kadena-community/kadena.js

[@kadena/client] check the transaction body after sign with `sign` protocol

Opened this issue · 1 comments

Please confirm the following:

Is your feature request related to a problem?

The sign protocol allows a wallet to create a transaction object from the requested data. As far as I know, this protocol exists because we want wallets to have control over certain some properties, such as gas price and gas limit. However, in terms of security, it's crucial to restrict the wallet from making changes to other aspects.

check the sign api: https://kadena-io.github.io/signing-api/#/definitions/SigningRequest

I believe we should inspect the created transaction to ensure that nothing important has been altered. For example, a wallet should not be able to modify the code section or capabilities.

Describe the solution you'd like

We can have a helper like confirmTransaction that accept both request and created transaction and write it after the sign function like

const signedTx = sign(inputTx)
confirmTransaction(inputTx, signedTx) // throws exception if signedTx changed something important in the inputTx

Describe alternatives you've considered

removing the sign protocol completely in favor of quicksign api
I believe that, in the long term, it would be a better decision. If we require certain information from the wallet, such as gas price or limit, the wallet could expose relevant APIs. However, this approach requires further discussions with other parties.

Do you have any additional context?

No response

Participation

  • I am willing to submit a pull request for this feature request.

This issue is stale because it is open for 60 days with no activity