►
From YouTube: All Wallet Dev Meeting #8
Description
No description was provided for this meeting.
If this is YOUR meeting, an easy way to fix this is to add a description to your video, wherever mtngs.io found it (probably YouTube).
A
So
we
don't
have
a
ton
on
the
agenda
for
this
week.
I
mean
we
never
do,
but
what
do
we
have?
We've
got
Victor's
supposed
to
be
presenting
54-53,
but
I.
Don't
know
if
he's
made
it
so
we
can
probably
skip
over
that
one.
For
now
we
can
talk
a
little
bit
about
my
webrtc
experimentation.
A
I,
don't
know
if
anybody's
been
following
along
with
that,
but
the
summary
is
basically
that
we
want
to
use
webrtc
for
the
next
generation
of
wallet,
dap
communication,
but
we
ran
into
a
roadblock
where
you
need
to
have
some
active
server
components
to
be
able
to
initial,
initiate
a
webrtc
connection,
specifically
at
minimum.
You
need
a
signaling
server
which
just
has
to
pass
messages
between
both
sides.
The
connection
that
can
go
a
little
bit
more
into
depth
on
that.
A
But
you
know
we
can
talk
about
that
after
two
once
everything
else
is
out
of
the
way.
A
Well,
yeah,
I
I,
don't
think
it's
too
problematic
and
like
so
the
big
worry
about
the
signaling
server
and
you
know
the
ice
and
stun
servers
and
stuff
is
that
you
need
an
active
server
so
for
ipfs
hosted
sites
you
wouldn't
be
able
to
connect.
A
There
are
public
ice
and
Ice
servers;
they
don't
so.
It
gets
really
deep
into
the
nitty-gritty
when
you're,
when
you're
investigating
this.
So
there's
there's
two
types
of
ice
servers,
there's
stun
and
turn
stun
is
the
one
that
allows
you
to
punch
through
gnats
but
doesn't
do
any
relaying
and
that
one
can't
censor
you
all.
The
only
information
it
gets
is
the
IP
address
of
both
sides
of
the
connection,
and
that's
it
so
as
long
as
you,
you
aren't
censored
on
an
IP
level,
you're
fine.
B
A
A
It's
like
jitsi
uses
them
Discord
uses
them.
Anybody
who
uses
webrtc
for
anything
uses
one
of
these
servers.
Okay,
so
so
the
the
big
problem,
though,
is
the
the
signaling
server.
So
this
would
be.
There
are
no
large
signaling
servers
that
I
can
find,
and
the
signaling
server
gets
a
little
bit
more,
not
not
that
much
more,
but
a
little
bit
more
context.
A
It
gets
the
each
each
device's
IP
addresses
all
of
them,
but
that
message
can
be
encrypted
end
to
end.
So
it's.
A
It
gets
whatever
we
send
to
it.
We
get
to
choose.
B
A
A
B
I
also
put
origin,
this
won't
query
for
so,
if
you
go
to,
you
know,
tornado
no
cash
or
whatever,
and
you
then
try
to
connect
through
the
signaling
server
you're
going
to
tell
the
signaling
server
from
your
browser.
The
browser
end
will
tell
the
signaling
server.
Hey
I
am
coming
from
tornado.cash.
Are
you
sure?
I
am
quite
confident
that
browser
will
automatically
add
the
origin
to
every
external
column
mix
like.
B
B
A
B
B
And
or
browsers
are
incredibly
anal
about
making
sure
the
origin
is
always
there
like,
they
have
no
way
to
override
it.
I
don't
even
know
if
plugins
can
override
the
origin
they
might
be
able
to,
though,.
B
A
To
look
into
but
yeah
it
doesn't
yeah,
so
I
guess
webrtc
I
guess
there
are
discussion
from
the
chat
ended
up
with.
We
can't
really
use
webrtc
with
this
and
also
preserve
all
of
the
nice
properties
of
like
window.etherium,
so
we're
thinking
of
a
little
bit
less
ambitious
protocol
which
uses
like
a
steam
Handler
so
like
we've
discussed
previously
and
then
just
using
that
to
do
like
window.post
message.
A
So
that
takes
care
of
extensions
having
to
ask
for
a
ton
of
permissions,
but
it
doesn't
solve
mobile,
wallets
and
Hardware
wallets
as
elegantly
but
yeah.
If
anybody
else
is
like
a
front-end
developer
and
knows
this
stuff
inside
and
out,
please
feel
free
to
contribute
to
the
discussion
in
extension
registry,
because
I
am
way
outside
of
my
element
with
this.
D
Yeah
I
guess
I
guess
we're
trying
to
solve
different
problems
so
that
that
I'm,
just
listening
in
picking
a
single
extension
by
using
a
URL
scheme,
seems
Overkill.
But
if
you
have
multiple
ones,
then
it's
kind
of
a
necessity.
A
Yeah
exactly
so
like
the
whole
discussion
started
because
the
sequence
wallet
their
extension
was
fighting
with
metamask
so
for
people
who
had
them
both
installed.
A
D
A
Yeah
so
I
think
wallet
connect,
has
kind
of
an
interesting
approach
to
that
I
think
it's
World
connect
where
they
they
have
wallet
specific
schemes
as
well
as
one
generic
one.
A
D
Mean
we
played
around
with
wallet
connect.
The
thing
is
that,
in
terms
of
the
registered
wallet,
there's
only
one
so
wallet
connect
can
kind
of
provide
you
to
connect
to
the
other
wallets,
but
in
terms
of
the
registered
one
like
the
the
one
that
actually
puts
the
ethereum
provider,
it's
it's
always
the
current
one.
A
Yeah,
the
only
annoyance
is
that
if
you
wanted
to
connect
to
two
Wallets
on
the
same
dap,
it
would
pop
up
the
Chooser
twice
and
would
rely
on
the
user
having
to
select
the
two
wallets
they
want
to
use.
A
D
A
Yeah,
it's
somewhere
like
sorry,
go.
