From 542c56d070870dcf25289dc4fc223ca53861f069 Mon Sep 17 00:00:00 2001 From: karczu Date: Mon, 25 Mar 2024 14:48:20 +0100 Subject: [PATCH 1/5] rfc-1104/confirmingTx draft --- src/RFC-1104_ConfirmingTx | 82 +++++++++++++++++++++++++++++++++++++++ 1 file changed, 82 insertions(+) create mode 100644 src/RFC-1104_ConfirmingTx diff --git a/src/RFC-1104_ConfirmingTx b/src/RFC-1104_ConfirmingTx new file mode 100644 index 0000000..2c4e3d5 --- /dev/null +++ b/src/RFC-1104_ConfirmingTx @@ -0,0 +1,82 @@ +# RFC-1104/ConfirmingTx + +## Rules of confirming transactions. + +![status: draft](theme/images/status-draft.svg) + +**Maintainer(s)**: [karczuRF](https://github.com/karczuRF) + +# Licence + +[ The 3-Clause BSD Licence](https://opensource.org/licenses/BSD-3-Clause). + +Copyright 2024 The Tari Development Community + +Redistribution and use in source and binary forms, with or without modification, are permitted provided that the +following conditions are met: + +1. Redistributions of this document must retain the above copyright notice, this list of conditions and the following + disclaimer. +2. Redistributions in binary form must reproduce the above copyright notice, this list of conditions and the following + disclaimer in the documentation and/or other materials provided with the distribution. +3. Neither the name of the copyright holder nor the names of its contributors may be used to endorse or promote products + derived from this software without specific prior written permission. + +THIS DOCUMENT IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS", AND ANY EXPRESS OR IMPLIED WARRANTIES, +INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE +DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, +SPECIAL, EXEMPLARY OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR +SERVICES; LOSS OF USE, DATA OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, +WHETHER IN CONTRACT, STRICT LIABILITY OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF +THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + +## Language + +The keywords "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", "SHOULD", "SHOULD NOT", "RECOMMENDED", +"NOT RECOMMENDED", "MAY" and "OPTIONAL" in this document are to be interpreted as described in +[BCP 14](https://tools.ietf.org/html/bcp14) (covering RFC2119 and RFC8174) when, and only when, they appear in all capitals, as +shown here. + +## Disclaimer + +This document and its content are intended for information purposes only and may be subject to change or update +without notice. + +This document may include preliminary concepts that may or may not be in the process of being developed by the Tari +community. The release of this document is intended solely for review and discussion by the community regarding the +technological merits of the potential system outlined herein. + +## Goals + +The aim of this Request for Comment (RFC) is to describe the rules of confirming transactions by user. + +## Related Requests for Comment + +- [RFC-1100 Tari Universe Overview](https://github.com/tari-project/rfcs/pull/134) +- [RFC-1101 Tapplet](https://github.com/tari-project/rfcs/pull/137) + +## Description + +For the moment the vast majority of dapps uses external wallets, like MetaMask, to allow users to interact with the dapp, confirm and sign transactions. The flow roughly looks like this: +Init transaction with the data to be signed (e.g. by pressing a button) +Metamask sign-in request window appears +User press “sign” button to proceed a transaction +If a transaction is done (succeeded or failed) another notification appears to inform an user about the tx result. + +Below a few scenarios showing how to confirm the transaction process within a tapplet should look like