In its announcement post, O3 discussed the pros and cons of the v1 implementation, which was used by Switcheo and NEO Name Service to offer users access to their respective platforms from directly within the O3 wallet.
O3 Labs noted the simplicity of the system for NEO developers, which allows signatures to be directly requested from O3 users, but also outlined some of the key issues with the approach:
To simplify the user experience, O3 has replaced the dialog screens with an alternative based on the OGP standard. The new dialog box displays all the necessary information in a more easily understood manner.
O3 Labs currently uses a manual vetting process to decide which dApps can use the dAPI to request payments, but this whitelisting process is not ideal for a growing ecosystem where a malicious dApp could potentially send a seemingly harmless signature request that drains a user’s wallet of funds.
The v2 protocol provides the wallet with two responsibilities; generate the transaction and signature, and then broadcast the transaction to the network. Instead of the dApp itself being responsible for creating the transaction, creating a security risk, they will interface with the wallet via the dAPI and request it to perform a send function.
O3 notes that the previous dAPI was created to be used primarily by O3’s own applications, but the team has elected to make the protocol open so that any wallet or dApp can conform to it as a new standard. By creating a standard interface, the team hopes to attract more users and developers into the ecosystem.
The standard is still under discussion and not been finalized. It can be viewed on Github here, where all current progress can be seen.
One notable feature of the updated dAPI is the ability to easily change between wallet addresses when connecting to websites or dApps. O3 explains:
“Just like you have different credentials for different websites, you might want to provide different identity information to various websites. For instance, it might not make sense to give an untrusted site access to your address which contains 1000’s of dollars of cryptocurrency. If you had a second address, then you could provide it with a much more limited set of information, only as much as it NEEDED to know to get the job done.”
Due to the similar infrastructure and overlap between NEO and ONT users, O3 has created an Ontology version of the dAPI. This is hoped to create a standardized experience for interactions with both chains.
Documentation for the NEO dAPI can be found here, and the protocol source can be found on Github here. The documentation for the ONT dAPI is located here.
Article comments