
cosmos.network
The development of the Cosmos SDK is led primarily by Interchain Core Teams. Funding for this development comes primarily from the Interchain Foundation, a Swiss non-profit.