are presented. + +1. “Metamask-like” flow +2. No modal window for signing transactions at all +3. “Mixed model” which is: + +- no-prompt if the transaction value is < x USD +- modal window if the tx value > x USD (x should be determined if any) + +4. Build-in signing window which is part of tapplet design +5. Simulate the transaction and summarize the difference of user holdings in case the transaction is executed. + +# Change Log + +| Date | Change | Author | +| :---------- | :---------- | :----- | +| 25 Mar 2024 | First draft | karczu | From f7560ecb07b94f40c8265700c5ea0da249c21826 Mon Sep 17 00:00:00 2001 From: karczu Date: Tue, 26 Mar 2024 15:57:59 +0100 Subject: [PATCH 2/5] rfc-1104/confirmingTx draft scenarios --- src/RFC-1104_ConfirmingTx | 46 +++++++++++++++++++++++++++++---------- 1 file changed, 35 insertions(+), 11 deletions(-) diff --git a/src/RFC-1104_ConfirmingTx b/src/RFC-1104_ConfirmingTx index 2c4e3d5..b91a5d1 100644 --- a/src/RFC-1104_ConfirmingTx +++ b/src/RFC-1104_ConfirmingTx @@ -1,6 +1,6 @@ # RFC-1104/ConfirmingTx -## Rules of confirming transactions. +## Tari Universe: rules of confirming transactions ![status: draft](theme/images/status-draft.svg) @@ -58,22 +58,46 @@ The aim of this Request for Comment (RFC) is to describe the rules of confirming ## Description For the moment the vast majority of dapps uses external wallets, like MetaMask, to allow users to interact with the dapp, confirm and sign transactions. The flow roughly looks like this: -Init transaction with the data to be signed (e.g. by pressing a button) -Metamask sign-in request window appears -User press “sign” button to proceed a transaction -If a transaction is done (succeeded or failed) another notification appears to inform an user about the tx result. -Below a few scenarios showing how to confirm the transaction process within a tapplet should look like are presented. +- Init transaction with the data to be signed (e.g. by pressing a button) +- Metamask sign-in request window appears +- User press “sign” button to proceed a transaction +- If a transaction is done (succeeded or failed) another notification appears to inform an user about the tx result. + +At Tari Universe simplicity and security should go hand in hand, so below a few concepts of confirming transactions are presented to find the best one. 1. “Metamask-like” flow + + It is just a copy-paste solution widely used in web3. Tari Univers needs something more user-friendly and integrated with the application. + 2. No modal window for signing transactions at all -3. “Mixed model” which is: -- no-prompt if the transaction value is < x USD -- modal window if the tx value > x USD (x should be determined if any) + This concept is rejected due to lack of security. + +3. “Mixed model” + + This concept assumes that some tx can be done without explicit user confirmation. In this scenario _x_ (as USD value of transaction) should be defined: + + - no-prompt if the tx value is less than _x_ + - modal window if the tx value is greater than _x_ + + Rejected due to lack of clarity about what price level would be the limit and non-intuitiveness + +4. Build-in signing window which is part of Tari Univers/tapplet design + + Transaction with presented data can be confirmed by clicking a button on a tapplet window, which appears or on top of a tapplet or is placed aside. + +5. Desirable from the point of view of readability and UX. + + Simulate the transaction and summarize the difference of user holdings in case the transaction is executed. It can be done with transaction dry-run before submitting it to a validator node. For more details see [RFC-0350/TariVM](https://rfc.tari.com/RFC-0350_TariVM) + +#### Suggested solution + +As it was discussed, the security