B
Ahead,
are
we
ready
to
drop
the
scheme
Handler,
given
Chrome's
position,
I.
A
A
B
I
think
that's
okay,
the
vast
majority
of
users
will
have
one
wallet
most
likely
and
so
they'll
set
it
and
never
get
a
prompt.
B
D
Yeah
I
I
guess
in
in
in
our
scenario,
we
have
some
jobs
that
only
work
with
our
wallet,
but
that
doesn't
mean
the
user
should
have
all
their
funds
on
a
wallet.
It
just
means
that
when
they
go
to
our
DOT
Benito.
D
B
A
The
scheme
Handler
would
be
pretty
pretty
simple
to
pick
a
particular
wallet
like
let's
say
we
just
standardized
like
the
format
for
the
URL
and
it's
going
to
be
like
web
plus
ethereum
slash
wallet
Dash
so
that
it
matches
the
631
I
think
is
the
the
number
format
for
ethereum
URLs
and
then
you
could
just
say
you
know
any
wallet
that
wants
to
have
their
own
thing.
A
That
follows
a
similar
pattern
could
have
you
know
web
plus,
metamask
web
plus,
candid
or
whatever,
and
then
they
follow
the
same
format,
but
they
aren't
officially
standardized
as
like.
This
is
the
way
to
connect
to
any
wallet
it's
just
like
vendor
specific
stuff,
but
yeah
capabilities
would
be
really
really
difficult
to
do
with
the
Handler,
because
the
user
would
have
to
cycle
through
every
wallet
that
they
have.
There's
no
broadcast
functionality
right.
A
Oh,
that's
clever,
so
that
that
would
really
work
for
if
we
still
want
to
inject
providers,
but
that
doesn't
solve
the
problem
where
we
want
to
remove
permissions
from
wallet
extensions,
yeah,.
D
A
A
Yeah
exactly
I,
don't
know:
I
I
have
some
friends
at
akamai2.
I
can
talk
to,
they
might
know
someone
at
Chrome,
so
yeah
I'll
I'll
do
some
digging
on
that
and
see
what
the
the
status
is.
A
So
I
guess
Victor
is
not
here
yet
so
we'll
have
to
deal
with
that
later.
So
the
the
next
topic
is
eat.
5139
authentication.
A
So
this
is
the
standard
for
like
provider
lists
that
I've
been
pushing.
How
do
like
RPG
providers
do
authentication
as
far
as
I'm
aware,
there's
just
username
and
password
like
HTTP
basic
auth
and
HTTP
Bearer
auth.
Is
there
anything
else?
I
need
to
consider.
F
Yes,
a
lot
of
them
like
Imperial
use
like
the
the
keys
and
the
path.
F
Seen
query
parameter
as
well,
but
I
was
talking
about
like
the
just
like
the
path.
Param
like
you
know,
remember
what
their
time
is.
Yeah.
B
A
F
B
No,
no
one
should
be
putting
secrets
in
URLs.
We
all
know
this
right.
D
B
I
think
the
reason
they
do
like
click
mode
I,
think
does
this
as
well
and
fear.
Does
it
I
think
the
reason
they
do?
It
is
because
tools
all
were
built
without
any
sort
of
authentication
like
they
don't
support,
Bearer
or
HTTP
off,
and
so
it
was
kind
of
a
fallback
of
well.
We
got
to
put
a
key
somewhere
and
the
literally
the
only
place
we
can
put
it
that
will
actually
work
with
existing
tools
like
metamask
and
whatnot.
It's
in
the
past,
so
I
think.
B
A
As
far
as
far
as
this
file
like
the
list
is
concerned,
though
it's
just
adding
a
string
of
text
yeah,
that's
easy
cool.
My
partner
and
I
made
a
mock-up
of
an
all
wallet
devs
website.
It's
in
the
agenda.
I
can
link
it
again
in
the
chat.
If
you
guys
like,
if
you,
if
anybody
has
any
suggestions,
feel
free
to
open
a
PR,
it's
really
simple.
Neither
of
us
are
front-end
designers,
so
yeah,
there's
that
and
I
guess
last
is
there?
E
E
To
ask
Micah,
if
he's
interested
in
seeing
what
I
was
what
I
was
working
on
in
my
wallet,
because
I
do
have
one
ear
that
I
can
show
briefly.
E
Or
the
group
then
awesome,
I
didn't
know
if
this
is
I
didn't
know
if
this
is
the
Forum
or
not
or
if,
if
other
people
followed
the
any
of
the
thread
earlier,
but
I
do
have
a
I
do
have
a
wallet,
and
this
is
just
kind
of
the
dashboard
you
get
to
when
when
you
first
come
in
I,
don't
know
how
well
it's
coming
through
it.
E
It's
pretty
rough
at
the
moment,
but
I
only
added
one
wallet
to
it
and
for
those
of
you
that
are
curious,
because
you
see
one
button
here,
which
is
which
is
called
the
checkout
button,
and
the
idea
of
the
wallet
is
really
for
payments
and
I
have
hard-coded
it
to
only
support
tokens
that
I
issue
and
what
else
I
also
have
the
concept
of
different
types
of
wallets.
So
this
particular
wallet
that
I
have
imported
is
just
the
public
wallet
address.
E
So
the
concept
here
is
creating
an
app
that
a
small
business
owner
could
could
run
and
they
could
use
it
in
their
store
for
generating
payment
requests
and
I
did
follow
eip681
for
the
payment
request.
I'll
show
you
here
what
happens
when
I
click
the
the
checkout,
so
what
it
does
is
because
if
you
kind
of
think
of
if
I'm
a
merchant
and
I've
just
somebody
purchased,
something
and
I
would
normally
go
to
a
payment
terminal
and
type
in,
however
much
they
they
needed
to
pay.
E
E
Then
there
is
the
payment
code
payment
request
code
that
it
it
does.
You
actually
can
scan
that
it
should.
