Jim8y
commented
1 year ago @shargon how do you think about this one, interact with the neo node via script
Open Jim8y opened 1 year ago
Jim8y
commented
1 year ago @shargon how do you think about this one, interact with the neo node via script
shargon
commented
1 year ago @shargon how do you think about this one, interact with the neo node via script
Is not the same as invokeScript in rpc? Or what kind of script it is?
Jim8y
commented
1 year ago @shargon it is C# script, where you can write c# code to construct transactions and interact with the neo blockchain, then run the script in the cli, it is painful to use cli since there is no type system right? now this is the solution, you can use this to conveniently do complex operations however you like. Airdrop, event monitoring, all can be done in script.
YOU have type system and code suggestions and auto completion~~like you write C# code....
take a look at the example here: neo-cli/template.cs
shargon
commented
1 year ago @shargon it is C# script, where you can write c# code to construct transactions and interact with the neo blockchain, then run the script in the
cli, it is painful to use cli since there is no type system right? now this is the solution, you can use this to conveniently do complex operations however you like. Airdrop, event monitoring, all can be done in script.take a look at the example here: neo-cli/template.cs
Can we avoid to use reflection in that script?
Jim8y
commented
1 year ago Can we avoid to use reflection in that script?
i am afrait this is how it works. You have security concerns?
shargon
commented
1 year ago Can we avoid to use reflection in that script?
i am afrait this is how it works. You have security concerns?
I would not like the user to be able to access to the Storage or internal methods with this script.
Jim8y
commented
1 year ago I would not like the user to be able to access to the Storage or internal methods with this script.
i dont quite understand the reason of your concern, both script and dll exists in the node without particular protection, if you are considering that attackers might use this script to attack the node, well, it can do it anyway since it has hacked into the node.
Your concern make sense only if we have strong protection on the executable binary or dll. otherwise a script or an attacker written C# project can basically do the same bad thing.
BTW, since reflection namespace is not refered, write reflection code in the script would be impossible hard.
Update: YES, only public methods are accessible.
Jim8y
commented
1 year ago @shargon how do you think?
shargon
commented
1 year ago I'm worried about people who make scripts to supposedly do something, and people who don't know how to program execute this code.
Jim8y
commented
1 year ago this can be disabled by default tough, only guys who need it and konws how to use it can able it.
shargon
commented
1 year ago this can be disabled by default tough, only guys who need it and konws how to use it can able it.
Then, It's better to do it as a module.
This amazing idea is from 17v.
By enabling developers to write and run script in the neo-cli, they are empowerd to directly interact with the leder and smart contract directly with C# code.
What's the benefits?
Newly added commands: