The current implementation does ensure that a given beneficiary and the tx-hash belong to each other. A tx could be hijacked and abused.
Therefore, the following proposal should be implemented to protect against fraud and abuse:
The payload is to be structured as follows:
{ "conversion" :
{ "beneficiary": "<planetmint address>",
"tx-hash": "<tx id on liquid that represents the value to be converted>"
},
"signature": "< sign( private_key, object("beneficiary") ) of the private key belonging to the public key that signed the tx identified by tx-hash"
}
The verification process will look as follows:
verify( payload.tx.public_key, payload.conversion )
The current implementation does ensure that a given beneficiary and the tx-hash belong to each other. A tx could be hijacked and abused. Therefore, the following proposal should be implemented to protect against fraud and abuse:
The payload is to be structured as follows:
The verification process will look as follows: verify( payload.tx.public_key, payload.conversion )