Front-end protection
complete
Emanuele
In order to avoid hacks (not critical anyway) it is necessary to strenghten our communication layer between front-end and back end.
Today we use crc32 to check (backend side) whether the message is sent by the correct account or not.
We need to strenghten this by using “wallet signature” after every login. The signature will be kept during the session and will be used to enforce requests to the backend.
Emanuele
marked this post as
complete
From now on the couple wallet/signature is saved into your browser's localStorage and kept there until the session has expired (2h2 houyour rsours). After that time, and if you have closed your browser, a new signature request will be prompted to you after connecting wallet (see the screenshot below). Why is relevant for you? to make an example it protects the front-end data of your profile, like the username for example, from hacking attempts. This will make Quantix more secure.
Emanuele
marked this post as
in progress