Ethereum dApps will probably move to users signing blobs of data using private keys that don't actually hold any funds. dApp operators will submit txs including these signatures, proving the end user gave the
.
Lets business pay for gas, deal with nonces, retry TXs, etc.
-
-
Sure, but see tweet below. If users can unfriend people, they have to trust that the owner will not replay signed data. Obviously, this isn't a huge deal in this case - just an example of how these schemes are hard to reason about.
-
It is more complicated but I don't think it is hard to reason about in a way that implies "don't do it." Are there cases where even the onlyOwner example is very security critical? Yeah probably. I'm just talking about general design patterns that I expect to shift though
End of conversation
New conversation -
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.