Replies: 1 comment
-
|
This is Great! I put together some ideas for the specifications and put in some more information. I am keeping the working draft here while I refine it. I included you as an author and would love to hear your thoughts on the specifications. I assume I may have to tweak some things before it is feasible, but the general concept is ironed out. |
Beta Was this translation helpful? Give feedback.
0 replies
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
-
Abstract
This specification proposes a standardized way for wallets to send and receive API calls from a Hedera dApp. This allows users to request transactions which are then generated by the application and presented to them for signing in wallet, without exposing sensitive information to the dApp.
A follow up HIP idea would be to establish a standard format for message signing, akin to the EIP712 for Ethereum[0]. This standard would allow wallets and dApps to communicate with each other, generating transactions with human-readable metadata that allow users to make informed decisions when signing transactions.
Motivation
The Hedera development space is still young, with many new projects developing promising ideas. Before long, these projects will need to have a standardized method of communication, much like what exists in the Ethereum space.
Taking the Metamask wallet as an example, Metamask offers a seamless way for users to interact with dApps, sending requests and signing transactions without compromising the security of their accounts. Note that Metamask offers a full pathway for connecting the wallet to dApps, including features such as onboarding which would not apply to this HIP.
Without a communication standard, projects in the space are more or less required to implement their own wallets in order to allow users to sign for transactions and services. This not only adds overhead for the project team, but it represents risk to the user who must reveal sensitive account information to these projects.
Rationale
We propose establishing a standard for applications to provide REST end points based on the Hedera SDK documentation[1].
REST is a flexible and universal client-server communication API that is already in use by the Hedera SDK for communicating with mirror nodes. Building on this to allow wallets and other client applications to communicate with other applications is straightforward.
The Hedera SDK provides a template for function names and data structures which can be followed to simplify design decisions.
Specification
To be Completed. Although I have some ideas, I would like to flesh them out with the community.
Discussion either here or on the Hedera development discord in #hedera-improvement-proposal.
Backwards Compatibility
This HIP is entirely opt-in, and does not break any existing functionality. It simply provides standards which wallets and dApps can follow in order to interact with each other.
Security Implications
No known security concerns.
How to Teach This
A public repository or reference site should be presented with a list of standardized functions, related data structures and parameters.
Development of libraries that implement this functionality is also a potential way to onboard developers and keep the community up to date.
Reference Implementation
To be developed.
Rejected Ideas
N/A
Open Issues
N/A
References
[0] https://github.com/ethereum/EIPs/blob/master/EIPS/eip-712.md
[1] https://docs.hedera.com/guides/docs/hedera-api
Copyright/license
This document is licensed under the Apache License, Version 2.0 -- see LICENSE or (https://www.apache.org/licenses/LICENSE-2.0)
Beta Was this translation helpful? Give feedback.
All reactions