1. Xcavate Whitelist Pallet

This pallet has been developed as a temporary measure to control who is able to call protocol functions. Once DID and verifiable credentials are fully implemented then this pallet will be removed.

  • It defines a Substrate pallet that manages a whitelist of accounts.

  • The pallet allows only authorized origins (like root or admin) to add or remove accounts from the whitelist.

  • It stores the whitelist in on-chain storage for persistent access.

  • It provides extrinsics (public functions) for managing the whitelist.

  • The pallet ensures that only whitelisted accounts can be validated for certain operations in the runtime.

Who can call it?

  • Must be a signed account.

  • Must be in AdminAccounts.

What is does?

  • Allows an admin to change the AccessPermission of a given user’s role.

  • Example use case: upgrade/downgrade a user’s role permission without removing/reassigning the role.

  • Prevents unnecessary writes if the permission is already the same.

  • Emits PermissionUpdated { user, role, permission }.

Pallet Function
Call Index
Who Can Call
Parameters
Description

add_admin

0

Root (Sudo/Governance)

admin: AccountId

Add an admin

remove_admin

1

Root (Sudo/Governance)

admin: AccountId

Remove an admin

assign_role

2

Admin account

user: AccountId, role: Role

Assign a role to a user

remove_role

3

Admin account

user: AccountId, role: Role

Remove a role from a user

set_permission

4

Admin account

user: AccountId, role: Role, permission: AccessPermission

Update role permission

For testing:

Polkadot.js Apps navigation refresher:

  • Developer → Extrinsics = where you actually submit transactions (signed or sudo).

  • Developer → Chain State = where you query storage (e.g., list admins, check assigned roles, permissions).

These means:

  • Anything with pub fn ... and #[pallet::call_index(...)] → goes to Developer → Extrinsics.

  • Anything stored in StorageMap (like AdminAccounts, AccountRoles) → you will check it in Developer → Chain State.

Pallet Function table with Polkadot.js guidance:

Pallet Function
Call Index
Who Can Call
Parameters
Description
Polkadot.js Path

add_admin

0

Root (Sudo/Governance)

admin: AccountId

Add a new admin to AdminAccounts

Developer → Extrinsics → sudo → sudoUncheckedWeight → (WhitelistPallet.add_admin)

remove_admin

1

Root (Sudo/Governance)

admin: AccountId

Remove an existing admin from AdminAccounts

Developer → Extrinsics → sudo → sudoUncheckedWeight → (WhitelistPallet.remove_admin)

assign_role

2

Admin account

user: AccountId, role: Role

Assign a role to a user with default permission

Developer → Extrinsics → WhitelistPallet → assign_role

remove_role

3

Admin account

user: AccountId, role: Role

Remove a role from a user

Developer → Extrinsics → WhitelistPallet → remove_role

set_permission

4

Admin account

user: AccountId, role: Role, permission: AccessPermission

Update the access permission for a user’s role

Developer → Extrinsics → WhitelistPallet → set_permission

Storage Queries (Chain State):

To verify or explore data from the above extrinsics, you will use:

Storage Item
Key(s)
Description
Polkadot.js Path

AdminAccounts

AccountId

Check if an account is an admin

Developer → Chain State → WhitelistPallet → adminAccounts(AccountId)

AccountRoles

(AccountId, Role)

Lookup the role + permission for a user

Developer → Chain State → WhitelistPallet → accountRoles(AccountId, Role)

PreviousTestingNext1.1.1 Add Admin

Last updated