attestation icon indicating copy to clipboard operation
attestation copied to clipboard

Published 20 hours ago verified publisher icon SmartTokenLabs

attestation.id issues fake identifier attestation using fake key (hardcoded in github source code) if fake devcon ticket magic link is used

Open SmartLayer opened this issue 3 years ago • 0 comments

background

Attestation.id is used by devcon ticket issuer's page for authentication purposes.

current status

attestation.id is used by alchemyNFT to issue twitter handle attestation. A new function is being added to it to allow zk-protected identifier attestation to be issued.

desired

  • when the site is opened by an iframe from a web page that can provide a valid devcon ticket, a protected (not appearing in github source code) key is used to issue identifier attestation

  • when the request is opened by an iframe from a web page that can provide an invalid devcon ticket, which is invalid only because it used a demo ticket issuer key, issue identifier attestation with a hardcoded key, which is considered invalid in production systems.

SmartLayer avatar Jun 22 '21 05:06 SmartLayer