準(zhǔn)備工作

啟動(dòng)nodeos：docker start -i nodeos

啟動(dòng)keosd:? keosd --http-server-address=127.0.0.1:8889

一、創(chuàng)建賬號(hào)

1.為之前創(chuàng)建的default導(dǎo)入密鑰

cleos wallet create_key? ?//使用此命令無(wú)需再次將私鑰導(dǎo)入到錢(qián)包

返回一個(gè)公鑰 EOS5FkwsbhmPygwgMehCyCb7Dq11VCJwm8Ue344GNvBxH9Byfp5c8

可以用下面的命令查看對(duì)應(yīng)公私鑰：

cleos wallet private_keys

password: [[

? ? "EOS5FkwsbhmPygwgMehCyCb7Dq11VCJwm8Ue344GNvBxH9Byfp5c8",

? ? "5KNgUjPzHxjgkGB5pD6dmXw4J6EfjeB4a9wAUQ6QJgx1pUT6JoP"

? ]

]

為eosio賬戶導(dǎo)入密鑰? ?

? cleos wallet import

? 5KQwrPbwdL6PhXujxW37FSSQZ1JiwsST4cqQzDeyXtP79zkvFD3

?private key: imported private key for: EOS6MRyAjQq8ud7hVNYcfnVPJqcVpscN5So8BhtHuGYqET5GDW5CV

2.查看創(chuàng)建賬號(hào)命令的說(shuō)明

cleos create account

輸出結(jié)果：

ERROR: RequiredError: creator

Create an account, buy ram, stake for bandwidth for the account

Usage: cleos create account [OPTIONS] creator name OwnerKey [ActiveKey]

Positionals:

? creator TEXT? ? ? ? ? ? ? ? The name of the account creating the new account (required)

? name TEXT? ? ? ? ? ? ? ? ? The name of the new account (required)

? OwnerKey TEXT? ? ? ? ? ? ? The owner public key for the new account (required)

? ActiveKey TEXT? ? ? ? ? ? ? The active public key for the new account

Options:

? -h,--help? ? ? ? ? ? ? ? ? Print this help message and exit

? -x,--expiration? ? ? ? ? ? set the time in seconds before a transaction expires, defaults to 30s

? -f,--force-unique? ? ? ? ? force the transaction to be unique. this will consume extra bandwidth and remove any protections against accidently issuing the same transaction multiple times

? -s,--skip-sign? ? ? ? ? ? ? Specify if unlocked wallet keys should be used to sign transaction

? -j,--json? ? ? ? ? ? ? ? ? print result as json

? -d,--dont-broadcast? ? ? ? don't broadcast transaction to the network (just print to stdout)

? --return-packed? ? ? ? ? ? used in conjunction with --dont-broadcast to get the packed transaction

? -r,--ref-block TEXT? ? ? ? set the reference block num or block id used for TAPOS (Transaction as Proof-of-Stake)

? -p,--permission TEXT ...? ? An account and permission level to authorize, as in 'account@permission'

? --max-cpu-usage-ms UINT? ? set an upper limit on the milliseconds of cpu usage budget, for the execution of the transaction (defaults to 0 which means no limit)

? --max-net-usage UINT? ? ? ? set an upper limit on the net usage budget, in bytes, for the transaction (defaults to 0 which means no limit)

分析輸出：

在Positionals結(jié)構(gòu)中包含四個(gè)字?jǐn)啵?/p>

creator TEXT（必填）：創(chuàng)建者賬號(hào)的名稱。

name TEXT（必填） ：新賬號(hào)的名稱。

OwnerKey TEXT（必填）：新賬號(hào)的owner權(quán)限的公鑰。

ActiveKey TEXT（可選）：新賬號(hào)的active權(quán)限的公鑰，默認(rèn)與owner權(quán)限的公鑰一致。

在Options結(jié)構(gòu)中有很多可選參數(shù)，介紹一下比較常用的幾個(gè)：

-d：是不廣播到網(wǎng)絡(luò)。

-j：是返回為json格式的數(shù)據(jù)。

-s：是交易數(shù)據(jù)不經(jīng)過(guò)簽名。

-p：是指定簽名的賬號(hào)以及權(quán)限，默認(rèn)是active權(quán)限。

-h：是幫助命令。

3.創(chuàng)建新賬戶xtk

cleos create account eosio xtk EOS5FkwsbhmPygwgMehCyCb7Dq11VCJwm8Ue344GNvBxH9Byfp5c8

