mirror of
https://github.com/status-im/specs.git
synced 2025-01-12 07:04:15 +00:00
Merge branch 'master' into fix-lamport-def
This commit is contained in:
commit
435597d6f1
@ -99,8 +99,8 @@ Legacy `send` method.
|
||||
Status uses a [forked version](https://github.com/status-im/react-native-webview) of [react-native-webview](https://github.com/react-native-community/react-native-webview) to display web or dapps content. The fork provides an Android implementation of JS injection before page load. It is required in order to properly inject Ethereum Provider object.
|
||||
|
||||
Status injects two JS scripts:
|
||||
- [provider.js](https://github.com/status-im/status-react/blob/develop/resources/js/provider.js): `window.ethereum` object
|
||||
- [webview.js](https://github.com/status-im/status-react/blob/develop/resources/js/webview.js): override for `history.pushState` used internally
|
||||
- [provider.js](https://github.com/status-im/status-mobile/blob/develop/resources/js/provider.js): `window.ethereum` object
|
||||
- [webview.js](https://github.com/status-im/status-mobile/blob/develop/resources/js/webview.js): override for `history.pushState` used internally
|
||||
|
||||
Dapps running inside a browser communicate with Status Ethereum node by means of a *bridge* provided by react-native-webview library. The bridge allows for bidirectional communication between browser and Status. In order to do so, it injects a special `ReactNativeWebview` object into each page it loads.
|
||||
|
||||
|
@ -83,7 +83,7 @@ A Whisper node must be properly configured to receive messages from Status clien
|
||||
Whisper's Proof Of Work algorithm is used to deter denial of service and various spam/flood attacks against the Whisper network. The sender of a message must perform some work which in this case means processing time. Because Status' main client is a mobile client, this easily leads to battery draining and poor performance of the app itself. Hence, all clients MUST use the following Whisper node settings:
|
||||
* proof-of-work requirement not larger than `0.00001`
|
||||
* time-to-live not lower than `10` (in seconds)
|
||||
* any payload below `50000` bytes MUST be sent with a PoW Target of at least `0.002`, in order to maintain backward compatibility with version `0.2` and [Status app version `1.3`](https://github.com/status-im/status-react/releases/tag/untagged-079a6d98babfeaa3f8c0) and below
|
||||
* any payload below `50000` bytes MUST be sent with a PoW Target of at least `0.002`, in order to maintain backward compatibility with version `0.2` and [Status app version `1.3`](https://github.com/status-im/status-mobile/releases/tag/untagged-079a6d98babfeaa3f8c0) and below
|
||||
|
||||
## Handshake
|
||||
|
||||
|
@ -335,7 +335,7 @@ area of research.
|
||||
|
||||
1. <https://github.com/status-im/status-protocol-go/>
|
||||
2. <https://github.com/status-im/status-console-client/>
|
||||
3. <https://github.com/status-im/status-react/>
|
||||
3. <https://github.com/status-im/status-mobile/>
|
||||
|
||||
## Appendix A: Security considerations
|
||||
|
||||
@ -397,7 +397,7 @@ A `Mailserver` has a direct TCP connection, which means they are trusted to send
|
||||
|
||||
By default Devp2p runs on port `30303`, which is not commonly used for any other service. This means it is easy to censor, e.g. airport WiFi. This can be mitigated somewhat by running on e.g. port `80` or `443`, but there are still outstanding issues. See libp2p and Tor's Pluggable Transport for how this can be improved.
|
||||
|
||||
See <https://github.com/status-im/status-react/issues/6351> for some discussion.
|
||||
See <https://github.com/status-im/status-mobile/issues/6351> for some discussion.
|
||||
|
||||
## Acknowledgments
|
||||
|
||||
|
@ -141,7 +141,7 @@ This can be done in the following ways:
|
||||
1. discovery through the Status app
|
||||
1. asynchronous X3DH key exchange
|
||||
1. public key via public channel listening
|
||||
- `status-react/src/status_im/contact_code/core.cljs`
|
||||
- `status-mobile/src/status_im/contact_code/core.cljs`
|
||||
1. contact codes
|
||||
1. decentralized storage (not implemented)
|
||||
1. Whisper/Waku
|
||||
@ -170,7 +170,7 @@ A low-poly identicon is deterministically generated from the Whisper/Waku chat p
|
||||
|
||||
#### 3 word pseudonym / Whisper/Waku key fingerprint
|
||||
Status generates a deterministic 3-word random pseudonym from the Whisper/Waku chat public key. This pseudonym acts as a human readable fingerprint to the Whisper/Waku chat public key. This name also shows when viewing a contact's public profile and in the chat UI.
