versia-pub/docs
2
0
Fork 0
mirror of https://github.com/versia-pub/docs.git synced 2026-03-13 02:49:16 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions

feat: Move Delegation to an extension

Browse source 
Also adds a <Warning> MDX component.
This commit is contained in:
natri0 2025-04-21 17:23:22 +00:00
parent 3117b376c9
commit 72039874ab
5 changed files with 125 additions and 26 deletions
Download patch file Download diff file Expand all files Collapse all files

4
app/changelog/page.mdx
View file

@ -8,6 +8,10 @@ export const metadata = {
This page lists changes since Working Draft 3. {{ className: 'lead' }}
## Since WD 5
- Moved [Delegation](/extensions/delegation) to an extension
## Since WD 4
- Removed URI from [Report](/extensions/reports), and replaced `reason` with `tags`.

78
app/extensions/delegation/page.mdx Normal file
View file

@ -0,0 +1,78 @@
export const metadata = {
title: 'Delegation Extension',
description: 'Lets users perform actions on other accounts\' behalf.'
}
# Delegation Extension
Delegation is used to authorize actions on behalf of another user. {{ className: 'lead '}}
## Vocabulary
- **Delegator**: The user that is delegating actions to another user. (The user that owns the key)
- **Delegate**: The user that is being delegated actions. (The user that the key is pointing to)
## Implementation Details
Any actions or entities created by the **delegate** should be attributed to the **delegator** user in clients transparently to end-users (e.g. showing the **delegator** user's name and avatar). This allows for a form of "consensual impersonation" that is authorized by the **delegators** and **delegates**.
This is useful as a way to centralize all of a user's many "alt accounts" into a single, unified feed.
<Warning>
If an instance encounters an action from a User that has a Delegator listed, but that Delegator does not allow the User to perform actions on their behalf, the actions **MUST** be shown as the User's own.
Also, if a User has a Delegator listed, but that Delegator does not allow the User to perform actions on their behalf, instances **SHOULD** mark the User with a warning about possible impersonation or fraud.
</Warning>
## Extension Definition
<Row>
<Col>
<Properties name="Delegation">
The Delegation extension uses an ID of `pub.versia:delegation`.
If the extension is present, exactly **one** of the fields **MUST** be specified:
<Property name="delegator" type="Reference">
If this user performs actions on behalf on another user, **MUST** have a reference to that user.
</Property>
<Property name="allowed_delegates" type="Reference[]">
If other users perform actions on behalf of this user, **MUST** have a list of references to all such users.
</Property>
</Properties>
</Col>
<Col sticky>
```jsonc {{ title: "Example Delegator" }}
{
// ...
"type": "User",
"id": "73cb1728-75d7-4080-8d28-4adf49bb0a0d",
// ...
"extensions": { // [!code focus:5]
"pub.versia:delegation": {
"delegator": "versia.example.com:bfb6bb39-bb08-4226-91ac-8adebc3da046"
}
}
}
```
```jsonc {{ title: "Example Delegates List" }}
{
// ...
"type": "User",
"id": "bfb6bb39-bb08-4226-91ac-8adebc3da046",
// ...
"extensions": { // [!code focus:7]
"pub.versia:delegation": {
"allowed_delegates": [
"versia.social:73cb1728-75d7-4080-8d28-4adf49bb0a0d"
]
}
}
}
```
</Col>
</Row>

25
app/federation/delegation/page.mdx
View file

@ -1,25 +0,0 @@
export const metadata = {
title: 'Delegation',
description: 'Delegation is used to authorize actions on behalf of another user',
}
# Delegation
Delegation is used to authorize actions on behalf of another user. {{ className: 'lead' }}
## Vocabulary
- **Delegator**: The user that is delegating actions to another user. (The user that owns the key)
- **Delegate**: The user that is being delegated actions. (The user that the key is pointing to)
## The `actor` Field on Public Keys
[Users](/entities/user)'s `public_key` property contains a field called `actor`. This field contains the URI to the **delegator** user, which is used to authorize actions on behalf of the **delegate** user.
This means that the **delegator** user can sign requests with their private key, and any implementations should consider the **delegate** user as equivalent to the **delegator** user.
## Implementation Details
Any actions or entities created by the **delegate** should be attributed to the **delegator** user in clients transparently to end-users (e.g. showing the **delegator** user's name and avatar). This allows for a form of "consensual impersonation" that is authorized by the **delegators** and **delegates**.
This is useful as a way to centralize all of a user's many "alt accounts" into a single, unified feed.