I am creating a game on the blockchain platform and I am doing the front part using reactjs and for this purpose I am using libraries related to SOLANA and Phantom Wallet. The problem I am facing is that Phantom Wallet asks for confirmation from the user for every transaction that is made. For example, in the game, for each action that the user performs, a message confirming the transaction is displayed. How can this be done without receiving confirmation from the user?
For example, the code that runs to create a game is as follows:
program.methods
.setupGame()
.accounts({
game: gamePDA,
authority: wallet.publicKey,
playerOneAccount: CURRENT_USER_PDA,
})
.rpc();
Related
I am building a full stack application which will include react js as front end and node js as backend and ethereum as blockchain platform. I have deployed my smart contract on a test network and now I want to integrate it with frontend ReactJS but I don't want to use metamask. I want that user just clicks on a button and the transactions gets signed inside the code and no wallet gets prompted on screen. But from internet resources , I have seen that Private keys are exposed in code so is there any way where I can hide my private keys and still sign transactions without metamask ?
I want that user just clicks on a button and the transactions gets signed inside the code and no wallet gets prompted on screen.
That is not how blockchain works. The user is in control of the key, not you. The wallet protects the private key because poor quality application developers cannot properly do this job.
I suggest you either
Rethink your application so that you pay the gas fees and sign the transactions on behalf of your user
Accept the fact you should not play around with the users' private keys
... or stop using blockchain for your application
Please also see xyproblem.info for information how to ask more relevant questions.
Say, I have an interactive dapp, like a game and I want the user's actions to be saved on the blockchain (maybe these are moves in the game of chess, whatever).
So, from my understanding, options are:
Create dynamic wallet via web3, prefill it from the metamask and send as many transactions as I want.
Somehow negotiate with the user to trust the dapp and let metamask send transactions on user's behalf without pesky prompting.
What is the right option (if any)? Turns out, metamask has a whole permission escalation framework, yet I wasnt able to ask the right permission.
You can access user funds in several ways:
ask users to deposit in a smart contract and keep track of balances there
ask users to allow your smart contract to spend their tokens via ERC20 allowance
How often will user actions be saved on the blockchain?
Even if your dapp has access to all user funds via a shared wallet or ERC20 allow() + transferFrom() you'll still need somebody to trigger a transaction and pay gas fees whenever you're updating chain state.
I want to build a multistep registration Auth flow where these are the required steps and flow:
In the first step User verifies mobile number with otp.
In the second step User uploads image of some ID proof.
In the third step User fills some extra details such as name, email, address, etc.
Finally user submits the form.
Upon receiving the form details an Admin(having direct access to firebase console and firestore) manually checks the details , if they seem real he/she sends a newly generated Id(can be email or phone no.) and Password (created by admin) to the User through email or sms with which he/she can finally login.
I know it is complicated and might not be possible with firebase but I still want some insight and answer to my problem. Thank you.
The scenario is that users of web application can purchase digital items. The web application will use Paypal Instant Payment Notification.
The IPN protocol consists of three steps:
PayPal sends your IPN listener a message that notifies you of the event
Your listener sends the complete unaltered message back to PayPal; the message must contain the same fields in the same order and be encoded in the same way as the original message
PayPal sends a single word back, which is either VERIFIED if the message originated with PayPal or INVALID if there is any discrepancy with what was originally sent.
Let's say it's VERIFIED, how could I know who have completed the transaction or purchased the item (user of the web application) if the user used other email address in his/her paypal? I have stored the email address of the user in session but what if he/she have different paypal email? Paypal email is included in IPN message.
For other details, maybe not useful, the application is written in Struts2 in Google-App-Engine.
You'll need a way to correlate the IPN data coming back with the user. Either by asking them to provide their paypal email or using the username/password generation facility in the IPN service. Here is a somewhat inelegant but functional approach:
When the IPN comes in off the wire, persist the paypal generated username/password and payer_id (in perhaps the datastore).
If you can't correlate by email, then when the user comes back to your site request that they enter the username/password generated from paypal's site once (just to correlate).
Lookup the username/password and then correlate their userid from the UserService back to the payerid.
The reason to use IPN is for subscription services as you can get IPN messages when the subscription is terminated, cancelled, or when payments come in (for an account that stopped paying).
The most important thing to think about is how to correlate a user of your site back to the payer_id (or even payer_ids in some cases) that are used to pay for the services they are using.
On another note, I wouldn't use the session to store information for IPN callbacks, those actually can take a LONG time sometimes (say when the x.com conference is on and everyone is hammering paypal).
If you have a running application or a better description of the look & feel, I might be able to come up with a more elegant suggestion. Let me know if this helps at all.
Why don't you use PayPal's express checkout? This way you negotiate server2server a token and then you can check with PayPal the result of that token on user's return.
If users are buying directly from your application it's easier to implement.
And I think it'is more robust than the method you're using (I never heard of it before :D )
I have an mvc application where you have to be registered to log in. So you have your profile page and etc... As a part of the application I have a chat for all users (silverlight page). You enter the chat from your profile page. You have a list of online users there (who logged in on the site and not necessary entered the chat page) but exchange messages you can just with users who did enter the chat page. Otherwise they won't see them. Here is my problem.
So, I want to realize next functionality: if user who didn't enter the chat page was chosen by another to start conversation in chat (silverlight), he should get a pop up message on HIS profile page (mvc) with invitation to the chat. I understand how to send data from silverlight to mvc through WebClient and json format. I don't understand how to reach particular user's profile page. I can think just about some database table with this kind of invitations and some timer on the profile page to check on them.
Please express your ideas, thoughts or opinions in this matter. I would appreciate any help. Thanks in advance.
Maybe you should check out SignalR.
Like you mentioned you need some way to signal another client about the message by checking periodically. SignalR does this for you and in modern browsers uses Websockets to make it even better.
It is very easy to setup and you can build a chat application in a few lines of code. Without the need to save messages in a database (when you don't want to).
Check out this blog post for a sample chat application:
http://www.hanselman.com/blog/AsynchronousScalableWebApplicationsWithRealtimePersistentLongrunningConnectionsWithSignalR.aspx