It
should
generate
an
eip681,
a
payment
request
and
it
basically
says
what
chain
what
token
and
the
token
amount
there
of
of
123.
E
and
so
that
that's
the
concept
of
the
wallet
right
now,
but
the
discussion
I
had
with
Micah
earlier
on
this
week
was
this
is
really
good
for
in-person
transactions
like
a
small
business
owner
I,
go
into
the
shop,
let's
say
paying
for
a
cup
of
coffee,
but
because
this
is
just
my
ad
this
right
now
in
this
mode,
it's
just
a
glorified
QR
code
generator
because
I
imported
this
wallet
address
just
by
scanning
a
QR
code
generated
by
metamask.
Let's
say,
which
is
the
wallet
address?
E
This
wallet
doesn't
have
the
private
keys
on
the
phone
which,
which
is
kind
of
great
for
a
merchant,
because
they
can
set
up
an
app
like
this
for
all
of
their
employees,
each
one
with
a
different
wallet
address
and
then,
in
the
back
end
they
can
sweep
sweep
the
accounts.
E
Type
of
thing
for
any
of
the
incoming
payments
obviously
returns
different
story
because
they
can't
send
transactions
from
here,
but
because
this
is
a
QR
code,
it
is
very
possible
or
it
would
be
very
easy
to
implement
a
plug-in
in
something
like
woocommerce
or
or
any
any
kind
of
e-commerce
application,
because
they
don't
need
to
store
private
keys,
but
they
could
generate
a
a
payment
request
similar
to
that.
But
problem
is
if
I
have
two
people
on
a
website
and
they
each
make
a
payment
or
their
order,
their
cart
when
they
hit
the
checkout.
E
E
And
so
that's
one
of
the
things
that
Micah
was
was
helping
me
with
this
week.
And
so
we
have
this
concept
now
of
including
a
payment
ID
with
that
QR
code,
so
that
when
the
sender
scans
the
code
and
approves
the
transaction
in
their
app,
they
can
include
the
payment
ID,
along
with
the
transaction.
So
I
pushed
out
a
an
erc20
contract
with
that
with
that
in
it
anyways
I
can
go
on
and
on
and
talk
about
this,
but
anyways
there's
there's
the
high
level.
It's.
A
Looking
pretty
sick,
so
how
does
the
payment
ID
work?
Is
it
just
like
tacked
on
to
the
end
of
the
call
data
or.
E
So
the
first
thing
I
had
to
do
was
modify
the
ERC
erc20
contract,
so
we
included
the
ability
for
when
the
sender
is
signing
the
transaction,
they
can
include
this
additional
parameter.
So
we
actually
created
a
new.
A
new
transfer
type.
I
forget
what
the
function
was
called.
It
was
probably
transfer
with
payment.
E
Id
is
what
I
called
it
in
the
in
the
smart
contract
so
that
when
I
send
the
trans,
when
I
send
the
token
I,
send
it
using
this
new
transfer
method
and
it
accepts
the
payment
ID
in
that
transfer
method,
and
if
it's
blank,
if
there
is
because
it's
optional,
if
it's,
if
there
is
nothing,
then
it's
just
it's
just
considered
zero.
E
This
way,
I've
actually
was
able
to
query
the
the
transaction
it
hash
in
on
the
blockchain
and
polygon,
scan
and
I
can
see
in
the
input
data
payment.
Id
is
there
so
now,
when
the
when
the
merchant
or
I
can
have
an
app
that
when
it
pulls
that
transaction
from
the
blockchain,
it
can
parse
out
that
payment
ID
and
they
can
reconcile
it
on
the
back
end
with
whatever
that's.
A
Yeah
so
playing
The
Devil's
Advocate
a
little
bit.
What
what's
different
about,
adding
like
random
dust
to
the
payment
amounts
and
then
using
that
to
track
it.
E
And,
and
thank
you
everyone
for
the
thumbs
up,
you
mean
in
just
the
standard
erc20
contract.
A
Yeah,
just
you
do
like
you
know:
a
dollar
25
die
plus
you
know
64
or
like
bits
of
like
fractions
of
a
die.
E
Great
I'm
not
sure
if
I
follow
you
putting
so.
A
B
E
B
Yeah,
it's
just
lots
lots
of
apps
it's
one
of
these
situations
where,
like
everybody,
uses
18,
except
for
like
two
people
and
those
two
people
cause
no
end
of
problems
because
they
are
the
ones
that
don't
follow
and
unfortunately,
when
the
Saturn
understand
is
written,
people
thought
it
was
a
good
idea
to
allow
everybody
to
choose
their
own
decimal
amount,
but
it
turns
out
that
was
actually
kind
of
we
all
regret
it.
Like
everybody
was
around
about
me
or
C20
was
was
written.
We
were
all
like
God,
damn
it
why'd.
B
We
add
that
it
just
encourages
people
to
use
something
other
than
18
and
it
causes
problems
just
little
bugs
here
and
there
just
everywhere.
It's
like
one
of
those
things.
That's
there's
not
one
specific
problem
that
it
causes
it.
Just
life
becomes
miserable
for
you
and
everybody
who
tries
to
integrate
with
your
stuff
yeah.
E
A
Yeah
but
yeah
so
like.
Let's
say
you
did
have
a
token
with
18
like
die
and
USD
USD
C
at
least
has
six.
So
if
you
took
like
the
last,
you
know
the
the
least
significant
two
decimal
places
and
randomized
them
so
that
each
person
who
paid
that
address
gets
a
random
amount
of
of
dust
like
payment.
And
then
you
use
that
as
your
payment
ID,
because
that
would
work
with
basically
every
token.
B
I
will
take
your
Devil's
Advocate
and
respond
before
bug
can
and
a
lot
of
uis
get
very
unhappy
when
you
have
number
number.000
or
what,
and
so
just
the
user
experience
ends
up
kind
of
bad.
E
And
I
I
also
felt
that
if
there
was
partial
payment,
I
might
need
to
reference
the
same
payment
ID
and
make
additional
payment.
E
One
of
the
other
scenarios
that
I
haven't
worked
out
yet
is,
and
the
scenario
I
just
showed
you
for
like
a
copy
that
was
a
dollar
twenty.
Three,
the.
E
What
if,
when
the
the
customer
wants
to
leave
a
tip
right
now,
I
don't
have
the
ability
to
tip,
but
I
can
imagine
that
the
app
could
have
a
hey.
Do
you
want
to
add
a
one
dollar
tip
or
a
10
tip
type
of
thing,
and
then
it
would
be
sent
as
a
different
amount,
but
that
that
doesn't
necessarily
talk
about
your
dust,
but.
E
E
B
B
I
think
the
other
solution
is
to
just
append
call
data,
and
this
is
one
of
those
things
that
probably
shouldn't
work,
but
it
does
and
then
you
can
just
look
for
the
transactions
that
are
sent
to
your
address
and
then
the
call
data
will
have
the
normal
transfer
stuff.
But
then
it'll
have
extra
bytes
that
the
contract
will
ignore,
and
so.
E
Oh,
but
it
is
still
recorded
on
on
chain
you're
saying
yes,.
E
B
It's
still
recorded
everywhere,
it
just
is
ignored
by
the
contract,
so
you
can
put
any
data
you
want.
Basically,
at
the
end
of
the
call
it's
it's
not
the
best
pattern
to
follow
like
it's
yeah,
it's
very
obscure
and
opaque,
but
if
you're
in
a
situation
where
you
know
you
need
this
information
and
you're
using
someone
else's
token,
it's
an
option
and
some
people.
E
And
I,
actually,
in
fact,
I
intend
to
use
my
own
token
and
the
app
would
be
hard-coded
to
use.
Just
my
token.
E
But
that
was
one
of
the
things
that
is
it
an
extension
of
681.
In
fact,
when
I
was
reading
681,
it's
really
just
a
way
of
representing
the
request
in
a
URL,
and
it
includes
additional
parameters
that
you
can
add
on
to
the
URL.
So
technically
it
may
not
need
to
be
Rewritten.
It's
just
in
my
use
case.
I,
add
a
parameter
of
payment.
Id
equals
whatever.
A
E
It's
not
yeah,
so
I
think
I,
don't
think
681
needs
to
be
modified,
but
perhaps
an
extension
to
erc20
could
be
suggested
for
to
include
probably
not
calling
it
a
payment
ID.
It
might
get
suggested
even
something
a
little
bit
more.
Generic
I
forget
what
you
said,
but
some
type
of
unique
ID
to
go
along
with
it.
D
D
E
A
A
So
this
kind
of
goes
into
another
idea:
I've
been
kicking
around
for
way
too
long.
Would
there
be
any
interest
in
standardizing
a
URL
format
for
requesting
payment
in
one
of
n
token
types
so
like
I
am
willing
to
accept
seven
usdc
7
die
0.05
eth
and
you
pack
that
all
into
a
QR
code
and
send
it
to
the
other
wallet
and
they
decide
how
to
pay.
Would
that
be
something
useful
for
anybody?
A
C
F
E
A
B
E
Well,
it
only
accepts
one
URL
and
it
could
be
multiple
parameters
then,
and
perhaps
currency
one
equals
whatever
currency
two
equals
bought
currency
three
equals
whatever,
but
then
it
all
depends
on
the
the
wallet
that
you're
scanning
to
interpret
it.
Unless
again,
it
was
standard
parameter
names,
let's
say
I
know
me
personally,
I
think
what's
going
to
happen,
is
stable.
Coins
are
probably
there's
probably
going
to
be
a
move
more
towards
stable
coins
for
use
cases
like
that
to
Me
Maybe
other
people
feel
otherwise,
but.
A
B
Your
argument
here,
Sam,
that's,
someone
could
send
to
transactions,
one
of
which
is
a
token
transfer
and
one
of
which
is
a
go
place,
a
bet
on
a
lottery
like
they
don't
need
to
be
related,
whereas
if
you
live
and
constrain
it
to
just
an
array
of
token
transfers,
you
know
they
all
use
the
same
UI
exactly.
A
So,
like
I'm
thinking
like
the
scenario
I'm
thinking
more
in
like
the
L2
world
too,
right
where,
like
I'm
on
arbitrome
you're
on
optimism
and
I,
have
to
figure
out
how
to
get.
You
know
one
hamburger's
worth
of
money
from
one
person
to
another
person
in
this
multi-chain
world.
How
can
we
do
that
with
a
QR
code?
That's
kind
of
the
scenario.
B
E
Yeah
I
think
I
think
I
interpreted
your
request
slightly
different,
not
even
just
the
seven
different
ways,
but
you
even
said
hey
somebody
owes
me
ten
dollars
and
that
ten
dollars
can
be
XE
xmatic
or
X.
Hello.
Kitty
token
is
that
I
thought
that
that
was
my
interpretation,
that
you
kind
of
did
the
forensic,
the
currency
conversion
and
priced
it
to
them
in
multiple
different
tokens
that
they
could
pay
you
with
yeah.
A
A
D
A
D
D
A
E
A
A
B
E
B
Expect
any
one
of
these
these
four
payment,
whatever
you
want,
but
it's
got
to
be
one
of
those
today
and.
B
Right,
would
you
want
Sam?
Would
you
also
want
to
support
Bitcoin
and
see
cash
Monero
Dash.
A
E
A
E
That's
what
681
is
it
talks
about
it?
The
very
first
little
bit
talks
about
because
you
do
include
the
chain
it
includes
ethereum
at
the
beginning,
but
you're
right,
it
could
say
Bitcoin
at
the
beginning,
I
believe
681
does
foreign.
A
E
That's
actually
how
I
learned
about
the
the
format,
because
I
was
going
to
create
my
own
format,
which
would
have
been
proprietary,
but
then
I
looked
at
what
metamask
generated,
because
almost
all
wallets
have
the
request
payment,
but
all
they
ever
do
is
just
show
their
public
address.