成功返回以下結(jié)果

executed transaction: 12b311852f8ea9392cf6bbc29225f417484b38acfa93700787cae2aa114e884e? 200 bytes? 818 us

#? ? ? ? eosio <= eosio::newaccount? ? ? ? ? ? {"creator":"eosio","name":"xtk","owner":{"threshold":1,"keys":[{"key":"EOS5FkwsbhmPygwgMehCyCb7Dq11V...

warning: transaction executed locally, but may not be confirmed by the network yet? ? ? ? ]

二、新增權(quán)限

剛創(chuàng)建好的xtk賬戶有兩個(gè)原生權(quán)限：owner和active,owner擁有很多功能給的操作權(quán)限，如：轉(zhuǎn)賬、投票、購(gòu)買(mǎi)ram等等,

現(xiàn)在將投票權(quán)限任命給一個(gè)自定義權(quán)限voting，那么單單通過(guò)voting權(quán)限所對(duì)應(yīng)的私鑰對(duì)投票操作進(jìn)行簽名就可以完成投票操作

1、先看一下xtk的權(quán)限分配

cleos get account xtk

返回如下結(jié)果：

created: 2018-11-21T10:38:29.500

permissions:

owner? ? 1:? ? 1 EOS5FkwsbhmPygwgMehCyCb7Dq11VCJwm8Ue344GNvBxH9Byfp5c8

active? ? 1:? ? 1 EOS5FkwsbhmPygwgMehCyCb7Dq11VCJwm8Ue344GNvBxH9Byfp5c8

memory:

quota:? ? ? unlimited? used:? ? ? 2.66 KiB?

net bandwidth:

used:? ? ? ? ? ? ? unlimited

available:? ? ? ? ? unlimited

limit:? ? ? ? ? ? ? unlimited

cpu bandwidth:

used:? ? ? ? ? ? ? unlimited

available:? ? ? ? ? unlimited

limit:? ? ? ? ? ? ? unlimited

分析輸出：

owner閥值為1，權(quán)重也為1，active閥值為1，權(quán)重為1，且EOS5FkwsbhmPygwgMehCyCb7Dq11VCJwm8Ue344GNvBxH9Byfp5c8

同時(shí)擁有owner和active兩個(gè)權(quán)限

2、新建一對(duì)公私鑰控制voting權(quán)限

xiaohulu@xiaohulu-virtual-machine:~/eosio-wallet$ cleos create key --to-console

Private key: 5JetsRMzqYgni4NdVzPecjwyV13TDUEspyuuvkFyZJmErcyttWw

Public key: EOS6q2QkyGqPX1ds8vnGva3N4ebSJR2UNiutyffDSaKJwFP13HtjB

3.給賬號(hào)xtk新增voting權(quán)限

由EOS6q2QkyGqPX1ds8vnGva3N4ebSJR2UNiutyffDSaKJwFP13HtjB控制

xiaohulu@xiaohulu-virtual-machine:~/eosio-wallet$ cleos set account permission xtk voting EOS6q2QkyGqPX1ds8vnGva3N4ebSJR2UNiutyffDSaKJwFP13HtjB

返回結(jié)果：

executed transaction: 3c073b48dad78a734f072fd72e92ac0767d9182b36096cfc1095ce10b4bded21? 160 bytes? 509 us

#? ? ? ? eosio <= eosio::updateauth? ? ? ? ? ? {"account":"xtk","permission":"voting","parent":"active","auth":{"threshold":1,"keys":[{"key":"EOS6q...

warning: transaction executed locally, but may not be confirmed by the network yet? .

