Blockchain-Based Multirole Authentication and Authorization in Smart Contracts with a Hierarchical Factory Pattern

The recent spread of smart contracts in several application domains presents challenges in scalability, efficiency, management, and security. In this regard, some design patterns have been proposed to factorize common parts, prevent replicated deployment by promoting reusability, and apply some role-based access control (RBAC) techniques during smart contract execution. In particular, the factory pattern has been widely recognized as a common practice to solve the scalability issue, reducing also the increased gas costs related to both smart contract deployment and its subsequent use. However, in real-world applications, the factory pattern can be considered too limited since it only allows the instantiation of a single type or family of contracts. On the other side, no solutions have been proposed that tightly integrate a factory pattern with RBAC functionalities. In this paper, we propose an extension of the factory pattern, called the hierarchical factory pattern, which integrates a multirole authentication and authorization mechanism tailored explicitly to this pattern since it allows a secure, efficient, and role-specific interaction between the various layers of the hierarchy. The paper ends with some considerations about performance and scalability.