They
don't
do
a
enter
the
amount
you
want
to
receive
right,
often
or
what
token
you
want,
even
but
metamask
does
and
I
believe
it
did
anyways.
That's
how
I
discovered
it
was
doing
it
with
metamask.
E
E
Actually
I'm
going
to
do
a
in
a
couple
months,
I've
been
planning
to
do
a
a
pilot
at
a
local
bar
where
I'll
give
people
enough
credit
in
their
wallet
for
like
three
drinks
and
let
let
the
the
store
owner
run
the
merchant
wallet
on
their
app
and
accept
payment.
I
want.
E
E
Will
buy
for
everyone
who
pays
using
my
wallet
and
whatever
the
merchant
collects
in
their
wallet.
I
won't
even
give
them
the
wallet
in
case
if
they're
worried
about
losing
the
private
keys
or
something,
but
the
way
that
this
works
from
a
merchant
perspective.
It's
essentially
a
cold
wallet.
It's
just
the
right.
It's
just
a
it's
just
a
view
wallet
a
watch
wallet.
That's.
D
E
Which
this
is
the
ls8
or
seven
and
eight
you're
talking
about
part.
D
D
To
if
you
wanted
to
control
your
wallet,
yeah.
E
I
use
so
I
I.
This
is
this
is
a
project.
What
I
just
showed
you,
but
I
I
also
happen
to
issue
tokens
using
ERC
3643,
that's
kind
of
my
day,
job
so
I,
so
I'm
familiar
with
that
that
token
standard
right
and
we
can
do
permissions-
cover
your
ears
Sam,
but
we
can
block
an
address.
We
white
list
addresses
we
can
do
recovery
of
our
tokens.
Yeah.
D
D
F
G
F
G
Right
all
right,
cool,
so
yeah
all
right,
so
the
team
that
we
formed
is
called
the
dark
floor.
We
are
working
on
a
product
called
the
Interceptor.
G
The
Interceptor
is
a
browser
based
extension
that
that
that
offers
a
whole
lot
of
functionality,
but
works
in
conjunction
with
metamask.
So
we
have
here
kind
of
you
know.
The
normal
flow
is
that
you
know
your
your
dap
will
talk
to
metamask
and
you'll,
get
like
a
bunch
of
garbage
and
have
have
no
idea
what
it's
about
to
do.
G
The
Interceptor
actually
replaces
the
window
dot
ethereum
object
in
order
to
take
control
of
the
of
how
the
DAP
talks
to
ethereum,
and
only
in
certain
cases
does
it
bother
asking
metamask
for
anything,
and
it
does
so
via
signing.
So
it's
really
only
going
to
forward
a
signing
requests,
so
the
the
Interceptor
never
holds
on
to
a
private
key.
It
just
provides
read
helpfulness
to
you
know.
Prior
to
that.
G
So
we
have
a
download
right
here,
unfortunately,
because
the
whole
Chrome
stuff
that
I'm
sure
many
of
you
are
all
aware
of.
We
don't
have
a
working
Chrome
version,
yet
it
will
work
in
Chrome.
It
just
won't
get
approved
in
signs,
because
it's
a
V2.
G
Yeah
so
I
think
we'll
probably
include
some
instructions
here
for
now,
just
if
you're
kind
of
interested
as
a
developer
to
try
to
load
up,
probably
not
difficult,
but
you
just
have
to
go
through.
You
know
a
you
know
a
debugging
page
that
looks
pretty
scary,
but
for
Firefox
you
know
you
can
just
click
on
this
I
already
have
installed
so
I'll
cancel.
But
if
you
click
on
this
it'll
it'll
load
it
right
into
your
right
into
your
your
Firefox.
This
is
Firefox
right
here,
see
here.
G
Okay,
so
I
already
have
this
thing
loaded
up
here
and
so
actually
I
wasn't
prepared
for
this
God.
G
So
because
we
have
replaced
the
window.etherium
object,
we
can
do
all
sorts
of
things.
Probably
the
first
and
most
obvious
thing
that
we
can
do
is
lie
about
who
we
are
right.
We
can
say,
whoever
you
know,
we
can
say
we're
metallic,
even
though
we
don't
have
his
his
private
key,
which
kind
of
allows
us
to
test
what
daps
look
like
from
various.
You
know,
perspective
of
of
other
application
of
other
users
and
change
balances
and
pretend
that
we
have
more
money.
G
So,
for
example,
we
have
a
button
here
called
make
me
Rich,
which
is
really
just
a
template,
that
kind
of
begins
to
Fork
main
net
right
in
your
browser.
It
doesn't
actually
Fork
it.
It
has
another
technical
means
that
it
does
this.
But
if
you,
if
you
do
this
see,
we
add
a
simulation
outcome
here,
which
is
adding
200
000
ether
accounts,
and
now
you
can
see,
we've
gone
from
having
six
thousand
each
to
206,
000,
eth,
and
because
we've
created
this
this,
the
simulation
stack.
G
This
isn't
just
a
single
transaction
that
we
run.
We
can
actually
add
lots
of
things
to
it.
For
instance,
we
can
use,
let's
say
so.
He
had
six
thousand
each
before
so
we
can
actually
spend
seven
thousand
each
and
buy
a
and
buy
some
token.
So
let's
say
I,
don't
know
what
some
token,
how
about
that's?
A
good
one,
ens.
G
So
it
is
again
currently
only
talking
to
to
the
the
Interceptor,
so
you
know
we're
going
to
experience
some
pretty
serious
slippage
here.
Let's
go
ahead
and
do
it
anyway,
because
it's
fake
money-
yes
I,
totally-
want
to
spend
all
this
fake
money.
So.
G
In
in
doing
so
again,
we
have
not
talked
to
metamask,
yet
this
is
the
Interceptor
and
it
has
taken
the
transaction
that
was
about
to
be
executed
and
it
has
simulated
it
and
it
described
it.
