This week's Tempo update introduces enhanced access key permissions with TIP-1011, enforces stricter system transaction ordering at the consensus layer, and adds support for TIP20 virtual addresses via precompiles.
> impact
This week, we've rolled out several significant protocol-level updates to the Tempo network. First, we've implemented TIP-1011, which introduces a more granular and powerful permissions system for account access keys. Alongside this, a critical consensus update now enforces that system transactions must be placed at the end of a block, rejecting any blocks that violate this rule. Finally, we've added support for TIP20 virtual addresses, which are now accessible through efficient precompiles, streamlining token interactions.
These changes are driven by our commitment to enhancing the security, stability, and efficiency of the Tempo protocol. The new access key permissions (TIP-1011) were designed to provide developers with the tools to build more secure applications by adhering to the principle of least privilege, allowing dApps to request only the permissions they absolutely need. The consensus rule change for system transactions hardens the protocol against invalid block constructions and ensures more predictable state transitions. Meanwhile, the addition of TIP20 virtual address precompiles directly addresses the need for lower gas costs and improved performance for the most common token operations.
For developers, these updates have immediate implications. The enhanced access key system is a major feature that wallet and dApp developers should integrate to improve user security and offer more flexible sign-in options. The consensus change is a potential breaking change; developers and node operators must ensure their transaction batching and block production logic now correctly places system transactions to avoid rejections. Lastly, developers working with TIP20 tokens can now leverage the new precompiles to build more efficient and cost-effective applications, enhancing the overall user experience on Tempo.
> Try this now
try this
# Create a limited-permission access key with TIP-1011
# This walkthrough demonstrates how to create a new access key that can only call a specific function on a specific contract with a limited allowance.
# 1. Import necessary libraries from the Tempo SDK
from tempo_sdk.account import Account
from tempo_sdk.key import KeyPair
from tempo_sdk.transactions import add_key, function_call_permission
# 2. Configure connection and existing account
# Assumes you have a full-access key in your environment
account = Account(account_id="your-account.tempo")
# 3. Generate a new key pair for the limited access key
new_key_pair = KeyPair.from_random('ed25519')
new_public_key = new_key_pair.public_key
# 4. Define the granular permissions for the new key
# We'll allow this key to call the `transfer` method on a TIP20 contract
# with a total allowance of 1000 yoctoTempo (1e-21 TPO)
permissions = function_call_permission(
receiver_id="token.your-dapp.tempo",
method_names=["transfer"],
allowance="1000000000000000000000"
)
# 5. Create and sign the transaction to add the new key
result = account.sign_and_send_transaction(
receiver_id="your-account.tempo",
actions=[
add_key(new_public_key, permissions)
]
)
# 6. Log the result
print(f"Transaction sent: {result['transaction_outcome']['id']}")
print(f"Successfully added a limited access key: {new_public_key}")
# Now, this new key can be used in a browser wallet or app backend
# to sign 'transfer' transactions on the 'token.your-dapp.tempo' contract
# without exposing the account's full-access keys.