Replies: 4 comments 31 replies
-
nice work. i think that this doesn't need to be delivered over HTTPS strictly -- the upsides of linking the name, address, and signature together in a predictable text format means that this data can be transmitted over any protocol: QR code, sticky note, SMS message, email, roadside billboard, whatever, without losing the authenticity guarantee provided by signature verification. |
Beta Was this translation helpful? Give feedback.
-
I think your draft HIP looks really good so far, I have a few ideas but I'll wait until a PR to HIPs is opened? Do you have any lingering questions or discussions around it or are you ready for some feedback? |
Beta Was this translation helpful? Give feedback.
-
Here is a VAP provider implementation for anyone who wants to try ithttps://www.niami.io/address-alias (You must be logged in) Description Example for a VAP URL is: https://api.niami.io/vap/xn--ss8ht4a/hns In the TXT record for xn--ss8ht4a (🚚💰) you'll find To get the wallet information for xn--ss8ht4a (🚚💰), an app (ex: Bob Wallet) can get the VAP URL from the TXT record and then request https://api.niami.io/vap/xn--ss8ht4a/hns to get the hns address. The answer will be Example: A third party should never trust Niami (or any other VAP provider). Therefore it's important to check if the owner of For Handshake Wallets that is super easy. They just use verifyMessageWithName. |
Beta Was this translation helpful? Give feedback.
-
I miss nested thread. @pinheadmz the solution for the replay attach you mentioned should be implemented in the chat app: it should not sign individual message as plain text. It should add a prefix/suffix or a json structure:
|
Beta Was this translation helpful? Give feedback.
-
@0xStefan and I have been working on a new HIP and are asking for feedback.
Abstract
This HIP describes a trustless and verifiable way to get a crypto address associated to a specific Handshake name (TLD).
Like HIP-2 an address is provided as a single line, but with an additional signature verifiable by the signmessagewithname Handshake function.
An address is fetched via HTTPS, either
static (VAP)
from any source, in this case the address is the same with every request orselective (VSAP)
from a dedicated service which provides a single selective address with every requesthttps://github.com/befranz/HIPs/blob/master/HIP-xxx-TCAP.md
Beta Was this translation helpful? Give feedback.
All reactions