|
||||
- implementation: [gfycat](https://github.com/status-im/status-react/tree/develop/src/status_im/utils/gfycat)
|
||||
- implementation: [gfycat](https://github.com/status-im/status-mobile/tree/develop/src/status_im/utils/gfycat)
|
||||
|
||||
#### ENS name
|
||||
Status offers the ability to register a mapping of a human readable subdomain of `stateofus.eth` to their Whisper/Waku chat public key. The user purchases this registration (currently by staking 10 SNT) and the node stores it on the Ethereum mainnet blockchain for public lookup.
|
||||
@ -261,7 +261,7 @@ Compressed public keys are smaller, and users may perceive them as less intimida
|
||||
|
||||
The user can transmit and share the same data, but at one third of the original size. 136 characters uncompressed vs 49 characters compressed, giving a significant character length reduction of 64%.
|
||||
|
||||
The user client app MAY use the compressed public keys throughout the user interface. For example in the `status-react` implementation of the user interface the following places could take advantage of a significantly smaller public key:
|
||||
The user client app MAY use the compressed public keys throughout the user interface. For example in the `status-mobile` implementation of the user interface the following places could take advantage of a significantly smaller public key:
|
||||
|
||||
- `Onboarding` > `Choose a chat name`
|
||||
- `Profile` > `Header`
|
||||
|
@ -84,7 +84,7 @@ Support: Dependency.
|
||||
Reference: https://github.com/bitcoin/bips/blob/master/bip-0044.mediawiki
|
||||
Description: Enable wallet to derive multiple accounts in top of BIP39.
|
||||
Used for: Privacy.
|
||||
Sourcecode: https://github.com/status-im/status-react/blob/develop/src/status_im/constants.cljs#L240
|
||||
Sourcecode: https://github.com/status-im/status-mobile/blob/develop/src/status_im/constants.cljs#L240
|
||||
Observation: BIP44 don't solve privacy issues regarding the transparency of transactions, therefore directly connected addresses through a transactions can be identifiable by a "network reconnaissance attack" over transaction history, this attack together with leakage of information from centralized services, such as exchanges, would be fatal against the whole privacy of users, regardless of BIP44.
|
||||
|
||||
### EIP20 - Fungible Token
|
||||
@ -93,7 +93,7 @@ Support: Full.
|
||||
Reference: https://eips.ethereum.org/EIPS/eip-20
|
||||
Description: Enable wallets to use tokens based on smart contracts compliant with this standard.
|
||||
Used for: Wallet feature.
|
||||
Sourcecode: https://github.com/status-im/status-react/blob/develop/src/status_im/ethereum/tokens.cljs
|
||||
Sourcecode: https://github.com/status-im/status-mobile/blob/develop/src/status_im/ethereum/tokens.cljs
|
||||
|
||||
### EIP55 - Mixed-case checksum address encoding
|
||||
|
||||
@ -101,8 +101,8 @@ Support: Full.
|
||||
Reference: https://eips.ethereum.org/EIPS/eip-55
|
||||
Description: Checksum standard that uses lowercase and uppercase inside address hex value.
|
||||
Used for: Sanity check of forms using ethereum address.
|
||||
Related: https://github.com/status-im/status-react/issues/4959 https://github.com/status-im/status-react/issues/8707
|
||||
Sourcecode: https://github.com/status-im/status-react/blob/develop/src/status_im/ethereum/eip55.cljs
|
||||
Related: https://github.com/status-im/status-mobile/issues/4959 https://github.com/status-im/status-mobile/issues/8707
|
||||
Sourcecode: https://github.com/status-im/status-mobile/blob/develop/src/status_im/ethereum/eip55.cljs
|
||||
|
||||
### EIP67 - Standard URI scheme with metadata, value and byte code
|
||||
|
||||
@ -110,7 +110,7 @@ Support: Partial.
|
||||
Reference: https://github.com/ethereum/EIPs/issues/67
|
||||
Description: A standard way of creating Ethereum URIs for various use-cases.
|
||||
Used for: Legacy support.
|
||||
https://github.com/status-im/status-react/issues/875
|
||||
https://github.com/status-im/status-mobile/issues/875
|
||||
|
||||
### EIP137 - Ethereum Domain Name Service - Specification
|
||||
|
||||
@ -118,7 +118,7 @@ Support: Partial.
|
||||
Reference: https://eips.ethereum.org/EIPS/eip-137
|
||||
Description: Enable wallets to lookup ENS names.
|
||||
Used for: User experience, as a wallet and identity feature, usernames.
|
||||
Sourcecode: https://github.com/status-im/status-react/blob/develop/src/status_im/ethereum/ens.cljs#L86
|
||||
Sourcecode: https://github.com/status-im/status-mobile/blob/develop/src/status_im/ethereum/ens.cljs#L86
|
||||
|
||||
### EIP155 - Simple replay attack protection
|
||||
|
||||
@ -126,7 +126,7 @@ Support: Full.
