-
Notifications
You must be signed in to change notification settings - Fork 116
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Add ability to sign and check arbitrary messages using the failing_noop
operation to local forger
#952
Comments
We have support for this in RPC forger, but could add it to local forger and create an integration test. |
failing_noop
operationfailing_noop
operation to to local forger and create an integration test.
Near as I can tell, the local forger does not yet support the |
@fredcy would you be able to share some details on how you are using it? It will help us to know more about your use case. |
I am trying to create a proof of concept dApp that signs arbitrary text messages over Beacon. I have it working using the ad hoc "0501"-prefixed Micheline string value method and I want to try using a Several of us plan to write a new tzip to document the current 0501 string value method already implemented by some dApps and wallets, and to write another new tzip to document an alternative safe-signing approach based on failing_noop. |
See related request with the use case description here #2507 |
failing_noop
operation to to local forger and create an integration test.failing_noop
operation to local forger
Is your feature request related to a problem and use case? Please describe.
Signing arbitrary data is a common activity in blockchain, but it presents risks in that a wallet, if permissive, can sign a malicious operation that is purporting to be arbitrary data.
Describe the solution you'd like
The
florencenet
protocol amendment introduced a new operation type called failing_noop which is an operation type that is guaranteed to never be included in the chain.Acceptance criteria
failing_noop
operation.failing_noop
operation.failing_noop
operation that are expected to failDescribe alternatives you've considered
Prior to this operation type, wallet developers implemented a data structure to help mitigate this risk. See: https://docs.google.com/document/d/1ZgA7mZNrWl1YZ0snzjiFw1ahyXjvWFS1GvU5-caUDCE/edit
Additional context
If Taquito implements the ability to sign and check data using this operation type, wallet developers are more likely to restrict the signing of arbitrary data that comes in the form of a
failing_noop
operation.See Tezos MR https://gitlab.com/tezos/tezos/-/merge_requests/2361 for more information.
The text was updated successfully, but these errors were encountered: