Transaction manifests
A transaction manifest is a sequence of instructions that defines operations to be executed on the Radix Engine. It serves as a programmatic description of transaction intent, allowing users and developers to interact with the network in a structured way.
These are the key manifest components:
Instructions for resource manipulation (buckets, proofs)
Function and method calls to components/blueprints
Authorization and access-control operations
Network-component interactions
Address-management operations
The manifest processor ensures secure execution through the following:
Requiring explicit intent of the user to manage resources
Resource tracking and isolation
Authorization verification
State-consistency checks
Size and complexity limits
System-wide security considerations
The primary security consideration at this stage is ensuring that the stack frames are appropriately created so that the privileges granted to the transaction processor are not inadvertently leaked to other blueprints. This is trivially achieved due to the explicit nature of the calls, but it is important to take into consideration for any future changes to the system that may introduce new callout mechanisms.
Other considerations include the following:
Proofs must be validated before use.
Operations must verify appropriate authorization.
Access-control rules must be enforced manually if acting on behalf of another component.
Auto moves (
handle_call_return_data) into worktop must be handled carefully (i.e., nodes owned by(NON_)FUNGIBLE_BUCKET_BLUEPRINT).
Preview execution
Preview execution allows testing the manifest without committing to the network. This is useful for development but also for users to understand the effects of their transactions before committing through the help of their wallet software.
The manifest system supports preview execution through flags:
Aliased operations
Some operations that are available in the manifest builder or the AST format do not map to a unique instruction. Instead, they are aliases for a call_function / call_method / call_direct_vault_method operation with a specific set of arguments.
Aliases bring convenience and readability to the manifest and consistency with less boilerplate to the transaction processor, but they may hide the underlying operation from a casual reader. Understanding both the aliases and their underlying instructions can be helpful for debugging and advanced usage.
Resource-management aliases
| Alias | Translates to |
|---|---|
MintFungible | CallFunction { ResourceAddress, "Fungible", "mint" } |
MintNonFungible | CallFunction { ResourceAddress, "NonFungible", "mint" } |
MintRuidNonFungible | CallFunction { ResourceAddress, "NonFungible", "mint_ruid" } |
Here is an example:
Vault operations aliases
| Alias | Translates to |
|---|---|
RecallFromVault | CallDirectVaultMethod { "recall" } |
FreezeVault | CallDirectVaultMethod { "freeze" } |
UnfreezeVault | CallDirectVaultMethod { "unfreeze" } |
RecallNonFungiblesFromVault | CallDirectVaultMethod { "recall_non_fungibles" } |
Here is an example:
Package and component aliases
| Alias | Translates to |
|---|---|
CreateValidator | CallFunction { ConsensusManager, "Validator", "create" } |
PublishPackage | CallFunction { PackagePackage, "Package", "publish" } |
PublishPackageAdvanced | CallFunction { PackagePackage, "Package", "publish_advanced" } |
ClaimPackageRoyalties | CallMethod { method_name: "claim_royalties" } |
Here is an example:
Resource creation aliases
| Alias | Translates to |
|---|---|
CreateFungibleResource | CallFunction { ResourcePackage, "Fungible", "create" } |
CreateFungibleResourceWithInitialSupply | CallFunction { ResourcePackage, "Fungible", "create_with_initial_supply" } |
CreateNonFungibleResource | CallFunction { ResourcePackage, "NonFungible", "create" } |
CreateNonFungibleResourceWithInitialSupply | CallFunction { ResourcePackage, "NonFungible", "create_with_initial_supply" } |
Here is an example:
Core instructions
1. Worktop operations
These instructions manage resources on the transaction worktop — a temporary storage area that tracks resources during transaction execution.
Instruction: TakeFromWorktop
Signature: TakeFromWorktop { resource_address: ResourceAddress, amount: Decimal }
This takes a specific amount of fungible resources from the worktop and creates a new bucket.
Instruction: TakeAllFromWorktop
Signature: TakeAllFromWorktop { resource_address: ResourceAddress }
This takes all available resources of a specified type from the worktop.
Instruction: TakeNonFungiblesFromWorktop
Signature: TakeNonFungiblesFromWorktop { resource_address: ResourceAddress, ids: Vec<NonFungibleLocalId> }
This takes specific NFTs from the worktop by ID.
Instruction: ReturnToWorktop
Signature: ReturnToWorktop { bucket_id: ManifestBucket }
This returns resources from a bucket to the worktop.
Instruction: AssertWorktopContains
Signature: AssertWorktopContains { resource_address: ResourceAddress, amount: Decimal }
This verifies the worktop contains at least a specified amount of resources.
Instruction: AssertWorktopContainsAny
Signature: AssertWorktopContainsAny { resource_address: ResourceAddress }
This verifies the worktop contains any amount of a specified resource.
Instruction: AssertWorktopContainsNonFungibles
Signature: AssertWorktopContainsNonFungibles { resource_address: ResourceAddress, ids: Vec<NonFungibleLocalId> }
This verifies the worktop contains specified NFT IDs.
2. Authorization operations
These instructions manage proofs and access control through the authorization zone.
Instruction: PopFromAuthZone
Signature: PopFromAuthZone
This removes and returns the most recently added proof from the authorization zone.
Instruction: PushToAuthZone
Signature: PushToAuthZone { proof_id: ManifestProof }
This adds a proof to the auth zone.
Instruction: CreateProofFromAuthZoneOfAmount
Signature: CreateProofFromAuthZoneOfAmount { resource_address: ResourceAddress, amount: Decimal }
This creates a proof for a specified fungible amount.
Instruction: CreateProofFromAuthZoneOfNonFungibles
Signature: CreateProofFromAuthZoneOfNonFungibles { resource_address: ResourceAddress, ids: Vec<NonFungibleLocalId> }
This creates a proof for specified NFTs.
Instruction: CreateProofFromAuthZoneOfAll
Signature: CreateProofFromAuthZoneOfAll { resource_address: ResourceAddress }
This creates a proof for all resources of a type.
Instruction: DropAuthZoneProofs
Signature: DropAuthZoneProofs
This removes all proofs from the auth zone.
Instruction: DropAuthZoneRegularProofs
Signature: DropAuthZoneRegularProofs
This removes non-signature proofs.
Instruction: DropAuthZoneSignatureProofs
Signature: DropAuthZoneSignatureProofs
This removes signature proofs.
3. Bucket operations
These instructions manipulate resource buckets directly.
Instruction: CreateProofFromBucketOfAmount
Signature: CreateProofFromBucketOfAmount { bucket_id: ManifestBucket, amount: Decimal }
This creates a proof for specified amount from a bucket.
Instruction: CreateProofFromBucketOfNonFungibles
Signature: CreateProofFromBucketOfNonFungibles { bucket_id: ManifestBucket, ids: Vec<NonFungibleLocalId> }
This creates a proof for specified NFTs from a bucket.
Instruction: CreateProofFromBucketOfAll
Signature: CreateProofFromBucketOfAll { bucket_id: ManifestBucket }
This creates a proof for the entire bucket contents.
Instruction: BurnResource
Signature: BurnResource { bucket_id: ManifestBucket }
This burns resources in a bucket.
4. Proof operations
These instructions manage proof lifecycle including creation, copying, and destruction of proofs.
Instruction: CloneProof
Signature: CloneProof { proof_id: ManifestProof }
This creates a copy of an existing proof.
Instruction: DropProof
Signature: DropProof { proof_id: ManifestProof }
This destroys a specified proof.
5. Method/function calls
Instruction: CallFunction
Signature: CallFunction { package_address: DynamicPackageAddress, blueprint_name: String, function_name: String, args: ManifestValue }
This calls the blueprint function.
Instruction: CallMethod
Signature: CallMethod { address: DynamicGlobalAddress, method_name: String, args: ManifestValue }
This calls a component method.
Instruction: CallRoyaltyMethod
Signature: CallRoyaltyMethod { address: DynamicGlobalAddress, method_name: String, args: ManifestValue }
This calls a royalty-module method.
Instruction: CallMetadataMethod
Signature: CallMetadataMethod { address: DynamicGlobalAddress, method_name: String, args: ManifestValue }
This calls a metadata module method.
Instruction: CallRoleAssignmentMethod
Signature: CallRoleAssignmentMethod { address: DynamicGlobalAddress, method_name: String, args: ManifestValue }
This calls a role-assignment module method.
Instruction: CallDirectVaultMethod
Signature: CallDirectVaultMethod { address: InternalAddress, method_name: String, args: ManifestValue }
This calls a method directly on a vault, bypassing standard access controls.
6. Address operations
Instruction: AllocateGlobalAddress
Signature: AllocateGlobalAddress { package_address: PackageAddress, blueprint_name: String }
This creates global address reservation.
7. Metadata and role operations
Instruction: SetMetadata
Signature: SetMetadata { address: ComponentAddress, args: ManifestValue }
This sets metadata for a component.
Instruction: RemoveMetadata
Signature: RemoveMetadata { address: ComponentAddress, args: ManifestValue }
This removes metadata from a component.
Instruction: LockMetadata
Signature: LockMetadata { address: ComponentAddress, args: ManifestValue }
This locks component metadata to prevent further changes.
Instruction: SetComponentRoyalty
Signature: SetComponentRoyalty { address: ComponentAddress, args: ManifestValue }
This sets royalty configuration for a component.
Instruction: LockComponentRoyalty
Signature: LockComponentRoyalty { address: ComponentAddress, args: ManifestValue }
This locks component-royalty configuration.
Instruction: ClaimComponentRoyalties
Signature: ClaimComponentRoyalties { address: ComponentAddress, args: ManifestValue }
This claims accumulated royalties for a component.
Instruction: SetOwnerRole
Signature: SetOwnerRole { address: ComponentAddress, args: ManifestValue }
This sets the owner role for a component.
Instruction: LockOwnerRole
Signature: LockOwnerRole { address: ComponentAddress, args: ManifestValue }
This locks the owner-role configuration.
Instruction: SetRole
Signature: SetRole { address: ComponentAddress, args: ManifestValue }
This sets a role for a component.
8. Component-creation operations
Instruction: CreateAccessController
Signature: CreateAccessController { args: ManifestValue }
This creates a new access-controller component.
Instruction: CreateIdentity
Signature: CreateIdentity { args: ManifestValue }
This creates a new identity component.
Instruction: CreateIdentityAdvanced
Signature: CreateIdentityAdvanced { args: ManifestValue }
This creates a new identity component with advanced configuration options.
Instruction: CreateAccount
Signature: CreateAccount { args: ManifestValue }
This creates a new account component.
Instruction: CreateAccountAdvanced
Signature: CreateAccountAdvanced { args: ManifestValue }
This creates a new account component with advanced configuration options.
9. Cleanup operations
Instruction: DropNamedProofs
Signature: DropNamedProofs
This drops all named proofs.
Instruction: DropAllProofs
Signature: DropAllProofs
This drops all proofs (named and auth zone).