|
||||
Reference: https://eips.ethereum.org/EIPS/eip-155
|
||||
Description: Defined chainId parameter in the singed ethereum transaction payload.
|
||||
Used for: Signing transactions, crucial to safety of users against replay attacks.
|
||||
Sourcecode: https://github.com/status-im/status-react/blob/develop/src/status_im/ethereum/core.cljs
|
||||
Sourcecode: https://github.com/status-im/status-mobile/blob/develop/src/status_im/ethereum/core.cljs
|
||||
|
||||
### EIP165 - Standard Interface Detection
|
||||
|
||||
@ -134,7 +134,7 @@ Support: Dependency/Partial.
|
||||
Reference: https://eips.ethereum.org/EIPS/eip-165
|
||||
Description: Standard interface for contract to answer if it supports other interfaces.
|
||||
Used for: Dependency of ENS and EIP721.
|
||||
Sourcecode: https://github.com/status-im/status-react/blob/develop/src/status_im/ethereum/eip165.cljs
|
||||
Sourcecode: https://github.com/status-im/status-mobile/blob/develop/src/status_im/ethereum/eip165.cljs
|
||||
|
||||
### EIP181 - ENS support for reverse resolution of Ethereum addresses
|
||||
|
||||
@ -142,7 +142,7 @@ Support: Partial.
|
||||
Reference: https://eips.ethereum.org/EIPS/eip-181
|
||||
Description: Enable wallets to render reverse resolution of Ethereum addresses.
|
||||
Used for: Wallet feature.
|
||||
Sourcecode: https://github.com/status-im/status-react/blob/develop/src/status_im/ethereum/ens.cljs#L86
|
||||
Sourcecode: https://github.com/status-im/status-mobile/blob/develop/src/status_im/ethereum/ens.cljs#L86
|
||||
|
||||
### EIP191 - Signed Message
|
||||
|
||||
@ -164,8 +164,8 @@ Support: Partial.
|
||||
Reference: https://eips.ethereum.org/EIPS/eip-681
|
||||
Description: A link that pop up a transaction in the wallet.
|
||||
Used for: Useful as QR code data for transaction requests, chat transaction requests and for dapp links to transaction requests.
|
||||
Sourcecode: https://github.com/status-im/status-react/blob/develop/src/status_im/ethereum/eip681.cljs
|
||||
Related: [Issue #9183: URL Format for Transaction Requests (EIP681) is poorly supported](https://github.com/status-im/status-react/issues/9183) https://github.com/status-im/status-react/pull/9240 https://github.com/status-im/status-react/issues/9238 https://github.com/status-im/status-react/issues/7214 https://github.com/status-im/status-react/issues/7325 https://github.com/status-im/status-react/issues/8150
|
||||
Sourcecode: https://github.com/status-im/status-mobile/blob/develop/src/status_im/ethereum/eip681.cljs
|
||||
Related: [Issue #9183: URL Format for Transaction Requests (EIP681) is poorly supported](https://github.com/status-im/status-mobile/issues/9183) https://github.com/status-im/status-mobile/pull/9240 https://github.com/status-im/status-mobile/issues/9238 https://github.com/status-im/status-mobile/issues/7214 https://github.com/status-im/status-mobile/issues/7325 https://github.com/status-im/status-mobile/issues/8150
|
||||
|
||||
### EIP712 - Typed Signed Message
|
||||
|
||||
@ -173,7 +173,7 @@ Support: Partial.
|
||||
Reference: https://eips.ethereum.org/EIPS/eip-712
|
||||
Description: Standardize types for contract signature, allowing users to easily inspect whats being signed.
|
||||
Used for: User experience, security.
|
||||
Related: https://github.com/status-im/status-react/issues/5461 https://github.com/status-im/status-react/commit/ba37f7b8d029d3358c7b284f6a2383b9ef9526c9
|
||||
Related: https://github.com/status-im/status-mobile/issues/5461 https://github.com/status-im/status-mobile/commit/ba37f7b8d029d3358c7b284f6a2383b9ef9526c9
|
||||
|
||||
### EIP721 - Non Fungible Token
|
||||
|
||||
@ -181,15 +181,15 @@ Support: Partial.
|
||||
Reference: https://eips.ethereum.org/EIPS/eip-721
|
||||
Description: Enable wallets to use tokens based on smart contracts compliant with this standard.
|
||||
Used for: Wallet feature.
