Wallet proposal #2
Discussion about the proposal
RISK Bottleneck - Logging in map creates a bottleneck because one contract receives all the messages
Mechanics of the authentication step
We need this to work for both multi- and single-sig situations
QUESTION Will the locker approach support this?
QUESTION What of the unforgeable name is the lookup into the REVWallet table?
Bootstrapping the wallet
Discussion about https://github.com/rchain/rchain/pull/2138
Walk through of slides
Dan walked through slides (link above)
Deployment slide: how is replay prevented?
Discussion about the confused deputy problem
Discussion about message.sender signing over a transaction that creates a risk for the associated public key
Discussion about nonce
Walk through of Locker contract
Achieved common understanding
Nonce - need to get comfortable that the deploy timestamp + public key (scalable) is the way to go OR introduce actual nonce value (scales poorly)
Need to continue discussion about the lockbox and the confused deputy attack vector
Discuss capabilities and ambient authority of message.sender approach with Kent