neo icon indicating copy to clipboard operation
neo copied to clipboard
verified publisher icon neo-project

[NEO3] Manifest: Witness Required on Method / NEP3 Witness type

Open igormcoelho opened this issue 6 years ago • 7 comments

I think we should mark methods on manifest that require witnesses. [EDIT]: I propose a better design on next post. ~Something like: "Transfer() => requireWitness: true".~ So, wallets should know in advance that a witness is required for that method. How to attach a witness is up to the contract/dapp developer interface, but at least users will be aware that some witnesses are needed (and pop-up an alert if no witness is provided).

~For NEP-5:~ ~balanceOf() : requireWitness : false~ ~totalSupply() : requireWitness : false~ ~mintTokens() : requireWitness : false~ ~transfer() : requireWitness : true~ ...

~If I try to invoke "transfer" without a contract-specific witness (or global scoped witness), UI will warn me that operation will probably not go through.~ [EDIT]: this is not how Scoped Witnesses will work afterall... in the end, CalledByEntry can be standard and would be enough in this case, unless you knew in advance that this method depends on other method, that depends on a specific witness... it's dapp-specific in this scenario. ~There are cases where multiple witnesses are necessary, or it's variable, but I think we should stick to a simple format: absolutely needed, or not needed (or perhaps not needed). A third option is to put as "yes/no/maybe" format, but I prefer true, only if absolutely required.~

igormcoelho avatar Jul 09 '19 18:07 igormcoelho

Perhaps better than this, much better in fact,is the creation of a NEP3 type VerifiedAddress. this way, neo3 could have NEP5 ABI as: transfer(VerifiedAddress from, Address to, Integer value)

This implicitly denotes that a witness is required,and even better, this witness would be checked before entering method. Naming could also be VerifiedScriptHash, more correct but less friendly ;) And perhaps, an even.better name is Witness: transfer(Witness from, Address to, Integer value)

On coding Smart Contracts, one could just do: Witness w = Runtime.GetWitness(Address)

w may be null, if not passing CheckWitness, or equivalent to Address/BYTE[] if ok.

igormcoelho avatar Jul 09 '19 21:07 igormcoelho

@lightzero @erikzhang @shargon

igormcoelho avatar Jul 09 '19 22:07 igormcoelho

This easily solves many problems, and differentiates from other possible token or contract types: transfer(Witness from, Witness to, Integrr value)

In this case, from and to must sign tx.

igormcoelho avatar Jul 09 '19 22:07 igormcoelho

Is good for optimizations

shargon avatar Jul 10 '19 04:07 shargon

I agree this is good too. So since we have 3 votes, I will add this to NEO 3 milestone. Please remove it if you guys think this was a mistake.

Thanks

lock9 avatar Jul 31 '19 20:07 lock9

Ok, just to be sure, I'm in favor of a explicit "Witness" (or "VerifiedAddress") NEP-3 type, instead of requiredWitness : true/false (semantics on which witness is weak here...).

Like this: transfer(Witness from, Witness to, Integer value) (this requires two independent witnesses on from and to. NEP-5 would be like: transfer(Witness from, Address to, Integer value). Semantics is very powerful :muscle:

MultiSig (mutli-check-witness in fact) is naturally: bool Check(Witness[] args), and checkwitness naturally bool Check(Witness w), where bool CheckSig(Signature s, Pubkey p).

igormcoelho avatar Aug 14 '19 23:08 igormcoelho

But why not something like, requirements: Witness, None, ReadOnly? we should try to join with the readOnly flag

shargon avatar Aug 15 '19 05:08 shargon