comes first, so definitely all transactions need to be confirmed before sending to the Tari Network. At the same time users shouldn’t be overwhelmed by the amount of information, especially not given just the “list of hashes” to sign, which are definitely not understandable for typical users. Therefore the idea is to show the transaction summary and quite a nice example of that is presented by [Radix Wallet](https://www.radixdlt.com/wallet). + +Transactions should be shown in a clear, simple and user-friendly way. They should give users complete visibility and control before signing, with a summary of a transaction and meaningful instructions of each step. It should be easy to see what inputs and outputs are, what’s the transaction cost and so on. -4. Build-in signing window which is part of tapplet design -5. Simulate the transaction and summarize the difference of user holdings in case the transaction is executed. +Confirming transaction steps should be an inseparable part of the transaction flow, thus its summary should be presented not as a modal window (like MetaMask), but rather within the Tari Universe (on top of a tapplet or to a side of it) - designs need to be discussed and created accordingly. # Change Log From 410eb66f4a79e07df788f9fe69afaa3e3c95d39e Mon Sep 17 00:00:00 2001 From: karczu Date: Thu, 28 Mar 2024 15:24:23 +0100 Subject: [PATCH 3/5] rfc-1104/confirmingTx sample tx info --- ..._ConfirmingTx => RFC-1104_ConfirmingTx.md} | 50 ++++++++++++++++++- 1 file changed, 49 insertions(+), 1 deletion(-) rename src/{RFC-1104_ConfirmingTx => RFC-1104_ConfirmingTx.md} (76%) diff --git a/src/RFC-1104_ConfirmingTx b/src/RFC-1104_ConfirmingTx.md similarity index 76% rename from src/RFC-1104_ConfirmingTx rename to src/RFC-1104_ConfirmingTx.md index b91a5d1..464542e 100644 --- a/src/RFC-1104_ConfirmingTx +++ b/src/RFC-1104_ConfirmingTx.md @@ -48,7 +48,7 @@ technological merits of the potential system outlined herein. ## Goals -The aim of this Request for Comment (RFC) is to describe the rules of confirming transactions by user. +The aim of this Request for Comment (RFC) is to describe the rules for confirming transactions by the user. ## Related Requests for Comment @@ -99,6 +99,54 @@ Transactions should be shown in a clear, simple and user-friendly way. They shou Confirming transaction steps should be an inseparable part of the transaction flow, thus its summary should be presented not as a modal window (like MetaMask), but rather within the Tari Universe (on top of a tapplet or to a side of it) - designs need to be discussed and created accordingly. +### Sample transaction in Tari Network + +Tari Network [accounts transfer](https://github.com/tari-project/tari-dan/blob/86dd4f910e040cb98b118abaf66a5719b59c987f/applications/tari_dan_wallet_web_ui/src/api/hooks/useAccounts.tsx#L89) is the simplest transaction that can be used to analyze and extract transaction data. This is needed to know what data is available and should be shown to the user when interacting with the tapplet. +At the time of writing this RFC, a transfer transaction has the following parameters: + +``` +export interface ConfidentialTransferRequest { + account: ComponentAddressOrName; + amount: Amount; + input_selection: ConfidentialTransferInputSelection; + resource_address: ResourceAddress; + destination_public_key: string; + max_fee: Amount; + output_to_revealed: boolean; + proof_from_badge_resource: string; + dry_run: boolean; +} +``` + +And transaction response. + +``` +export interface ConfidentialTransferResponse { + transaction_id: string; + fee: Amount; + result: { + transaction_hash: Uint8Array; + events: Array; + logs: Array; + execution_results: Array; + result: TransactionResult; + fee_receipt: FeeReceipt; + } +} +``` + +The