Difference between revisions of "Principal"
(Trivial reorder sections.) |
Jens Groth (talk | contribs) m (Added explanation how different types of principals are created.) |
||
| Line 1: | Line 1: | ||
| − | A '''principal''' is | + | A '''principal''' is an identifier for an entity on the IC such as a user, a canister smart contract, or a subnet. |
| − | == Types == | + | == Types of principals == |
There are several types of principals. | There are several types of principals. | ||
| − | === Management === | + | === Management principal === |
The management principal is used to reference the management canister. | The management principal is used to reference the management canister. | ||
| − | === Opaque === | + | === Opaque principal === |
| − | An opaque principal is used to reference any canister that is not the management canister. | + | An opaque principal is chosen by the system. This kind of principal is used to reference any canister that is not the management canister. |
| − | === Self-Authenticating === | + | === Self-Authenticating principal === |
| − | A self-authenticating principal is used to reference a subnet or user. | + | A self-authenticating principal is a hash of a public signature key. This kind of principal is for instance used to reference a subnet or user. |
| − | === Anonymous === | + | === Derived principal === |
| + | The principal is derived from a registering principal. This type of principal is currently not used. | ||
| + | |||
| + | === Anonymous principal === | ||
The anonymous principal is used to reference an anonymous user. | The anonymous principal is used to reference an anonymous user. | ||
Revision as of 08:44, 17 December 2021
A principal is an identifier for an entity on the IC such as a user, a canister smart contract, or a subnet.
Types of principals
There are several types of principals.
Management principal
The management principal is used to reference the management canister.
Opaque principal
An opaque principal is chosen by the system. This kind of principal is used to reference any canister that is not the management canister.
Self-Authenticating principal
A self-authenticating principal is a hash of a public signature key. This kind of principal is for instance used to reference a subnet or user.
Derived principal
The principal is derived from a registering principal. This type of principal is currently not used.
Anonymous principal
The anonymous principal is used to reference an anonymous user.
Representation
Binary
A principal consists of a variable-length byte array. The last byte is used to indicate the type. The table below gives the type inferred from the last byte.
| Byte | Type |
| none | Management |
0x01
|
Opaque |
0x02
|
Self-Authenticating |
0x03
|
Derived |
0x04
|
Anonymous |
0x05
|
Unassigned |
Textual
A principal is shown in textual format by prepending it with its CRC-32 value in big-endian byte order, applying Base32 encoding without padding, grouping characters by length five, and separating them by a hyphen. The table below gives some common principals.
| Principal | Description |
|---|---|
aaaaa-aa
|
management canister |
rrkah-fqaaa-aaaaa-aaaaq-cai
|
governance canister |
ryjl3-tyaaa-aaaaa-aaaba-cai
|
ledger canister |
tdb26-jop6k-aogll-7ltgs-eruif-6kk7m-qpktf-gdiqx-mxtrf-vb5e6-eqe
|
network nervous system |
2vxsx-fae
|
anonymous user |