authz
The authz module is responsible for the authorization for accounts to perform actions on behalf of other accounts and enables a granter to grant authorizations to a grantee that allows the grantee to execute messages on behalf of the granter. Authorizations must be granted for a particular Msg service method one by one using an implementation of the Authorization interface.
For more information, visit https://docs.cosmos.network/main/modules/authz/
Message Types
Msg defines the authz Msg service.
// Grant grants the provided authorization to the grantee on the granter's
// account with the provided expiration time. If there is already a grant
// for the given (granter, grantee, Authorization) triple, then the grant
rpc Grant(MsgGrant) returns (MsgGrantResponse);
// Exec attempts to execute the provided messages using
// authorizations granted to the grantee. Each message should have only
// one signer corresponding to the granter of the authorization.
rpc Exec(MsgExec) returns (MsgExecResponse);
// Revoke revokes any authorization corresponding to the provided method name on the
// granter's account that has been granted to the grantee.
rpc Revoke(MsgRevoke) returns (MsgRevokeResponse);
MsgGrant
MsgGrant is a request type for Grant method. It declares authorization to the grantee on behalf of the granter with the provided expiration time.
option (cosmos.msg.v1.signer) = "granter";
string granter = 1 [(cosmos_proto.scalar) = "cosmos.AddressString"];
string grantee = 2 [(cosmos_proto.scalar) = "cosmos.AddressString"];
cosmos.authz.v1beta1.Grant grant = 3 [(gogoproto.nullable) = false];
MsgGrantResponse
MsgGrantResponse defines the Msg/MsgGrant response type.
message MsgGrantResponse {}
MsgExec
MsgExec attempts to execute the provided messages using authorizations granted to the grantee. Each message should have only one signer corresponding to the granter of the authorization.
option (cosmos.msg.v1.signer) = "grantee";
string grantee = 1 [(cosmos_proto.scalar) = "cosmos.AddressString"];
// Authorization Msg requests to execute. Each msg must implement Authorization interface
// The x/authz will try to find a grant matching (msg.signers[0], grantee, MsgTypeURL(msg))
// triple and validate it.
repeated google.protobuf.Any msgs = 2 [(cosmos_proto.accepts_interface) = "sdk.Msg, authz.Authorization"];
MsgExecResponse
MsgExecResponse defines the Msg/MsgExecResponse response type.
message MsgExecResponse {
repeated bytes results = 1;
MsgRevoke
MsgRevoke revokes any authorization with the provided sdk.Msg type on the granter's account with that has been granted to the grantee.
option (cosmos.msg.v1.signer) = "granter";
string granter = 1 [(cosmos_proto.scalar) = "cosmos.AddressString"];
string grantee = 2 [(cosmos_proto.scalar) = "cosmos.AddressString"];
MsgRevokeResponse
MsgRevokeResponse defines the Msg/MsgRevokeResponse response type.
message MsgRevokeResponse {}
Queries
Query defines the gRPC querier service.
// Returns list of `Authorization`, granted to the grantee by the granter.
rpc Grants(QueryGrantsRequest) returns (QueryGrantsResponse) {
option (google.api.http).get = "/cosmos/authz/v1beta1/grants";
// GranterGrants returns list of `GrantAuthorization`, granted by granter.
// Since: cosmos-sdk 0.46
rpc GranterGrants(QueryGranterGrantsRequest) returns (QueryGranterGrantsResponse) {
option (google.api.http).get = "/cosmos/authz/v1beta1/grants/granter/{granter}";
// GranteeGrants returns a list of `GrantAuthorization` by grantee.
// Since: cosmos-sdk 0.46
rpc GranteeGrants(QueryGranteeGrantsRequest) returns (QueryGranteeGrantsResponse) {
option (google.api.http).get = "/cosmos/authz/v1beta1/grants/grantee/{grantee}";
QueryGrantsRequest
QueryGrantsRequest is the request type for the Query/Grants RPC method.
message QueryGrantsRequest {
string granter = 1 [(cosmos_proto.scalar) = "cosmos.AddressString"];
string grantee = 2 [(cosmos_proto.scalar) = "cosmos.AddressString"];
// Optional, msg_type_url, when set, will query only grants matching given msg type.
// pagination defines an pagination for the request.
cosmos.base.query.v1beta1.PageRequest pagination = 4;
QueryGrantsResponse
QueryGrantsResponse is the response type for the Query/Authorizations RPC method.
message QueryGrantsResponse {
// authorizations is a list of grants granted for grantee by granter.
repeated Grant grants = 1;
// pagination defines an pagination for the response.
cosmos.base.query.v1beta1.PageResponse pagination = 2;
QueryGranterGrantsRequest
QueryGranterGrantsRequest is the request type for the Query/GranterGrants RPC method.
message QueryGranterGrantsRequest {
string granter = 1 [(cosmos_proto.scalar) = "cosmos.AddressString"];
// pagination defines an pagination for the request.
cosmos.base.query.v1beta1.PageRequest pagination = 2;
QueryGranterGrantsResponse
QueryGranterGrantsResponse is the response type for the Query/GranterGrants RPC method.
message QueryGranterGrantsResponse {
// grants is a list of grants granted by the granter.
repeated GrantAuthorization grants = 1;
// pagination defines an pagination for the response.
cosmos.base.query.v1beta1.PageResponse pagination = 2;
QueryGranteeGrantsRequest
QueryGranteeGrantsRequest is the request type for the Query/IssuedGrants RPC method.
message QueryGranteeGrantsRequest {
string grantee = 1 [(cosmos_proto.scalar) = "cosmos.AddressString"];
// pagination defines an pagination for the request.
cosmos.base.query.v1beta1.PageRequest pagination = 2;
QueryGranteeGrantsResponse
QueryGranteeGrantsResponse is the response type for the Query/GranteeGrants RPC method.
message QueryGranteeGrantsResponse {
// grants is a list of grants granted to the grantee.
repeated GrantAuthorization grants = 1;
// pagination defines an pagination for the response.
cosmos.base.query.v1beta1.PageResponse pagination = 2;
