Skip to content

feat(access_registry): Add read request workflow for TDF letter access#77

Open
arkavo-com wants to merge 1 commit intomainfrom
feature/read-request-workflow
Open

feat(access_registry): Add read request workflow for TDF letter access#77
arkavo-com wants to merge 1 commit intomainfrom
feature/read-request-workflow

Conversation

@arkavo-com
Copy link
Copy Markdown
Contributor

@arkavo-com arkavo-com commented Feb 19, 2026

Summary

  • Adds complete submit/approve/deny read request workflow to the access_registry Ink! contract, enabling decentralized access control for ClosureKB TDF letters
  • Introduces multi-admin support (owner auto-added as admin, can add/remove others)
  • Adds per-letter dissem list with expiry and revocation support via on-chain DissemEntry storage

Details

New types: RequestStatus, ReadRequestRecord, DissemEntry

New messages (11):

Message Access Purpose
submit_read_request Anyone Request access (deterministic ID prevents duplicates)
approve_read_request Admin Approve + auto-add dissem entry
deny_read_request Admin Deny a request
get_read_request Anyone Query request by ID
check_letter_entitlement Anyone Verify read access (checks expiry + revocation)
revoke_letter_entitlement Admin Revoke access
add_dissem_entry Admin Manually grant access without a request
get_dissem_entry Anyone Query dissem entry
add_admin / remove_admin Owner Manage admin accounts
is_admin_account Anyone Check admin status

New events: AdminAdded, AdminRemoved, ReadRequestSubmitted, ReadRequestApproved, ReadRequestDenied, DissemEntryRevoked

Test plan

  • 41 unit tests all passing (28 new, 13 existing unchanged)
  • Admin management: add, remove, non-owner rejection
  • Request lifecycle: submit, duplicate rejection, approve, deny, already-processed guard
  • Dissem list: entitlement check, expiry, revocation, manual entry
  • Cross-admin: added admin can approve requests
  • Existing entitlement/session/Merkle proof tests unaffected

🤖 Generated with Claude Code

@arkavo-com @claude
feat(access_registry): Add read request workflow for TDF letter access
406de37 
Add the complete submit/approve/deny read request workflow to the
access_registry contract, enabling decentralized access control for
ClosureKB TDF letters without a backend server.

New types:
- RequestStatus enum (Pending, Approved, Denied)
- ReadRequestRecord struct (letter_id, email_hash, requester, status, timestamps)
- DissemEntry struct (granted_at_block, expires_at_block, is_revoked, granted_by)

New storage:
- admins: Mapping<Address, bool> for multi-admin support
- read_requests: Mapping<[u8;32], ReadRequestRecord>
- dissem_entries: Mapping<[u8;32], DissemEntry> for per-letter access lists

New messages:
- add_admin / remove_admin / is_admin_account - admin management
- submit_read_request - anyone can request access (deterministic ID prevents duplicates)
- approve_read_request - admin approves + auto-adds dissem entry
- deny_read_request - admin denies
- get_read_request - query request by ID
- check_letter_entitlement - verify read access (checks expiry + revocation)
- revoke_letter_entitlement - admin revokes access
- add_dissem_entry - admin manually grants access without a request
- get_dissem_entry - query dissem entry

New events:
- AdminAdded, AdminRemoved
- ReadRequestSubmitted, ReadRequestApproved, ReadRequestDenied
- DissemEntryRevoked

Tests: 28 new tests (41 total), all passing.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@arkavo-com