|
||||
Related: https://github.com/status-im/status-react/issues/8909
|
||||
Sourcecode: https://github.com/status-im/status-react/blob/develop/src/status_im/ethereum/erc721.cljs https://github.com/status-im/status-react/blob/develop/src/status_im/ethereum/tokens.cljs
|
||||
Related: https://github.com/status-im/status-mobile/issues/8909
|
||||
Sourcecode: https://github.com/status-im/status-mobile/blob/develop/src/status_im/ethereum/erc721.cljs https://github.com/status-im/status-mobile/blob/develop/src/status_im/ethereum/tokens.cljs
|
||||
|
||||
### EIP945 - Web 3 QR Code Scanning API
|
||||
|
||||
Support: Full.
|
||||
Reference: https://github.com/ethereum/EIPs/issues/945
|
||||
Used for: Sharing contactcode, reading transaction requests.
|
||||
Related: https://github.com/status-im/status-react/issues/5870
|
||||
Related: https://github.com/status-im/status-mobile/issues/5870
|
||||
|
||||
### EIP1102 - Opt-in account exposure
|
||||
|
||||
@ -197,7 +197,7 @@ Support: Full.
|
||||
Reference: https://eips.ethereum.org/EIPS/eip-1102
|
||||
Description: Allow users to opt-in the exposure of their ethereum address to dapps they browse.
|
||||
Used for: Privacy, DApp support.
|
||||
Related: https://github.com/status-im/status-react/issues/7985
|
||||
Related: https://github.com/status-im/status-mobile/issues/7985
|
||||
|
||||
### EIP1193 - Ethereum Provider JavaScript API
|
||||
|
||||
@ -205,7 +205,7 @@ Support: Full.
|
||||
Reference: https://eips.ethereum.org/EIPS/eip-1193
|
||||
Description: Allows dapps to recognize event changes on wallet.
|
||||
Used for: DApp support.
|
||||
Related: https://github.com/status-im/status-react/pull/7246
|
||||
Related: https://github.com/status-im/status-mobile/pull/7246
|
||||
|
||||
### EIP1577 - contenthash field for ENS
|
||||
|
||||
@ -213,8 +213,8 @@ Support: Partial.
|
||||
Reference: https://eips.ethereum.org/EIPS/eip-1577
|
||||
Description: Allows users browse ENS domains using contenthash standard.
|
||||
Used for: Browser, DApp support.
|
||||
Related: https://github.com/status-im/status-react/issues/6688
|
||||
Sourcecode: https://github.com/status-im/status-react/blob/develop/src/status_im/utils/contenthash.cljs https://github.com/status-im/status-react/blob/develop/test/cljs/status_im/test/utils/contenthash.cljs#L5
|
||||
Related: https://github.com/status-im/status-mobile/issues/6688
|
||||
Sourcecode: https://github.com/status-im/status-mobile/blob/develop/src/status_im/utils/contenthash.cljs https://github.com/status-im/status-mobile/blob/develop/test/cljs/status_im/test/utils/contenthash.cljs#L5
|
||||
|
||||
### EIP1581 - Non-wallet usage of keys derived from BIP-32 trees
|
||||
|
||||
@ -222,8 +222,8 @@ Support: Partial.
|
||||
Reference: https://eips.ethereum.org/EIPS/eip-1581
|
||||
Description: Allow wallet to derive keys that are less sensible (non wallet).
|
||||
Used for: Security (don't reuse wallet key) and user experience (don't request keycard every login).
|
||||
Related: https://github.com/status-im/status-react/issues/9088 https://github.com/status-im/status-react/pull/9096
|
||||
Sourcecode: https://github.com/status-im/status-react/blob/develop/src/status_im/constants.cljs#L242
|
||||
Related: https://github.com/status-im/status-mobile/issues/9088 https://github.com/status-im/status-mobile/pull/9096
|
||||
Sourcecode: https://github.com/status-im/status-mobile/blob/develop/src/status_im/constants.cljs#L242
|
||||
|
||||
### EIP1459 - Node Discovery via DNS
|
||||
|
||||
|
@ -110,7 +110,7 @@ https://github.com/ethereum/go-ethereum/blob/26d271dfbba1367326dec38068f9df828d4
|
||||
A Status node fetches the current and historical [ECR20] (https://eips.ethereum.org/EIPS/eip-20) and ETH balance for the user wallet address.
|
||||
Collectibles following the [ECR-721](https://eips.ethereum.org/EIPS/eip-721) are also fetched if enabled.
|
||||
|
||||
A Status node supports by default the following [tokens](https://github.com/status-im/status-react/blob/develop/src/status_im/ethereum/tokens.cljs). Custom tokens can be added by specifying the `address`, `symbol` and `decimals`.
|
||||
A Status node supports by default the following [tokens](https://github.com/status-im/status-mobile/blob/develop/src/status_im/ethereum/tokens.cljs). Custom tokens can be added by specifying the `address`, `symbol` and `decimals`.
|
||||
|
||||
#### BlockByHash
|
||||
|
||||
|
Loading…
x
Reference in New Issue
Block a user