tyleryasaka
commented
6 years ago @nick I'm not familiar enough with the client-side dapp yet to quickly update date it to accommodate these changes. I can do this later when I get more time, or you may be able to do it more quickly.
This makes claims valid only for the intended recipient and claim type.
The prefix stuff here is being done to accomodate the prefixing done by web3 when signing messages, as a security measure (https://github.com/ethereum/go-ethereum/issues/3731). Because this signing is most likely going to be done on servers of major claim validators rather than from end-user clients, the web3 prefix could probably be bypassed. But to keep things simple I just adjusted the solidity code to use this prefix. I think it's adequate for now.