search

CityOfZion / neon-js

Javascript libraries that allow the applications to interact with NEO blockchain
https://docs.coz.io/neo3/neon-js/index.html
MIT License
184 stars 166 forks source link

[Wish] Compatibility layer with wallet providers #544

Open corollari opened 4 years ago

corollari commented 4 years ago

It would be great if it was possible to connect wallet providers such as neologin, O3 or NeoLine to neon-js, allowing web-based dapps to easily integrate with these wallet providers so that their users can use these wallets to sign transactions.

The current status quo is that most dapps use neon-js to interact with the blockchain and, given that neon-js requires the private key to sign any transactions, these dapps request the user to provide the key by copy-pasting it into their web interface. As you can imagine, this is quite insecure, so there have appeared several wallet providers that aim to improve the security on the user side by providing a constricted blockchain-facing interface to dApps and gating all interactions with the user's private key by requiring the user to approve any operations done with it.

The way this constricted interface is more commonly implemented is by injecting an object with all the methods into the window object, but these methods are quite different from the ones provided by neon-js (see neologin's api for an example) so dapps that want to allow users to use both the traditional copy-paste method as well as wallet providers are forced to implement two different systems.

It would be interesting if a system similar to the one that is currently in use by web3 (Ethereum) could be implemented, where the library is initialized with a provider that is then used internally for all blockchain-facing calls. The library then provides a unified interface to all these different providers.

To illustrate it better, here's a code example:

import Neon, {neonProvider} from "@cityofzion/neon-js";
let neonJs = new Neon(window.neologin)
neonJs.doInvoke(config) // Internally uses neologin's API
neonJs = new Neon(window.o3dapi)
neonJs.doInvoke(config) // Internally uses O3's API
neonJs = new Neon(new neonProvider("private key"))
neonJs.doInvoke(config) // Standard neon-js call

Tagging it as a wish instead of a feature because, in my opinion, this would require a lot of major changes in the library, so it may only make sense when doing a big makeover such as moving to neo3, or it may just not make sense to do at all.

Full disclosure: I'm one of the creators of neologin.

snowypowers commented 4 years ago

The current library kinda provides for the most basic signing feature. You can provide a custom signing solution through the signingFunction field of the configuration. This was done actually to accommodate signing with either the private key or the ledger in neon-wallet. You could hop onto it for a neo2 PoC.

If signing is all you need, future versions will definitely be compatible as the need to sign with a secure factor is clear.

lock9 commented 2 years ago

Hi, I think this has been resolved with Wallet Connect. @ixje Can you confirm? I'm not sure

ixje commented 2 years ago

No idea. I know too little about wallet connect to answer this. Better ask Gil

On 26 Aug 2022, at 20:13, Ricardo Prado @.***> wrote:

 Hi, I think this has been resolved with Wallet Connect. @ixje Can you confirm? I'm not sure

— Reply to this email directly, view it on GitHub, or unsubscribe. You are receiving this because you were mentioned.