So
it's
not
looking
at
the
call
data
to
do
this.
It's
actually
conducted
a
test
version
of
this
call.
After
the
make
me
Rich
the
saying
like
hey,
if
you
do
this,
you
are
going
to
lose
7000,
eighth
and
you're
going
to
gain
86,
000
ens
tokens.
G
You
know
kind
of
see
these
these
these
outcomes
here,
there's
there's
lots
of
other
contracts
that
are
changing
their
balances,
but
the
only
one
we
really
care
about
that's
highlighted
here.
Is
you
the
user
lose
this
gain
this
and
we
say
simulate.
G
You
know
we
can.
We
can
add
this
to
the
simulation
stack
and
we
will
see
these
these
balances
updates.
It's
a
little
slow
because
unit
swap
only
refreshes
on
on
new
blocks,
but
yeah
you
can
see
now
we
actually
have
less
than
200
000
either
right,
so
we
spent
if
we
didn't
have,
we
gained
a
whole
bunch
of
of
EMS
tokens,
and
you
know,
because
we're
creating
a
simulation
stack
we'd
even
go
back
the
other
way
right.
We
can
take
all
these
DNS
that
we
just
acquired.
G
You
know
and
experience.
You
know
a
pretty
significant
loss
right.
We
we
need
to
approve
in
order
to
to
operate
with
with
unit
swap
right,
so
it
won't
even
show
us
the
swap
button
until
we
approve
right,
but
we
can
just
fakely
approve
by
adding
it
to
our
our
Fork.
Like
simulation
stack
and
again,
it
tells
us
what's
happening,
it's
like
hey.
You
are
allowing
uniswap
to
spend
all
of
your
ens
at
it.
G
E
B
G
G
So
this
is
just
a
kind
of
a
low
level
transaction
creating
service
that
just
allows
you
to
basically
run.
You
know,
really
really
simple
queries.
G
One
of
the
things
that
we
noticed
was
that
there
was
a
lot
of
scams
like
I,
come
from
kind
of
like
the
scam
industry
of
like
trying
to
protect
users
and
help
users
recover
funds,
and
so
there's
lots
of
terrible
things.
That
can
happen.
Probably
one
of
the
worst
things
that
happens
with
erc20s
is
that
people
accidentally
send
them
to
themselves.
G
People
will
say:
I
want
to
send
100,
you
know
die
to
my
friend,
but
they
accidentally
had
the
die
contract
address
in
their
clipboard,
which,
when
they
when
they
did
it,
and
so
here
we're
going
to
try
to
send
one
die
to
die
itself
and
metamask
will
let
you
just
happily
do
this
and
you'll
just
burn
all
your
money,
even
though
it's
really
really
easy
to
detect
so
yeah,
you
can
see
our
simulation
stack
is
still
there,
but
here
we
see
we're
going
to
send
one
die
to
die
and
it's
like
hey,
you're,
probably
not
doing
the
right
thing
and
actually
won't
even
let
you
proceed
until
you
deal
with
some
blocking
UI
elements
that
make
you
understand
like
what
it
is
you're
about
to
do,
and
normally
this
is
going
to
be
enough
to
kind
of
break
somebody
out
of
their.
G
You
know
their
trance
of
like
wait,
I'm
about
to
do
the
wrong
thing
and
hopefully
save
people
money.
We've
got
a
whole
bunch
of
these
in
there
from
really
high
gas
price
to
approving
EOS,
which
is
another
common
scam
method.
So
we're
hoping
that
we
can
prevent
a
lot
of
users
from
getting
scammed
both
through
allowing
them
to
simulate
things
before
they
do
that,
and
by
actually
providing
built-in
protections
for
various
known
problems
that
people
experience
with
ux
and
crypto.
G
Have
to
yeah
yeah,
that's
awesome!
Well,
yeah,
and
it's
funny,
though
this
is
operating
on
ethereum
without
having
the
private
key
is
very
similar
to
the
stuff
that
you
were
showing
on
on
Europe
right.
That's
how
to
become
a
thing!
It's
like!
You
know,
you
don't
need
to
have
the
private
key
to
kind
of
do
and
who
do
useful
things
and
interact
with
you
know
with
ethereum
and
learn
things
and
have
you
know,
conduct
transactions.
G
So
the
simulation
is
something
that
we're
we're
working
on
standardizing,
but
in
the
meantime,
we
have
written
our
own
API
that
allows
us
to
simulate
like
a
stack
of
transactions.
So
just
like
there's
an
eth
call,
we
basically
wrote
our
own
version
of
each
call
that
takes
an
array
and
every
time
we
get
a
let's
say
we
like
the
unit
swap
says
hey.
Can
you
get
me
the
balance
of
of
ens
right?
How
much?
How
much
ens
does
this
person
have
instead
of
turning
around
and
doing
an
eth
call?
G
We
do
this
multi-call,
where
we
stuff
all
of
these
transactions
into
this
array
and
then
append
to
this
one
to
the
end
of
the
array
and
conduct
the
transaction,
so
we're
doing
a
lot
of
simulation
in
order
to
return
this.
This
value
here
of
you,
know
0.001852
right,
we're
running
every
single
transaction
before
using
a
customized,
RPC
method.
There
are
standards
that
are
being
pushed
forward.
That
I
think
would
be
really
really
great
to
get
through,
but
they're,
not
in
Mainline
guest.
G
Yet,
although
their
rpr's
open
and
we're
trying
to
get
the
resources-
and
you
know
political
alignments
in
order
to
actually
get
those
merged
because
it's
going
to
help
a
lot
of
people.
G
G
Yeah
the
there
are
ways
that
we
can
save
users
from
scams
using
this
as
well
a
lot
of
times.
People
like
if
they're
going
to
buy
a
token
that
that
they
can't
sell
they
could
literally
go
through
the
process
of
buying
it
and
selling
it
before
they
ever
actually
buy.
