About CFA ACL Feature

Summary

The Access Control List (ACL) feature allows any account (EOA or contract) to grant/revoke flow operation permissions to another address. You do this by first granting a set of permissions (create, update, delete) as well as a flow rate allowance. The flow rate allowance allotted to a flow operator is deducted every time they either create a flow (deducted by the flow rate amount) or update a flow which is greater than the current flow rate (deducted by the delta between the new flow rate and old flow rate).*

*Note: If you set a flow rate allowance equal to the maximum flow rate then this value is never deducted.

Ethereum Contracts

See here to see the smart contract function signatures for granting/revoking permissions as well as changing (create/update/delete) a flow as a flow operator.

• L73-162 for granting/revoking/getting permissions
• [flowOperation]ByOperator for [create/update/delete]FlowByOperator

SDK-Core

See here to see how to use this new feature via the SDK-core.

Subgraph

The Subgraph schema has been updated with new entities and additions to existing entities. The new entities are:

• FlowOperatorUpdatedEvent which is triggered whenever someone grants/revokes permissions to a flow operator.
• FlowOperator which is a higher order entity which tracks a flow operator for a specific accountTokenSnapshot belonging to the sender of the flow (permission granter).

The updated entities are:

• FlowUpdatedEvent - there is a new flowOperator property which will be the zero address until the new contract code is deployed. The flowOperator is whoever triggered the flow change.
• AccountTokenSnapshot - there is a new flowOperators property which carries all the flow operators for that account and token.

See here for a fuller picture of the properties that exist on these new entities as well as the updated entities.