Permissioning plugin
You can define complex permissioning solutions by building a plugin that extends Besu functionality.
The plugin API provides a PermissioningService
interface that currently supports connection (node) permissioning, transaction permissioning and message permissioning.
Connection (node) permissioning
Use connection permissioning when deciding whether to restrict node access to known participants only.
Transaction permissioning
Use transaction permissioning when deciding whether to restrict transaction processing based on transaction properties.
Message permissioning
Use message permissioning to propagate different types of devP2P messages to particular nodes. For example, this can be used to prevent pending transactions from being forwarded to other nodes.
Register your plugin
To enable permissioning in your plugin, implement the PermissioningService
interface and register your providers.
@AutoService(BesuPlugin.class)
public class TestPermissioningPlugin implements BesuPlugin {
PermissioningService service;
@Override
public void register(final BesuContext context) {
service = context.getService(PermissioningService.class).get();
}
@Override
public void start() {
service.registerNodePermissioningProvider((sourceEnode, destinationEnode) -> {
// perform logic for node permissioning
return true;
});
service.registerNodeMessagePermissioningProvider((destinationEnode, code) -> {
// perform logic for message permissioning
return true;
});
}
@Override
public void stop() {}
}