Add a wallet_attestation_ah field to EvmSigningOffer which is validated to have the same author. Then links against an evm address can be validated against the attestation. The evm-bytes-signer micro-service would ensure the attestation exists on launch.
Pros
Simple implementation
Cons
(minor) Link validation requires chaining must_gets
A compromised agent can freely reuse a wallet attestation; similarly a phished evm signature could be reused indefinitely
Option 2
Nest EvmSigningOffer inside of a SignedEvmSigningOffer. The evm-bytes-signer micro-service then signs this offer as part of creation.
Pros
Knowledge that offers have been individually approved by the wallet owner
Relates to https://github.com/holochain-open-dev/holoom/issues/31
Option 1
Add a
wallet_attestation_ah
field toEvmSigningOffer
which is validated to have the same author. Then links against an evm address can be validated against the attestation. Theevm-bytes-signer
micro-service would ensure the attestation exists on launch.Pros
Cons
must_get
sOption 2
Nest
EvmSigningOffer
inside of aSignedEvmSigningOffer
. Theevm-bytes-signer
micro-service then signs this offer as part of creation.Pros
Cons
SignedEvmSigningOffer