4.在次查看xtk賬號(hào)的權(quán)限分配

cleos get account xtk

返回結(jié)果：

created: 2018-11-21T10:38:29.500

permissions:

owner? ? 1:? ? 1 EOS5FkwsbhmPygwgMehCyCb7Dq11VCJwm8Ue344GNvBxH9Byfp5c8

active? ? 1:? ? 1 EOS5FkwsbhmPygwgMehCyCb7Dq11VCJwm8Ue344GNvBxH9Byfp5c8

? voting? ? 1:? ? 1 EOS6q2QkyGqPX1ds8vnGva3N4ebSJR2UNiutyffDSaKJwFP13HtjB

memory:

quota:? ? ? unlimited? used:? ? ? 2.99 KiB?

net bandwidth:

used:? ? ? ? ? ? ? unlimited

available:? ? ? ? ? unlimited

limit:? ? ? ? ? ? ? unlimited

cpu bandwidth:

used:? ? ? ? ? ? ? unlimited

available:? ? ? ? ? unlimited

limit:? ? ? ? ? ? ? unlimited

? ? 可知voting權(quán)限已經(jīng)加入，并且由EOS6q2QkyGqPX1ds8vnGva3N4ebSJR2UNiutyffDSaKJwFP13HtjB控制

三、新增權(quán)限控制的主體（由多個(gè)主體控制一個(gè)權(quán)限）

常見(jiàn)的新增權(quán)限控制的主體有兩種：公私鑰對(duì)、賬號(hào)，修改權(quán)限控制的主體，既是讓多個(gè)主體控制一個(gè)權(quán)限，實(shí)現(xiàn)多重簽名，

注意：閥值是主體能夠進(jìn)行該操作的根本，只有當(dāng)主體的權(quán)重大于等于閥值才能擁有該權(quán)限進(jìn)行操作

嚴(yán)格按照上面的json數(shù)據(jù)結(jié)構(gòu)設(shè)置

修改的公鑰、賬號(hào)必須按照從小到大進(jìn)行排序

所有控制體的權(quán)重的和必須大于等于閥值。

JSON字符創(chuàng)數(shù)據(jù)結(jié)構(gòu)

{

? "threshold":? ? ? <INTEGER [1-2^32): the threshold that must be met to satisfy this authority>,

? "keys": [? ? ? ? <keys must be alpha-numerically sorted by their string representations and unique>

...

{

? "key":? ? ? ? <STRING: EOS.IO compatible Public Key>,

? "weight":? ? <INTEGER [1-2^16): a signature from this key contributes this to satisfying the threshold>

}

...

? ],

? "accounts": [? ? <accounts must be alpha-numerically sorted by their permission (actor, then permission) and unique>

...

{

? "permission": {

"actor":? ? ? <STRING: account name of the delegated signer>,

"permission": <STRING: permission level on the account that must be satisfied>,

? },

? "weight":? ? <INTEGER [1-2^16): satisfying the delegation contributes this to satisfying the threshold>

}

...

? ],

? "waits": [? ? ? ? <waits must be sorted by wait_sec, largest first, and be unique>

...

{

? "wait_sec":? <INTEGER [1-2^32): seconds of delay which qualifies as passing this wait>

? "weight":? ? <INTEGER [1-2^16): satisfying the delay contributes this to satisfying the threshold>

}

...

? ]

}

2、 新增權(quán)限控制的主體：公私鑰對(duì)

xiaohulu@xiaohulu-virtual-machine:~/eosio-wallet$ cleos create key --to-console

Private key: 5J8ZhubxPZmoPkuo3XGtAsvgmtqrpnTCGHGPHES91FfPgdATGM5

Public key: EOS8XX11uRAjWrAbt6V5AA2xLQvz4bNcDdwTdMPjFPA31n2GRfV3x

設(shè)置閥值threshold、keys字段

cleos set account permission xtk active '{"threshold": 1, "keys": [{"key":"EOS5FkwsbhmPygwgMehCyCb7Dq11VCJwm8Ue344GNvBxH9Byfp5c8","weight": 1},{"key":"EOS8XX11uRAjWrAbt6V5AA2xLQvz4bNcDdwTdMPjFPA31n2GRfV3x","weight": 1}]}'

權(quán)限的主體需要按照公鑰進(jìn)行排序

再次執(zhí)行cleos get account xtk 得到以下結(jié)果

xiaohulu@xiaohulu-virtual-machine:~/eosio-wallet$ cleos get account xtk

created: 2018-11-21T10:38:29.500

permissions:

owner? ? 1:? ? 1 EOS5FkwsbhmPygwgMehCyCb7Dq11VCJwm8Ue344GNvBxH9Byfp5c8

active? ? 1:? ? 1 EOS5FkwsbhmPygwgMehCyCb7Dq11VCJwm8Ue344GNvBxH9Byfp5c8, 1 EOS8XX11uRAjWrAbt6V5AA2xLQvz4bNcDdwTdMPjFPA31n2GRfV3x

? voting? ? 1:? ? 1 EOS7qnszhS19DtgnPQRPuFmxVNmjzAPD9A3Zh3MSVS6ZN9KLa5Fa9

memory:

quota:? ? ? unlimited? used:? ? 3.039 KiB?

net bandwidth:

used:? ? ? ? ? ? ? unlimited

available:? ? ? ? ? unlimited

limit:? ? ? ? ? ? ? unlimited

cpu bandwidth:

used:? ? ? ? ? ? ? unlimited

available:? ? ? ? ? unlimited

limit:? ? ? ? ? ? ? unlimited

可知，active權(quán)限新增了控制主體，由"EOS8XX11uRAjWrAbt6V5AA2xLQvz4bNcDdwTdMPjFPA31n2GRfV3x"控制，

兩個(gè)active都可以單獨(dú)使用active權(quán)限，后面更改閥值，讓兩個(gè)公鑰合作完成active，達(dá)到多重簽名的目的

四、修改閥值

修改xtk賬號(hào)的active權(quán)限閥值為2，這樣因?yàn)閮蓚€(gè)公鑰的權(quán)限都是1，所以要想使用active權(quán)限，需要兩個(gè)合作

實(shí)現(xiàn)多重簽名的功能

1、先測(cè)試xtk的active權(quán)限的"EOS8XX11uRAjWrAbt6V5AA2xLQvz4bNcDdwTdMPjFPA31n2GRfV3x"是否擁有active功能

cleos create account xtk aaa? "EOS8XX11uRAjWrAbt6V5AA2xLQvz4bNcDdwTdMPjFPA31n2GRfV3x" -p xtk@active

executed transaction: 4a3fa2e1a1f8e4c812369d104c2907f033f4ac0cc0cc5afcc206151c1cc25600? 200 bytes? 578 us

#? ? ? ? eosio <= eosio::newaccount? ? ? ? ? ? {"creator":"xtk","name":"aaa","owner":{"threshold":1,"keys":[{"key":"EOS8XX11uRAjWrAbt6V5AA2xLQvz4bN...

warning: transaction executed locally, but may not be confirmed by the network yet? ? ? ? ]

顯示結(jié)果證明，主體能夠使用active權(quán)限的功能

2、修改xtk賬號(hào)active權(quán)限的閥值為2

cleos set account permission xtk? active '{"threshold":2,"keys":[{"key":"EOS5FkwsbhmPygwgMehCyCb7Dq11VCJwm8Ue344GNvBxH9Byfp5c8","weight":1},{"key":"EOS8XX11uRAjWrAbt6V5AA2xLQvz4bNcDdwTdMPjFPA31n2GRfV3x","weight":1}]}'

