You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Remove the ability to sign all messages with amino unless its used with multisigs. As discussed in the architecture call we would like to limit the scope of possible security issues with signing, for this to happen we need to scope what a signmode should/can be used for.
Since amino is used in multisigs primarily we need to to support it for the time being but we will have a plan to migrate out of it.
Problem Definition
Amino signing expands the surface area of possible signing bugs, with 4 sign modes we should limit the scope of issues and work on a single way to sign things.
Work Breakdown
support for sign mode textual in js and (maybe) rs
default wallets to sign mode textual
limit amino to multisigs
provide alternative way of signing off chain multisigs
remove amino
win
The text was updated successfully, but these errors were encountered:
Summary
Remove the ability to sign all messages with amino unless its used with multisigs. As discussed in the architecture call we would like to limit the scope of possible security issues with signing, for this to happen we need to scope what a signmode should/can be used for.
Since amino is used in multisigs primarily we need to to support it for the time being but we will have a plan to migrate out of it.
Problem Definition
Amino signing expands the surface area of possible signing bugs, with 4 sign modes we should limit the scope of issues and work on a single way to sign things.
Work Breakdown
The text was updated successfully, but these errors were encountered: