Are you an LLM? Read llms.txt for a summary of the docs, or llms-full.txt for the full context.
Manage Access – Makechain
Skip to content

Manage Access

Add collaborators to a project, assign permission levels, and manage the access control list. Collaborators are a 2P set — add and remove pairs with remove-wins semantics.

Demo

Add a collaboratordemo
Look up the collaborator's account
GetAccount response
{
  "mid": 87,
  "username": "bob",
  "key_count": 2,
  "verification_count": 1,
  "storage_units": 1
}
Submit COLLABORATOR_ADD
COLLABORATOR_ADD message
{
  "type": "COLLABORATOR_ADD",
  "mid": 42,
  "timestamp": 1740000500,
  "body": {
    "project_id": "a1b2c3d4e5f6...",
    "collaborator_mid": 87,
    "permission": "WRITE"
  }
}
SIGNING scope verifiedSigner is admin
State updated
Message submittedT+0ms
Included in block #1,845 (parallel phase)T+201ms
FinalizedT+291ms
Collaboratorbob (MID 87) — WRITE
Collaborators2 / 50
Project: my-first-repoSemantics: 2P Set (remove-wins)

Permission levels

Permission hierarchydemo
OWNER
Full control — transfer, archive, delete, manage all collaborators
ADMIN
Manage collaborators, update project metadata, all write operations
WRITE
Push commits, update refs, create branches and tags
READ
View project state, refs, and commits (relevant for private projects)

Update permissions

Change a collaborator's permissiondemo
Submit COLLABORATOR_ADD with new permission
COLLABORATOR_ADD (permission update)
{
  "type": "COLLABORATOR_ADD",
  "mid": 42,
  "timestamp": 1740000600,
  "body": {
    "project_id": "a1b2c3d4e5f6...",
    "collaborator_mid": 87,
    "permission": "ADMIN"
  }
}

Updating an existing collaborator's permission reuses COLLABORATOR_ADD. The count does not change — only new collaborators increment the count.

Permission updated
bob (MID 87)WRITE → ADMIN

Remove a collaborator

Revoke accessdemo
Submit COLLABORATOR_REMOVE
COLLABORATOR_REMOVE message
{
  "type": "COLLABORATOR_REMOVE",
  "mid": 42,
  "timestamp": 1740000700,
  "body": {
    "project_id": "a1b2c3d4e5f6...",
    "collaborator_mid": 87
  }
}
Collaborator removed — count decremented

How access control works

  • COLLABORATOR_ADD requires the signer to have SIGNING scope and at least ADMIN permission on the project
  • COLLABORATOR_REMOVE has the same requirements
  • The collaborator set is a 2P set — on a timestamp tie between add and remove for the same collaborator, remove wins
  • Permission updates (re-adding with a different level) do not change the collaborator count
  • Each project supports up to 50 collaborators per storage unit