設(shè)置完成之后，再次執(zhí)行cleos get account xtk

結(jié)果如下：

xiaohulu@xiaohulu-virtual-machine:~/eosio-wallet$ cleos get account xtk

created: 2018-11-21T10:38:29.500

permissions:

owner? ? 1:? ? 1 EOS5FkwsbhmPygwgMehCyCb7Dq11VCJwm8Ue344GNvBxH9Byfp5c8

active? ? 2:? ? 1 EOS5FkwsbhmPygwgMehCyCb7Dq11VCJwm8Ue344GNvBxH9Byfp5c8, 1 EOS8XX11uRAjWrAbt6V5AA2xLQvz4bNcDdwTdMPjFPA31n2GRfV3x

? voting? ? 1:? ? 1 EOS6q2QkyGqPX1ds8vnGva3N4ebSJR2UNiutyffDSaKJwFP13HtjB

memory:

quota:? ? ? unlimited? used:? ? 3.039 KiB?

net bandwidth:

used:? ? ? ? ? ? ? unlimited

available:? ? ? ? ? unlimited

limit:? ? ? ? ? ? ? unlimited

cpu bandwidth:

used:? ? ? ? ? ? ? unlimited

available:? ? ? ? ? unlimited

limit:? ? ? ? ? ? ? unlimited

可以看到，active的閥值已經(jīng)修改為2

現(xiàn)在，任何主體都不能單獨(dú)使用active權(quán)限的功能

cleos create account xtk t2 EOS8XX11uRAjWrAbt6V5AA2xLQvz4bNcDdwTdMPjFPA31n2GRfV3x -p xtk@active

執(zhí)行結(jié)果：3090003：提供的密鑰、權(quán)限和延遲不滿足該權(quán)限的閥值，請(qǐng)確保錢(qián)包內(nèi)有相關(guān)的私鑰。

Error 3090003: Provided keys, permissions, and delays do not satisfy declared authorizations

Ensure that you have the related private keys inside your wallet and your wallet is unlocked.

使用active權(quán)限的方法：

·兩個(gè)主體加起來(lái)才能使用active 權(quán)限的功能（兩個(gè)主體的權(quán)限加起來(lái)為2）

·使用-p xtk@owner簽名

·修改主體權(quán)重大于等于active權(quán)重的閥值

五、修改權(quán)重

修改EOS5FkwsbhmPygwgMehCyCb7Dq11VCJwm8Ue344GNvBxH9Byfp5c8主體的權(quán)重為2

cleos set account permission xtk active '{"threshold": 2, "keys": [{"key":"EOS5FkwsbhmPygwgMehCyCb7Dq11VCJwm8Ue344GNvBxH9Byfp5c8","weight": 2},{"key":"EOS8XX11uRAjWrAbt6V5AA2xLQvz4bNcDdwTdMPjFPA31n2GRfV3x","weight": 1}]}' -p xtk@owner

執(zhí)行成功：

executed transaction: 4abbcf8722d9b00217aed66ac685cb4b107db2160a344ca6c54e92fcb18975bb? 200 bytes? 347 us

#? ? ? ? eosio <= eosio::updateauth? ? ? ? ? ? {"account":"xtk","permission":"active","parent":"owner","auth":{"threshold":2,"keys":[{"key":"EOS5Fk...

warning: transaction executed locally, but may not be confirmed by the network yet? ? ? ? ]

此時(shí)，active閥值為2，主體權(quán)限EOS5FkwsbhmPygwgMehCyCb7Dq11VCJwm8Ue344GNvBxH9Byfp5c8已經(jīng)修改為2，

"EOS8XX11uRAjWrAbt6V5AA2xLQvz4bNcDdwTdMPjFPA31n2GRfV3x"權(quán)限為1

六、多重簽名

何為多重簽名呢，就是多個(gè)私鑰一起對(duì)交易進(jìn)行簽名

重新修改active的閥值為3

cleos set account permission xtk active '{"threshold": 3, "keys": [{"key":"EOS5FkwsbhmPygwgMehCyCb7Dq11VCJwm8Ue344GNvBxH9Byfp5c8","weight": 2},{"key":"EOS8XX11uRAjWrAbt6V5AA2xLQvz4bNcDdwTdMPjFPA31n2GRfV3x","weight": 1}], "accounts": [{"permission":{"actor":"tester", "permission":"owner"}, "weight":1}]}'

