Using Smart Subscriptions to protect Smart Contract access
Smart Subscriptions
4 min readHow Web3 developers can tokengate functionalities of their Smart Contracts
Image courtesy of Dimi DeJonghe
This blog post will show how Smart Contract builders can use Nevermined’s Smart Subscriptions to create exclusive, tokengated functionalities. The usage of these subscriptions can bring benefits to the publishers because they can keep more control over their permissions and advanced features.
For context, in previous posts (“Bringing online subscriptions into Web3 with NFTs” and “NFTs are dead. Long live NFTs!”), we introduced some of the concepts and building blocks we are using here.
Why is this useful?
Access control is one of the core building blocks that Smart Contract developers use to build their applications. In blockchain development, it’s crucial to strictly control what users can do and under which conditions.
When playing in an ecosystem where decentralization is key, Web3 developers must prioritize building of solutions that don’t lock their users into their platforms. We like to say that, in Web3, everything is an asset, therefore so are the permissions and rights of users that interact with a smart contract. Permissions and rights are assets that these users own and have associated with their identity (i.e because I did 10 transactions, I can claim this airdrop). Understanding this, Web3 developers should consider implementing solutions that allow their users to fully control their permissions as yet another asset they own.
With Smart Subscriptions, developers can add users as subscribers, giving them the option of managing their access as a liquid asset they own and use as they please.
Smart Subscriptions are Nevermined’s proprietary tool that reinvents outdated subscriptions by combining usage rules with smart contracts and they come with multiple benefits for both developers or Publishers and their users:
- Permissions become a liquid asset. They can be traded and transferred like any other asset. For example, if your account is whitelisted for an airdrop or token sale, you can now fully transfer this right to someone else.
- Permissions become something simpler. They are not just black magic in a Smart Contract. They can represent a role in an application and pack different permissions that are easily understood by all users.
- Smart Contract developers can offer a better and simpler experience to their users, and at the same time facilitate the creation of advanced features via application permissions (secondary markets, royalties, etc.)
How does it work?
Let’s unpack this for 2 different personas, the Publishers of the subscription and the Users:
The Publishers (the Smart Contract developer) just need to use Nevermined App. to create a new Smart Subscription plan, as shown in the How to create a Smart Subscription Tutorial.
The Smart Subscription needs to be registered in the same network where your Smart Contracts are gonna be deployed. Currently, Nevermined is deployed on multiple blockchain networks, like Polygon, Gnosis, Arbitrum.
The Nevermined Smart Subscriptions are ERC-721, so their integration with any other Smart Contract is quite straightforward. When the subscription is created, this leads to the automatic creation of a NFT Smart Contract. The Publisher just needs to copy the address of the resulting NFT Smart Contract, deployed and owned by them, and integrate in their Smart Contract code.
In the next example, we are going to integrate the Smart Subscription in an ERC-20 Token that can be AirDropped to subscribers. That means that any of the Smart Subscription’s subscribers can claim the AirDrop. The ERC-20 will be able to control that via the integration with the Smart Subscription.
First, in your Solidity code (i.e. in the AirDrop contract) you need to connect with the Smart Subscription contract. Because the Smart Subscription contract is an ERC721, you can use the standard ERC721 interfaces to interact with it.
IERC721 subscriptionNFT = IERC721(subscriptionNFTAddress);
Now we will protect the claim method. This method is used to claim an AirDrop in the ERC20 token contract. We want to protect this method so only subscribers of our NFT can call it. Let’s create a modifier to check if the caller is a subscriber.
modifier onlySubscribers(address _address) {
require(
subscriptionNFT.balanceOf(_address) > 0,
‘You are not a subscriber’
);
_;
}
After that, we will use this modifier in the `claim` method:
function claim() public onlySubscribers(msg.sender) {
// …
}
You can see all the contract code and a complete test validating the integration in our Tutorials repository.
So what does the end user do?
When the Publisher publishes the new Subscription, they just need to share the link with their potential users. Users just have to click the link to purchase the subscription that will be associated with their user account.
Once the User owns the subscription, the User can interact with the ERC-20 Smart Contract. Using the same account holding the NFT, will give the User the option to call the contract methods that are protected, like the “claim” AirDrop method.
Want to know more?
If you want to know more about Nevermined, go to our website or explore our Documentation.
And we’d love to hear from you. Got any questions, suggestions or want to chat about your project? Contact us via the website or join our Discord.
Kudos points: if you enjoyed this article, let us know by clapping or sharing it with someone who should read this too.