It
I
think
there's
a
lot
of
you
know,
I.
Think
people
can
explore
ethereum
a
lot
more.
If
they
can,
you
know,
run
transactions
that
they
can't
afford
or
that
they
don't
want
to
to
do.
G
You
know
with
their
own
money
yet
until
they've
seen
how
it
works.
I
think
it's
gonna
be
really.
It's
gonna
I
think
open
up
a
lot
of
people
to
see
what
what
ethereum
is
capable
of.
Even
if
you
know
you
can't
yourself
create
a
you
know:
10
million
dollar.
You
know
liquidity
position,
it'd
be
kind
of
cool
to
see
it
like
in
simulation
modes,
foreign.
G
The
way
that
website
access
is
tracked,
I
think,
is
a
lot
more
meaningful.
It
has
a
better
breakout
of
like
addresses
that
are
that
are
kind
of
correlated
because
you
use
them
on
the
same
website.
We
also
have
you
know,
address
books
that
we're
hoping
to
try
to
push
forward
more
on
that.
You
know
so
again.
Users
make
that
mistake
where
they
send
money.
You
know
die
to
the
die
contract,
because
the
ux
around
address
books
hasn't
really
been
great,
especially
in
metamask,
and
so
you
know
hoping
we
can.
G
E
Love
to
share
some
What
I've
Done
with
you
and
get
ideas
and
collaborate
on
that.
G
Well
so
yeah,
if
you're,
if
you're
running,
Firefox
I
recommend
you
know,
checking
it
out
and
and
we'll
we'll
post
some
instructions
about
how
to
do
it
in
Chrome
as
well.
It
probably
only
takes
about
just
a
couple
minutes
to
do,
but
it's
not
something
I
would
want
an
end
user
to
do,
but
just
if
you're
interested
from
a
development
standpoint,
so
you
know
checking
out
what
what
we
do
and
how
we
get
it
done.
Yeah
I
think
again,
the
website
was
dark,
dark
dot,
florist.
C
B
G
G
Yeah
yeah
yeah
totally
so
I,
don't
think
I
have
any
money
loaded
in
this
stuff,
but
yeah.
So
you
could.
You
could
absolutely
do
the
same
things
with
your
Live
accounts.
So
you
know
if
this
guy
had
any
money.
Sorry
I
wasn't
prepared
to
to
demo
this
right
now,
but.
G
G
This,
for
you
know,
for
some
EMS
I
mean
you
hit,
swap
you're
gonna,
see
the
same
exact
tools
that
pop
up
that
allow
you
to
to
simulate
that
allow
you
to,
you
know,
see
the
transactions
before
they
occur
and
you
can
even
take
your
own
address
and
start
creating
a
simulation
stack
based
on
it
and
and
those
are
where
the
those
bundles
become
a
lot
more
interesting,
because
you
can
see
all
the
things
that
are
happening
before
you
try
to
land
them
all
in
chain.
G
At
the
exact
same
time,
one
of
the
big
pushes
we're
also
making
is
trying
to
get
users
that
are
able
to
like
white
hat
recover
their
own
accounts,
but
then
they've
been
scammed.
There's
like
a
whole
series.
We
basically
need
to
use
bundles
for
that,
and
we
have
some
work
that
we're
doing
to
basically
convert
the
that
simulation
stack.
I
showed,
before
into
a
bundle
itself
that
allows
I
mean,
hopefully
allows
users
to
recover
funds
that
are
kind
of
Locked
Up
by
scammers
that
part's
not
finished
yet,
but
I
think
it's
pretty
close.
A
A
G
You
know
this
will
be
a
bit
of
a
cat
and
mouse
game.
So
basically
somebody
could
create
a
token
that
says:
okay,
you
can
buy
this
and
sell
this
if
you're
in
Interceptor
simulation
mode,
but
you
can't
sell
it
on
real
mainnet
right
because
they
they
might
recognize
like.
Oh
they
always
choose.
You
know
this
minor
as
the
or
you
know
this
validator
is
the
one
that's
running
in
the
evm
when
they
simulate
it
is
something
we're
gonna
have
to
to
fight
against.
We
might
be
able
to
get
to
perfect
simulation.
G
B
Simulation
detection
on
the
validator
are
tough
yeah,
because
we
currently,
we
can
find
out
what
the
next
validator
is
and
we
could
simulate
the
next
elevator.
So
it
looks
very
legit
in
that
sense,
but
validator
privacy
is
something
that's
on
the
roadmap,
where
you
will
not
be
able
to
predict
the
next
validator
which
point
we
now
need
to
pick
a
validator
and
I
mean
I.
Guess
we
could
choose
a
random
validator
from
a
list
or
something,
and
that
would
help
protect
us.
B
F
G
G
But
right
now
it's
basically
a
right.
Now,
it's
like
a
cat
and
nobody
game
right.
It's
like
they
can
just
create
create
these
tokens
that
will
totally
scam
the
users
and
it's
trivial
for
us
to
detect
that
they're
going
to
get
scammed,
but
you
know
what
we
just
don't
have
the
ux
to
show
them.
So
good
luck
with,
like
you
know,
holding
on
to
your
money,
it's
like
at
least
we're
participating
in
the
game.
At
this
point.
C
One
good
example
for
that:
one:
when
Scott
was
making
those
transactions
with
a
huge
amount
of
sleep,
it's
and
then
executing
them
the
simulation
and
the
simulation
we
are
showing
that
you
actually
get
that
amount
of
tokens.
But
actually
what
would
happen
is
that
someone
would
front
run
and
would
sandwich
sandwich
like
that
and
at
the
moment
we
are
not
showing
anything
that
that
you're
making
this
kind
of
transaction,
the
huge
slippage
which
you
probably
shouldn't,
be
making
and
we
are
planning
adding
that
kind
of
custom
U.S.
