Cycle

The Scriptorium

Smart Assembly code templates and tools for on-chain development in Eve Frontier.

Tribe-Gated Storage
IntermediateChapter 1 of 510 min read

Architecture Overview

AncientStorage is a tribe-gated shared storage extension for EVE Frontier's Smart Storage Units (SSUs). It allows members of the same tribe to pool resources in a communal inventory, while preventing outsiders from accessing the shared items.

The Three Inventory Types

Every SSU in EVE Frontier has three types of inventory slots:

``

┌─────────────────────────────────────────────────────────────┐

│ Smart Storage Unit │

│ │

│ ┌───────────────────────┐ │

│ │ Main Inventory │ The SSU owner's personal slot. │

│ │ (Owner only) │ Keyed by OwnerCap. │

│ └───────────────────────┘ │

│ │

│ ┌───────────────────────┐ │

│ │ Player Inventories │ One per visiting player. │

│ │ (Per-player) │ Keyed by OwnerCap. │

│ └───────────────────────┘ │

│ │

│ ┌───────────────────────┐ │

│ │ Open Inventory │ Shared/public slot. │

│ │ (Extension-gated) │ Requires extension auth (XAuth) │

│ └───────────────────────┘ │

│ │

└─────────────────────────────────────────────────────────────┘

`
  • Main Inventory: Only the SSU owner can read/write. This is where the owner's personal items sit.
  • Player Inventories: Each player who docks at the SSU gets their own slot. Items dragged from ship to SSU in the game UI land here.
  • Open Inventory: A shared slot that requires an authorized extension to access. This is the communal tribe pool.

How the Extension Bridges Them

The AncientStorage extension moves items between these inventory types:

`

Player drags items Extension calls Extension calls

from ship to SSU withdraw_by_owner() deposit_to_open_inventory()

Ship ──────────► Player Inventory ──────────► Open Inventory

(per-player slot) (shared tribe pool)

share()

Ship ◄──────── Player Inventory ◄──────────── Open Inventory

(per-player slot) (shared tribe pool)

withdraw()

Extension calls Extension calls

deposit_to_owned() withdraw_from_open_inventory()

` Sharing: Items flow from a player's personal slot into the open inventory. The extension uses the player's OwnerCap to withdraw from their slot, then uses the XAuth witness to deposit into the open inventory. Withdrawing: Items flow from the open inventory back to a player's personal slot. The extension uses XAuth to withdraw from the open inventory, then deposits into the player's slot.

Module Structure

The extension consists of two Move modules:

`

contracts/tribe-storage-access/

├── Move.toml

└── sources/

├── config.move # Shared config, AdminCap, XAuth witness

└── tribe_storage.move # Share/withdraw logic, tribe verification

`

config.move

  • Defines ExtensionConfig (shared object for storing rules)
  • Defines AdminCap (owned capability for admin operations)
  • Defines XAuth (witness type for SSU authorization)
  • Provides generic dynamic field helpers (has_rule, borrow_rule, set_rule, etc.)

tribe_storage.move

  • Defines TribeConfigKey and TribeConfig (dynamic field key-value for tribe gating)
  • Implements share(), share_from_main(), and withdraw() entry points
  • Implements verify_tribe() internal validation
  • Provides set_tribe_config() admin function

Data Flow Diagram

`

┌──────────────┐

│ AdminCap │ Owned by deployer

│ (key,store) │

└──────┬───────┘

│ set_tribe_config()

┌──────────────────────────────────────────────┐

│ ExtensionConfig (shared) │

│ │

│ Dynamic Fields: │

│ ┌──────────────┐ ┌────────────────────┐ │

│ │TribeConfigKey│──│TribeConfig{tribe:5}│ │

│ └──────────────┘ └────────────────────┘ │

│ │

└──────────────────────────────────────────────┘

│ │

verify_tribe() verify_tribe()

│ │

┌────▼──────┐ ┌─────▼─────┐

│ share() │ │ withdraw() │

└───────────┘ └────────────┘

`

Authorization Requirements

For the extension to work, three authorizations must be in place:

  • Extension authorization: The SSU owner must call authorize_extension on their SSU.
  • Admin configuration: The AdminCap holder must call set_tribe_config to set the allowed tribe ID.
  • Tribe membership: Each player calling share() or withdraw() must belong to the configured tribe.

    • If any of these is missing, the transaction will abort with an error.

    Key Takeaways

    • AncientStorage uses the SSU's open inventory as a communal tribe pool.
    • Items move from player inventories to the open inventory (share) and back (withdraw).
    • The extension has two modules: config for infrastructure and tribe_storage` for business logic.
    • Three layers of authorization protect the system: extension auth, admin config, and tribe verification.
    • The SSU owner's main inventory and each player's personal slot remain private and unaffected by the extension.

    Sign in to track your progress.