One of the user TYPEs that obtain an ID from DATASTORE is "Comets".
All IDs are given with Governance-Senate handshake with the implementation of GeodeUtils.
These are private pools that can be managed by anyone.
We should allow anyone to by-pass this handshake, since anyone should able to create a private pool with ease.
The problem is to allow anyone to claim any ID, meaning malicious actors can claim DAO names and operate pools to mislead people.
I suggest to change ID generation functionality from hash(name) to hash(name, type)
[x] create generateID(name,type) public function in GeodeUtils, since we need getId(name,type) function in Portal.sol
geode-main
commented
2 years ago
One of the user TYPEs that obtain an ID from DATASTORE is "Comets". All IDs are given with Governance-Senate handshake with the implementation of GeodeUtils. These are private pools that can be managed by anyone. We should allow anyone to by-pass this handshake, since anyone should able to create a private pool with ease.
The problem is to allow anyone to claim any ID, meaning malicious actors can claim DAO names and operate pools to mislead people. I suggest to change ID generation functionality from
hash(name)tohash(name, type)