C
G
So
right
here
in
the
transaction
outcome
for
the
swap,
we
see
like
hey,
you're
gonna,
lose
10,
000,
eighth
and
you're
going
to
gain
this.
But
we
only
think
that
that
amount
of
tokens
is
worth
1000,
eighth
right
and
so
there
there
could
be
again
some
sort
of
like
a
blocking
UI
element
here
that
says:
hey,
you
know
what
you
are
receiving
and
what
you
are
losing
is
is
wildly
different
and
you
should
understand
that.
G
G
Yeah
yeah
and
they're
very
simple
right
so
yeah.
If
anybody
wants
to
contribute
some
days
if
they
have
good
ideas
like
they're,
very
easy
yeah,
so
here's
another
one
like
if
you
are
giving
an
approval
to
a
contract
that
is
not
etherscan,
verified
right,
you're,
probably
doing
something
bad
like
well,
yeah,
we'll!
Let
you
proceed,
but
you
probably
should
be
a
I
need
to
click,
a
button
that
says
I
know
I'm
about
to
get
scammed
here
and
then
they
can
get
scammed.
G
H
Oh
yeah,
all
of
a
sudden
thanks
just
I
I
I,
mentioned
to
Sam
for
kind
of
sharing,
some
of
my
if
works,
and
so
I
just
want
to
go
up
quickly,
show
of
showcase
here
and
one
of
the
things
that
I
think
might
be
interesting
for
the
wallet.
Oh
sorry,
I
was
confused,
is
the
streaming
ending.
H
Oh
okay,
yeah
didn't
mean
to
drop
people
off.
So
if,
if
anyone
is
interested,
I
have
been
advocating
for
this,
the
ipu
5453
endorsements,
which
you
can
also
see
a
reference
implementation.
The
idea
is
that
there
is
eip2612
permit
for
yassi
20
and
there's
a
bunch
of
others
that
take
ecdsa
signatures
in
a
call,
and
so
that
you
can
give
people
on
one
ton
one-time
permits.
This
takes
a
different
approach.
H
H
So
if
you
implement,
if
you,
if
you
implement
the
EIP
5750
the
using
an
extended
price
data,
then
any
function
of
eips
can
actually
adopt
this
Behavior
by
saying
if
they
follow
this
particular
structure
and
ascending
into
the
signature
and
in
fact
they
can
actually
have
multiple
signatures,
then
a
one-time
permit
can
be
done
for
that
trans
transfer
and
then
in
a
show
and
tell
let
me
show
you
what
it
looked
like
in
in
a
reference
implementation
and
you
can
give
it
a
try
and
also
feedbacks,
are
very
appreciated.
H
H
So
let's
say
you
have
an
ERC
2721
and
then
you
want
to
allow
people
to
Mint
and
only
the
AI,
the
the
only
when
there
are
authorized
or
endorsed
by
Whoever
has
the
endorsing
endorsing
power,
for
example,
people
here
and
owner
what
they
can
do
is
they
can
just
add
this
modifier,
which
I
have
the
code
to
say:
hey,
compute,
this
hash
and
then
and
then
behind
the
scene.
Once
it's
verified
that
it's
on
it's
endorsed
with
this
endorsement
signatures,
it
can
proceed
to
do
mint.
H
This
approach
allows
you
to
basically
add
any
add
this
accountability
to
any
functions
that
happen
to
have
an
extra
data
which
is
eip5757
is
about
so
go
check
it
out,
I'm,
also
promoting
the
CIP
ERC
ref
contracts,
efforts
that
I'm
talking
about
or
anyone
who
are
interested
in
contributing
to
erc's
or
authors
of
ERC,
to
share
your
reference
implementation,
because
the
lovely
open
sapling
I
really
like
them,
doesn't
take
the
Leading
Edge
eips,
so
I
have
to
share
them
in
this
particular
banner.
H
And
then,
if
you
want
to
give
it
a
try,
you
can
do.
You
can
just
npm
sync
install
this
and
then
start
using
it
in
your
own
contract.
H
For
example,
you
can
just
implement
it.
You
can
just
import
this
AR
aerc,
5453
and
begin
using
it
now
in
the
context
of
wallets
worry
about
what
it
provides
is
also
the
ability
to
do
multi
signatures
without
signature,
aggregation,
I
think
that's
about
to
it.
I
don't
want
to
drag
people
too
long,
but
I'm
happy
to
stay
and
and
answer
questions
or
feedbacks
are
welcomed.
Yeah
and
a
few
times
appreciate
it.
D
H
Yeah
I
think
cheering
you.
The
reference
implementation
speaks
louder
than
just
showing
you,
the
eips,
but
I
posted
both
and
by
the
way,
there's
something
that
I
need
to
work
on
the
the
IP
reference
implementation
to
make
it
I
need
to
make
a
decision
about
how
it
actually
aligned
with
the
ipo1275127
eip715012
in
terms
of
whether
it
is
could
still
use
the
structure
or
promote
a
new
hash
which
is
function
like
I.
Think
seven,
one
two
doesn't
particularly
address
the
the
sense
of
hey.
H
This
is
a
function,
call
and
so
I
either
need
to
invent
a
struct
or
say
this
is
the
new
hash
format
that
will
be
able
to
adopt
to
so
that's
a
pending
issue
so
for
the
people
who
are
experts
of
that?
Don't
blame
me
for
not
yet
solving
that
problem.
I
just
call
it
out.
Yeah
confess
foreign.
H
Oh
Sam
can
I
also
mention
that
there's
an
ethereum
magician
meetup
on
the
on
the
east,
on
on
the
that
is
Stanford,
which
is
moved
a
day
back
after
the
after
the
wallet
con.
So
if
you
happen
to
be
on
the
wallycon,
you
can
join
the
ethereum
magician
Meetup
after
the
on
the
March,
2nd
yeah.
A
Awesome,
that's
I
think
everything
we
had
today
thanks
everybody
for
coming
out
and
we'll
see
you
all
in
in
about
a
month.