Tables
World
uses the store tables, but adds access control.
For onchain tables, the data is stored by the World
contract, which is also a StoreData
(opens in a new tab).
When a System
reads or writes storage via table libraries, the request goes into StoreSwitch
(opens in a new tab). This library decides which approach to use:
-
If the
System
is in the root namespace, then it was called withdelegatecall
(opens in a new tab). This means it inherits theWorld
storage and can write directly to storage usingStoreCore
(opens in a new tab). These calls bypass access control. -
If the
System
is in any other namespace, then it was called withcall
(opens in a new tab) and has to call back into theWorld
usingIStore
(opens in a new tab). These calls go through access control. They are only permitted if theSystem
has access to the table in question. By default aSystem
has access to its own namespace and therefore to all the tables inside it. Additional access can be granted by the namespace owner.
-
An account calls a function called
namespace_system_function
via theWorld
. This function was registered by the owner of thenamespace
namespace and points to thefunction
function in thesystem
system in thenamespace
namespace. -
The
World
verifies that access is permitted (for example, becausenamespace:system
is publicly accessible) and if so callsfunction
on thenamespace:system
contract with the provided parameters. -
At some point in its execution
function
decides to update the data in the tablenamespace:table
. As with all other tables, this table is stored in theWorld
's storage. To modify it,function
calls a function on theWorld
contract. -
The
World
verifies that access is permitted (by default it would be, becausenamespace:system
has access to thenamespace
namespace). If so, it modifies the data in thenamespace:table
table.