The blockchain’s community is very active in July!

Before there is the game of “Gambling” in Ethereum; after, there is the game in “Gambling” from EOS. The honored of the top two honest in the “Gambling”, attracted a large amount of the users to participant in the short time since it is established, and the details of the story afterward should be very clear and no doubt for the experienced users in the blockchain community:

The game of the Ethereum just faced its ending after the huge reward is won by a very lucky player; After a week since the game of EOS is operated, the accounts are attacked with more than 70 thousand grapefruits are gone without any expectations, which is the access in the account was transferred malicious. In the end, with the help of EMAC hard-work , the EOS in the rewarded pool is kept temporary and stayed frozen in the reward pool through the emergency account frozen order, which is established oﬃcially from the EMAC Chinese associated arbitrators.

At the very beginning of the blockchain technology starts, the users whom participants in the system constructing, the developers and other people provide very high activation emotionally. These explorations of these two games also lead many professional people into deep thinking, especially the technological people: blockchain technology is in the period of fast developed and changed every time. If the blockchain technology is only used for consuming the demand for entertainment only, it seems like that the technology is over-skilled.

From another aspect, the game, which with the feature of gambling, is the large challenge of the blockchain system constructing to provide the valuable experience for the developers.

Does it the fault of programers?

The game of EOS needs users to transfer to active of EOS’s account to the speciﬁed account in the game. This is also the main bug of this game. This setting exposes the active permission of the user’s account in public. This is the not the worst part. The oﬃcial organization of the game doesn’t do any associated protection or plan B for this circumstance.

All of that, participated in EOS’s game needs to provide diﬀerent accessed permission for diﬀerent characters within the same contract. Around the primary problem of the EOS’s game, the technology of the Celes provided three “security strategy” after the games of EOS establish again.

01

Using Active/owner Permission

This proposal is now using in the regulated approach for all the present contract. For the account permission of the active and owner, if there is no other special permission checking within the contract, all the approaches inside the contract will default in supporting the access, and any value can be input into the account_name.

This is the default behaviour of the EOS, there is no need for any other specialization within the contract.

02

Using the authorization to provide the permission of the custom permit to access the game contract

This proposal suggestion combines the user permission’s approach because this approach is safer than the approach we have before. It is not necessary for the users to transfer their own active account’s permission to the game’s company.

The custom permission of the EOS permission defaults that the intelligent contract cannot access. If the custom permission access is needed in the intelligent contract, it needs the active permission from the setting of the account.

1)Adding the custom permission for the account by hello.world

2) Setting up the transferred access to hello contract with the approach of hi.

Within the contract, it is not necessary for any special edition, if there is the authorization of account_name to the access is needed, we need to transfer the require_auth inside the contract to check.

3) User’s usage

When users transfer the account_name by the approach of “Hi”, it must conﬁrm the ﬁt information with the permission information with the people who access, nor it isn’t able to access. For example:

Because the transferred index and the account of test2 don’t ﬁt, it causes the failure of the access.

After the transfer index ﬁts the account of test2, it causes the success in accessing.

03

EOS Intelligent Contract’s “special permission”

As what we mentioned above, the account’s active and owner’s permissions default to access any contract’s approach. Therefore, if you want to prohibit these two permissions to access any approach in the contract, you can use the strategy below.

If you need any permitted development in the selected contract, you need to transfer the approach of require_auth2 to check within the contract.

The approach of hi can be accessed by the hello.world’s permission (Above has deﬁned hello.world’s permission). The other permissions maybe not able to access include the owner and active’s permission. For example:

This one is very excellent.

For the game of EOS, except the original setting of the owner and active permissions for the account, it needs to set the third party permission for the supervised permission. We call it supervised permission at the temporal. The public key token of the supervised permission would be saved in the account in the hands, but the private ket permission would behold in the authorized third party.

This way doesn’t need to oﬀer the account’s security to the game’s company. And the whole game would launch the third part supervision to protect the beneﬁt of the game’s company and the participants.

Other than games, there are more usages

Blockchain’s game oﬀered so many referenced experience for the landing of the blockchain application in the other ﬁelds.

From the aspect of the ﬁnancial industry, the strong transaction of the currency with its own specialization causes the primary work for the ﬁnancial ﬁeld is the supervision.

In general, the popularity of the blockchain application in the ﬁnancial industry is very high.

According to the third proposal of “security strategy” above, applying the supervision into the ﬁnancial ﬁeld is better than others.

As the example of the Celes OS, for all the characters of the ﬁnancial’s work join, using the fundamental of the EOS’s owner and active’s permission to increase the supervised permission.

According to the contract rule, the supervised institution controlled the correlated supervised permission’s private key for all the ﬁnancial institutions. And when users of Celes OS operate the access, they may need the supervision launched system for their ﬁnancial operation after the application of request is sent for the supervised institution. As soon as the supervised institution received the application to check the regulated circumstance, they will choose if the associated permission would be given.