Content
@
0 reply
0 recast
0 reaction
Dan Finlay 🦊
@danfinlay
What if a site wants to manage a key directly, but have it derived from the user's wallet? This seems like a growing use case with embedded wallets. Should we have a method that just passes sites keys that are generated deterministically to their domains? https://ethereum-magicians.org/t/wallet-getexposedappkey/20958
3 replies
1 recast
14 reactions
Dean Pierce 👨💻🌎🌍
@deanpierce.eth
Is private key information touching the network? I feel like crypto rule #1 is "never put your privates on the Internet". Maybe the site can, on the backend, generate an hd root key that can then be blessed by the user such that the site can generate new time bound ephemeral keys as needed. It's scary enough having keys floating in the site's origin just in the local browser 😅 Either way, passing private keys around seems dirty.
1 reply
0 recast
1 reaction
Chris (frametra.in)
@chrisdom
read this discussion in a frame, courtesy of /frametrain https://frametra.in/f/m9jok0kvf0wb3qkslpem72xi
0 reply
0 recast
0 reaction
Levertz
@levertz
You mean so that users can give approval of some small amount to that (temporary/app-derived) wallet? Example of giving Zora access to some ETH so that clicking "Mint" just mints (signed by site) and is not opening a wallet asking for approvals?
0 reply
0 recast
0 reaction