Waqas pfp
Waqas
@worqas
AI assisted coding gives you super powers if you know at least one language really well and understand the fundamentals. Like, I've never written a word of Solidity, but I can totally understand and debug it when AI writes it for me.
1 reply
0 recast
6 reactions
shazow pfp
shazow
@shazow.eth
Let me know if you'd like another quick pair of eyes. :) Worth going through articles like these (there's like a couple dozen of them) if you're doing anything with actual value: https://docs.soliditylang.org/en/latest/security-considerations.html
1 reply
0 recast
1 reaction
Waqas pfp
Waqas
@worqas
I have a ton of questions! Right now I'm not doing anything high stakes. My frame lets two people play a chess game, at the end you have an option to mint an NFT with the metadata of the game and players and a photo of final board position. This is what I've figured out so far: - when a game ends, ask user if they want to mint an NFT. - if I want to charge exactly 0.1 USDC for the NFT, I calculate the current eth exchange rate off chain using some API (?) and then use that amount to initiate transaction. - if yes, using Warpcast sdk, initiate transaction (this is on client side and prompts user to approve transaction). - once approved, this transaction is directly sent to a smart contract. - This contract then issues an NFT to the sender. - Q: should I, can I, send metadata in the transaction that user send to the contract? Or can I just issue a blank NFT initially, save that token address on my backend, and then update NFT metadata. Is it possible to update NFT metadata after minting?
1 reply
0 recast
1 reaction
shazow pfp
shazow
@shazow.eth
How much do you care about the user being able to mint whatever metadata at whatever cost? Anything you want "enforced" needs to be onchain or signed by some "oracle" (trusted party) Getting USD/ETH rate in solidity is not too hard. ENS does something similar if you want a production example. Another option is using an AMM pool like one of the Uniswap ones to get a price, eg https://docs.uniswap.org/concepts/protocol/oracle (We generally refer to anything that serves as a source of truth as an "oracle")
1 reply
0 recast
1 reaction
shazow pfp
shazow
@shazow.eth
That is to say: if you're enforcing the exchange rate and metadata in the frontend/client side, that means I can just use another client (eg write my own, or a generative one like I made, callthis.link) to call your contract with any exchange rate or any metadata I want. :)
1 reply
0 recast
0 reaction
Waqas pfp
Waqas
@worqas
I do want the NFT to be somewhat dependable about a person's standing as a player. That's why I asked if you can update an NFT retroactively. If I do it this way: - issue a blank NFT - in the contract have an update function that only allows my to update NFT - update the NFT with metadata from my database at the back end - nfts with metadata and photo are real, rest not. What other way can I make it more secure? What if I send encrypted metadata and then decrypt that in the contract? Or send metadata signed by me that can be verified in the contract? What's the most intuitive and best practice here? Sorry for the deluge of questions and thanks so much for the help!
1 reply
1 recast
1 reaction