varunsrin
commented
1 year ago Thanks for opening this @jakerockland
This is going to be a protocol change and needs to go through the FIP process. We would need to add a new Verification type and upgrade all Hubs to support and check multiple verification types.
The main questions for this proposal would be if the benefits outweigh the additional complexity and work needed to support both types going forward. I'd want to better understand the details around phishing benefits, changes in ui when producing these signatures across common wallets and the impact on UX of the ledger changes.
LMK If you are interested in proposing this, would be happy to support.
jakerockland
What is the feature you would like to implement?
Would be an improvement if the wallet authentication flow for connecting a wallet to your Farcaster account used the SIWE message format (https://eips.ethereum.org/EIPS/eip-4361).
Why is this feature important?
This gives better peace of mind when signing messages by being in a standard format – additionally, the hardware wallet provider Ledger will interpret this more directly (not requiring raw signing).
These factors improve user trust and reduce risk of a signing phishing compromise should someone try to use phishing/spearphishing techniques to trick a user into signing a fake authentication method.
Will the protocol spec need to be updated??
I am not sure without doing deeper digging.