Add a wallet_attestation_ah field to EvmSigningOffer which is validated to have the same author. Then links against an evm address can be validated against the attestation. The evm-bytes-signer micro-service would ensure the attestation exists on launch.
Pros
Simple implementation
Cons
(minor) Link validation requires chaining must_gets
A compromised agent can freely reuse a wallet attestation; similarly a phished evm signature could be reused indefinitely
Option 2
Nest EvmSigningOffer inside of a SignedEvmSigningOffer. The evm-bytes-signer micro-service then signs this offer as part of creation.
Pros
Knowledge that offers have been individually approved by the wallet owner
Relates to https://github.com/holochain-open-dev/holoom/issues/31
Option 1
Add a
wallet_attestation_ahfield toEvmSigningOfferwhich is validated to have the same author. Then links against an evm address can be validated against the attestation. Theevm-bytes-signermicro-service would ensure the attestation exists on launch.Pros
Cons
must_getsOption 2
Nest
EvmSigningOfferinside of aSignedEvmSigningOffer. Theevm-bytes-signermicro-service then signs this offer as part of creation.Pros
Cons
SignedEvmSigningOffer