執(zhí)行之后，再次執(zhí)行cleos get account xtk

xiaohulu@xiaohulu-virtual-machine:~/eosio-wallet$ cleos get account xtk

created: 2018-11-21T10:38:29.500

permissions:

owner? ? 1:? ? 1 EOS5FkwsbhmPygwgMehCyCb7Dq11VCJwm8Ue344GNvBxH9Byfp5c8

active? ? 3:? ? 2 EOS5FkwsbhmPygwgMehCyCb7Dq11VCJwm8Ue344GNvBxH9Byfp5c8, 1 EOS8XX11uRAjWrAbt6V5AA2xLQvz4bNcDdwTdMPjFPA31n2GRfV3x, 1 tester@owner

? voting? ? 1:? ? 1 EOS6q2QkyGqPX1ds8vnGva3N4ebSJR2UNiutyffDSaKJwFP13HtjB

memory:

quota:? ? ? unlimited? used:? ? ? 3.07 KiB?

net bandwidth:

used:? ? ? ? ? ? ? unlimited

available:? ? ? ? ? unlimited

limit:? ? ? ? ? ? ? unlimited

cpu bandwidth:

used:? ? ? ? ? ? ? unlimited

available:? ? ? ? ? unlimited

limit:? ? ? ? ? ? ? unlimited

可知對(duì)active權(quán)限已經(jīng)修改為3

現(xiàn)在，EOS5FkwsbhmPygwgMehCyCb7Dq11VCJwm8Ue344GNvBxH9Byfp5c8與

EOS8XX11uRAjWrAbt6V5AA2xLQvz4bNcDdwTdMPjFPA31n2GRfV3x單獨(dú)任意一個(gè)都不能時(shí)限active權(quán)限

只有將EOS8XX11uRAjWrAbt6V5AA2xLQvz4bNcDdwTdMPjFPA31n2GRfV3x私鑰導(dǎo)入default錢(qián)包實(shí)現(xiàn)多重簽名

xiaohulu@xiaohulu-virtual-machine:~/eosio-wallet$ cleos wallet import --private-key 5J8ZhubxPZmoPkuo3XGtAsvgmtqrpnTCGHGPHES91FfPgdATGM5

imported private key for: EOS8XX11uRAjWrAbt6V5AA2xLQvz4bNcDdwTdMPjFPA31n2GRfV3x

xiaohulu@xiaohulu-virtual-machine:~/eosio-wallet$ cleos create account xtk bbb EOS8XX11uRAjWrAbt6V5AA2xLQvz4bNcDdwTdMPjFPA31n2GRfV3x -p xtk@active

executed transaction: f6e93eb8abb9d25e34a4929139902336b614631b3b8de9322f3b189af98ee432? 208 bytes? 273 us

#? ? ? ? eosio <= eosio::newaccount? ? ? ? ? ? {"creator":"xtk","name":"bbb","owner":{"threshold":1,"keys":[{"key":"EOS8XX11uRAjWrAbt6V5AA2xLQvz4bN...

warning: transaction executed locally, but may not be confirmed by the network yet? ? ? ? ]

總結(jié)：?

對(duì)于每一個(gè)權(quán)限都會(huì)有一個(gè)閥值，每一個(gè)公私鑰對(duì)都有一個(gè)權(quán)重，只有達(dá)到閥值得公私鑰對(duì)，才有資格執(zhí)行此權(quán)限。后續(xù)賬戶可以修改權(quán)限的閥值，或者為每個(gè)公私鑰對(duì)分配不同的權(quán)重，以此執(zhí)行權(quán)限。