alpha-wallet-ios icon indicating copy to clipboard operation
alpha-wallet-ios copied to clipboard

Published 20 hours ago verified publisher icon AlphaWallet

Make TokenScript loaded via scriptURI(), if it is via IPFS be displayed as having a verified signature

Open JamesSmartCell opened this issue 3 years ago • 2 comments

When using scriptURI() if the script is located on IPFS it is assumed to be certified.

See https://eips.ethereum.org/EIPS/eip-5169#security-considerations

Using IPFS, the script location fixes the script integrity.

Refer to https://github.com/AlphaWallet/alpha-wallet-android/issues/2785

JamesSmartCell avatar Aug 27 '22 04:08 JamesSmartCell

This concerns the 'certified' lock graphic and text (if you click on it), which shows whether the TokenScript is signed or not.

If the script if from IPFS then it has full integrity and is effectively signed (because of the hashing mechanics).

JamesSmartCell avatar Aug 28 '22 23:08 JamesSmartCell

Keep for later. Apparently needs more thinking and refactoring. We aren't showing the verified status at the moment any way.

hboon avatar Sep 01 '22 03:09 hboon