Store provides low-level primitives for storage. World provides the primitives for logic and access control on top of that storage.

Calls are sent to the World as a central entry point. The World performs access control checks and if the request is authorized, sends it to the appropriate System. In most cases access from the System to the tables that store the data also goes through the World (except for root systems). The System contracts themselves are stateless, all the data is managed by the World.

Note: A System in the root namespace could bypass the access control. However, only the owner of the root namespace (by default, the account that deployed the World) can deploy into the root namespace. To prevent systems from being registered in the root namespace, the root namespace owner can transfer ownership to address(0).

Systems in a World are comparable to Facets in the Diamond pattern (opens in a new tab) in many ways. The big difference is permissionless extensions. Anybody can claim an unused namespace, and put into it tables and System contracts to extend the world.

overall illustration

  1. An account (either an externally owned account (opens in a new tab) or a contract) sends a request to the World.
  2. The World authorizes the request and sends it to the appropriate System.
  3. The System can read information from all the World's tables, and modify information in tables it has access to (by default those in its own namespace).
  4. If the System needs to modify information inside a different namespace, it can call a System on that namespace to do so.