You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
The sign protocol allows a wallet to create a transaction object from the requested data. As far as I know, this protocol exists because we want wallets to have control over certain some properties, such as gas price and gas limit. However, in terms of security, it's crucial to restrict the wallet from making changes to other aspects.
I believe we should inspect the created transaction to ensure that nothing important has been altered. For example, a wallet should not be able to modify the code section or capabilities.
Describe the solution you'd like
We can have a helper like confirmTransaction that accept both request and created transaction and write it after the sign function like
constsignedTx=sign(inputTx)confirmTransaction(inputTx,signedTx)// throws exception if signedTx changed something important in the inputTx
Describe alternatives you've considered
removing the sign protocol completely in favor of quicksign api
I believe that, in the long term, it would be a better decision. If we require certain information from the wallet, such as gas price or limit, the wallet could expose relevant APIs. However, this approach requires further discussions with other parties.
Do you have any additional context?
No response
Participation
I am willing to submit a pull request for this feature request.
The text was updated successfully, but these errors were encountered:
javadkh2
changed the title
check the transaction body after sign with sign
check the transaction body after sign with sign protocol
Aug 21, 2023
alber70g
changed the title
check the transaction body after sign with sign protocol
[@kadena/client] check the transaction body after sign with sign protocol
Aug 21, 2023
Please confirm the following:
Is your feature request related to a problem?
The sign protocol allows a wallet to create a transaction object from the requested data. As far as I know, this protocol exists because we want wallets to have control over certain some properties, such as gas price and gas limit. However, in terms of security, it's crucial to restrict the wallet from making changes to other aspects.
check the sign api: https://kadena-io.github.io/signing-api/#/definitions/SigningRequest
I believe we should inspect the created transaction to ensure that nothing important has been altered. For example, a wallet should not be able to modify the code section or capabilities.
Describe the solution you'd like
We can have a helper like confirmTransaction that accept both request and created transaction and write it after the sign function like
Describe alternatives you've considered
removing the sign protocol completely in favor of quicksign api
I believe that, in the long term, it would be a better decision. If we require certain information from the wallet, such as gas price or limit, the wallet could expose relevant APIs. However, this approach requires further discussions with other parties.
Do you have any additional context?
No response
Participation
The text was updated successfully, but these errors were encountered: