EIP-1592 Like White List using Plutus

I’m trying to find a way to implement a “White List” of sorts in Plutus.

Something similar to what ETH EIP-1592 does where an account needs to be white listed in order to interact with the contract.

I can clearly see how I could implement a hard coded list of addresses in the contract itself, but if I wanted to have the contract check again a white list which is stored on chain. How would I go about that. Is there a Key Value store or some kind on chain that I could use for this?

I guess there could be some NFT + Datum that holds the list. Only an authorized PubKeyHash can spend the NFT & modify the list. To access some other locked value, the NFT must be included in the Tx, but must not have its Datum altered.

1 Like

Interesting. Ya I could see that working. Well I guess until that list gets very long … you then end up in a situation where to add a single item to the Datum you need to update then entire blob. Also not sure what the size limit on that would be and how slow that index lookup is going to be.

I guess, there are a number of issues with this.

  • As soon as you create a “singleton” on chain the maximum throughput is limited by the block rate 1 Tx / 20 sec. This isn’t special for this use case - it is true for any UTxO (locked by a script) that several clients might compete on concurrently.
  • As soon as you put data on-chain, you are limited by the max Tx size and max block size.
  • When you store that data off-chain, you need to think about decentralization + security. You could for example put that data into IPFS and authorize access to it.

These are general concerns that arise when you want to bring larger (mutable) datasets together with guarantees provided by a blockchain.

All very good points. It seems like quite an interesting limitation that I’ll really need to get my head around. I quite like the eUTXO model but I must admit that I am finding it quite difficult to adjust my thinking away from my learning on chains like EOS and ETH.

I’m not all that familiar with IPFS - when you say “authorize access to it”, could you elaborate a little on this or point me at something that would educate me a little more on what you mean there please?

IIRC, IPFS documents can be read by anybody but only written by the owner. You may want to consult the IPFS docs for details on that.

How about you have an access Token + Datum for each PubKeyHash that you allow. Revoking access would be achieved by spending the token.

Addresses are derivatives that use an incremental offset. One user wallet can have many addresses. That would limit users and potentially “white list” compromised wallets. Consider a two-phase initialization where token confers access?

  • Issue a token to interacting wallet for access to smart contract. Could be minAda or “at cost” …
  • Smart contract then simply requires the vested token as input.

In this way “white-listed” users are merely owners of the token. This allows identity, transfers, etc without extra effort on your part. If you need to check outputs are also a “member” then simple cardano-db-sync query looking for your policy id and asset name would be one option.