Intro to on-chain permissions
What is an AppAgent?
AppAgents are entities within the blockchain system capable of handling various tasks such as managing addresses, handling transactions, maintaining subscriptions, and storing important configurations. They can be seen as an entity that represents a game or an organisation on chain.
Read AppAgentsfor a technical deep-dive.
Who controls an AppAgent?
The AppAgent owner is a blockchain address that is granted full control over the AppAgent. As the owner, this address possesses the authority to initiate various actions and operations related to the AppAgent including its management, configuration, and utilization. This control typically includes the ability to modify settings, trigger events such as pausing or destroying the AppAgent, and access any associated resources or assets owned by the AppAgent.
The initial owner of the AppAgent is the address that created the entity. This ownership can be transferred.
Read AppAgent Owner for a technical deep-dive.
What are AppAgent admins?
Admin accounts are special user accounts within an AppAgent with elevated privileges and responsibilities. These are regular addresses (not keyless addresses) used by engineers or apps. Admins can be added and deleted by the owner of an AppAgent. While every AppAgent has a basic permission level, the level of access of each admin can be individually configured.
In a more practical sense, this allows an AppAgent owner to create admin accounts with narrow, targeted responsibilities and separate concerns. You can have one admin that can spend funds from cold storage address and another responsible for dispatching transactions.
Read AppAgent Adminsfor a technical deep-dive and the calls permitted to be called by an admin.
Quick References:
Last updated