We need to validate that a RR is correctly referenced from a transaction, in particular:
transaction has multihash of first version of RR inside
transaction amount matches RR amount (what about PoPR amount?)
The hard part is linking the transaction from the RR and fetching the transaction in a trusted way. Here are some ideas
Linking the tx id
Ideas:
from the published message (easiest, but volatile)
include it in the OrbitDB operation (harder, but persistent)
Maybe we should just do both, but then we have to verify that they match. Or we should remove the pubsub message step and instead the service node will react when it replicates the DB from the customer. I think this is the best solution but I need to check how it works in practice
Validating
Ideas:
use blockcypher or equivalent API (easiest, but central point of failure)
have a system where service nodes fetch blockchain blocks that contain chlu transactions, put them into IPFS via IPLD, and then use that to verify. The problem is that this requires the whole block and not just the transaction, which might take a while, also is it enough to be sure the transaction is valid?
run some kind of light wallet like https://github.com/mappum/webcoin but I think one distributed system at a time might be enough for the poor browser
I don't think it's the long term solution, but we'll go with blockcypher for now
Todo
[x] btc module to talk with the blockchain
[x] publish step of RR storage needs to accept tx id
[x] validator module needs to fetch tx id, and call btc module to verify that the multihash and amounts are matching
[x] validator needs to fetch the txId from orbitdb when validating
We need to validate that a RR is correctly referenced from a transaction, in particular:
The hard part is linking the transaction from the RR and fetching the transaction in a trusted way. Here are some ideas
Linking the tx id
Ideas:
Maybe we should just do both, but then we have to verify that they match. Or we should remove the pubsub message step and instead the service node will react when it replicates the DB from the customer. I think this is the best solution but I need to check how it works in practice
Validating
Ideas:
I don't think it's the long term solution, but we'll go with blockcypher for now
Todo