-
Notifications
You must be signed in to change notification settings - Fork 163
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
FLIP: Interaction Templates #934
Conversation
The latest updates on your projects. Learn more about Vercel for Git ↗︎
|
Thanks! Looking forward to reading through the proposal :-) |
Add forum url to frontmatter
I read through the proposal and I really like the concept alot, I think this is needed SO much to avoid users getting scammed and I would strongly advice it becomes a requirement for all wallets to follow this. However there is one part of it that I would advice a slightly different approach on. Right now the code that is stored contains variables that have to be replaced for each network, and then you store the addresses for the different networks. The problem with this is that when wallets receive the transaction these replacements are already made, so we make the work for wallets very hard. In stead I propose that we replace all addresses and just duplicate the code and hash for each network. I have done some work on this in overflow. The code uses the cadence runtime to parse the code and extract the arguments. Based on the work bluesign did for flow cli without arguments. It is possible to parse doctags here I think I just have not had time for it. https://github.com/bjartek/overflow/blob/main/overflow/parse.go you can call it like this
it will produce a json file like this This is an example for bl0x. We then publish an NPM module for that file that the frontend code uses. |
I strongly feel this should be stored on chain.
Also I think some common tasks should be standard, Initialize new account etc Ofc best would be to add new Storage to Flow called interactions. Second best would be a Registry contract to manage interactions on chain. Making this onchain would also allow finally to use Ledger with FCL Also I feel like with MetadataViews, if we store interactions on chain, we can reference interactions on resources. Send to another address this NFT , Add to collection etc |
Reminder: discussion about the content of the flip should be directed to the Forum linked in the FLIP. This is to me preserve a single stream of communication across all in PRs and changes to a single flip. https://forum.onflow.org/t/flip-934-interaction-templates/3080 |
@pgebheim I don't think forum is better for communicating FLIPS, I am not sure if here is the best, but for me it is 10 times better than forum.
I don't know maybe active forum users ( if they exist ) disagree with me, I think forum is a bit dead town. |
A FLIP will have a multiple PRs as it moves through the process. We want to keep all conversation about the content of the flips on one place and not spread across multiple threads in GitHub. |
Then forum it is 👍 At least you didn't say Alchemy API /s |
…nto flip/interaction-templates
Nice work writing up a solution proposal for this problem Jeffrey! I like the proposal's feature set, it is great that it includes internationalization. My biggest concern / question is with the storage / provision of it:
Do we want to encourage an on-chain solution here, so this becomes authoritative? As for the concrete format of the template:
|
I am 100% behind an onChain solution for this. We want the trustless properties of a blockChain, we want the traceability it offers. |
Just a quick comment that is unrelated to the core idea :) |
a tiny nit picking: You may consider using URLs for locations in the doc, e.g: - GET audits.trusted-auditor.com/id/{template_id} -> InteractionTemplateAudit
+ GET https://audits.trusted-auditor.com/id/{template_id} -> InteractionTemplateAudit - DNS:transfer-flow.interactions.onflow.org
+ dns://transfer-flow.interactions.onflow.org - IPFS:64EC88CA00B268E5BA1A35678A1B5316D212F4F366B2477232534A8AECA37F3C
+ ipfs://bafybeigdyrzt5sfp7udm7hu76uh7y26nf3efuylqabf3oclgtqy55fbzdi
+ ipfs://QmbWqxBEKC3P8tqsKc98xmWNzrzDtRLMiMPL8wBuTGsMnR (not sure if template's location should be a string or a list of string to provide fallback on the client to have an ability to download template from multiple places. Depends on whether the additional complexity worth the reliability benefit.) Also, IIUC the purpose of encapsulating FLIP's content into the |
} | ||
} | ||
}, | ||
arguments: { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Should arguments be typed? example: amount be ufix64
. They are in the example above, are they just missing in this example?
} | ||
} | ||
}, | ||
balance: "0xFUNGIBLETOKENADDRESS.FungibleToken" // The token this argument acts upon. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
balance
seems to not fit here, would all arguments have "balance" property?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
No not all arguments would have a "balance" property. What this aims to do is create a link between the dependencies of the interaction and the argument to show they're related. With this property an app/wallet might be able to use it to determine if a user has sufficient balance of a FT to successfully execute a transaction, for example.
|
||
Consumers of this Interaction Template could query the static identifier, and always get the most up to date Interaction Template stored there. | ||
|
||
### Interaction Audits |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Based on a forum conversations, there is a strong use case to have template audit information on-chain. I think it can be removed from the actual template.
By standardizing **Interaction Template Metadata**, the Flow community can start to build applications that can consume metadata, instead of having to come up with it themselves for each interaction they need to support. Since the format of the metadata would be consistent, this enables parties to support a much wider number of interactions, including any number of arbitrary interactions. | ||
|
||
Standardizing metadata helps all parties involved in the execution of an interaction to better understand what the interaction requires and does. For applications, metadata allows them to understand and present the interaction to a user in an intuitive way. For wallets, metadata also helps them understand what a transaction will do to an account, and gives them paths to prevent undesirable outcomes and reject malicious transactions. For users, metadata helps to promote human readable understanding of the impacts of a transaction. | ||
|
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
In your examples, I'd suggest adding optional Metadata that the developer can add to convey information to Auditor and/or Wallet. This would better show the flexibility of the standard, it'll be very difficult to handle all data cases in this flip.
Merging as draft |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
👍 Formatting good for draft!
…nto flip/interaction-templates
FLIP: Interaction Templates
Abstract
This FLIP proposes a new standard for how contract developers, wallets, users, auditors and applications, can create, audit and verify the intent, security and metadata of Flow scripts and transactions, with the goal to improve the understandability and security of authorizing transactions and promote patterns for change resilient composability of applications on Flow.