last parameter from the `ConfidentialTransferRequest` - `dry_run` - is used for gas calculation and at the same time is crucial for transaction simulation. Therefore it can be used to show transaction result before confirming it. From this the key values can be extracted and shown to the user in a simple and transparent way: + +``` +withdrawing from: +depositing to: +amount: +fee: +status: +``` + +Appropriate designs must be created. + # Change Log | Date | Change | Author | From 875af89b93ff7bacc7658cf4b1bb02c758b13382 Mon Sep 17 00:00:00 2001 From: karczu Date: Tue, 2 Apr 2024 10:55:18 +0200 Subject: [PATCH 4/5] rfc-1104/confirmingTx example design & related rfcs --- src/RFC-1104_ConfirmingTx.md | 10 +++++++--- src/assets/confirm-tx.png | Bin 0 -> 20717 bytes 2 files changed, 7 insertions(+), 3 deletions(-) create mode 100644 src/assets/confirm-tx.png diff --git a/src/RFC-1104_ConfirmingTx.md b/src/RFC-1104_ConfirmingTx.md index 464542e..c573157 100644 --- a/src/RFC-1104_ConfirmingTx.md +++ b/src/RFC-1104_ConfirmingTx.md @@ -52,8 +52,10 @@ The aim of this Request for Comment (RFC) is to describe the rules for confirmin ## Related Requests for Comment -- [RFC-1100 Tari Universe Overview](https://github.com/tari-project/rfcs/pull/134) -- [RFC-1101 Tapplet](https://github.com/tari-project/rfcs/pull/137) +- [RFC-1100: Tari Universe Overview](https://github.com/tari-project/rfcs/pull/134) +- [RFC-1101: Tapplet](https://github.com/tari-project/rfcs/pull/137) +- [RFC-0150: Base Layer Wallet Module](RFC-0150_Wallets.md) +- [RFC-0153: Staged Wallet Security](RFC-0153_StagedWalletSecurity.md) ## Description @@ -145,7 +147,9 @@ fee: status: ``` -Appropriate designs must be created. +Appropriate designs must be created. The simplest example may look like below. + +![Confirming Tx](./assets/confirm-tx.png) # Change Log diff --git a/src/assets/confirm-tx.png b/src/assets/confirm-tx.png new file mode 100644 index 0000000000000000000000000000000000000000..c05a3aafe3e1ddb2472ebf9170de0198ad7da9d3 GIT binary patch literal 20717 zcmeFZWmuG7*gZOmiqZ%I(o&*~bf?NtQX+yNNOwy&DBTi*w19w=G)N;zBP|`$(jeXc zdw%bG&ULQy`FuQcDUOfN?Ad!id$0T6YpvU$=L%A|Smam;1Oit^8ubE!xDpG$hi_hm zD-%up1@Ol$8)}k--*;!ItJl_;6{Zz zQ#Nbkgx$=%&bv*a-8MRgD$c6P6FAK~3LMx-dLyZN|TT}?|Xr78-#z{$lGEypBJX+n#wf1M$^ zBR>8v5#tp^x1o^{lbBd)=zWJu~}XqQD# z*SY9k*9_aBIEP7F=SX2N3&U`4w?n|)%^pRjXr$Iv#6qWWs)x}xp_#`wWtpP$d--+t@(vQ<2CqD4^9s&`+)2PQS&PmX8^hgoKfly<@IrO{d zdF64>qKJW|c$5Ukp5K+nR*W>9uCymj2%WpdMQovBKYW>QAOwuR<#noQfBNz83c{dk zQh(aWzXCdtRD~IeBm6QxHP!3#!sA+rON(Cd#f9g^3xaELU5k!2q_#Z=2M1|sX-?BF zZAPV!zQ5Pel92FY4z8=KlYJAZ5-4`2&)h_2CB3w~oFNe(kL>CgDH!=sY9-DCfNfMeOpi47b6*doynO{4C*7M<({x?_LW z*B8Xv^f*#`mv@|#6tb&Isf3-k|NQW&${FMQoSU1@Ec+%TpE;OQK%hgLTFBAj7E9@B zJXxusvnE*yI}v<>IXELDV?8s=H0}A~>3PuxWvUrIriwLcQ0%a;{-y9j)@c zxL8Sh)>(LZazv%`Yt+gh|E3#5}eNPWNrr9rlbd6rhgS-4IP>qmID5 zdZlt=YH)CV_jt6>f|p{;UzwPZJPZ#Xe|O8w%d3Go_`#itIyWaI$zU7>Ucem*UAKzL zN=%<8*@G*Gr$JxS)8BjDncw-2>^ftXA3Q2FP!Dg>gDJra@S*zJR;pAuvbOJfTnrDF zH}Tij;e-XRgwny*Oz*d-nJr`8kUGK&I}MG*Uq;y1uBJ2d^6~AaPfSdlo}NxwRnBa| zx<6x^FI-@_Tw(i-g|H+}zyE%+=L3 zAtB)*3k!XuG?GN$4dzpcScF=!bL{<(&$KsdrK(Cwq9jOQy!L`Zf`Z)grDGQBHYzGG z=)o0Oy20r$RaLW+YFmy zP$ws@7kMcu)SgX`Y5RtTeri378X6sKXMK61{d0L27Y}dvznA~hd)b5WFI2J$3VyBa z|D*Ql?0lBm+jfCvA*-xRlvmU?pY!#rjzi+%fJn*_l7AR4m;F`ie9m0jn;OUKK0hAQ z{;{nJ{0d(xaZN%ACOs|8fh@a>&&}1-#@T@ey8Y@1j@(9 zhdQDS-fM@2hX<$guZdh~m`RmpP^-8d(gJO$P*GCa^HZKouZ@qtu4t~c)+X>(pMQ1Z zr25wTzVY$Sp3lskA6Z`g?U#%F{ee&-@|6s6iw%Ewbcqipe#v^rtWD8TrfEVtvjwK( zQ<4j3%j-{^my?~0!qi>Y1^)^$kI6Wf$f1P)l;ouqihcQmFHQcdCDc%N9dpmm(1#~7 zkeL#1WMpL5>rzD}tVIu*Z*z7!zwesSZ=$Rmoz5JDn%f`IRum}6%}vNEudK|ToHKam zpZQW;TwEcWizMXt$VlloN;-0C>XbF3_g#z6n4-_m&-eHDPqw(sJHoh2tH!yd@@ShnHEqZV%WFEvRZ!3%(8eMh2r%;G)mwm7i_hesmg zVybTpK~^>!;lR$Ha!GOcw>au66mDvES0G&2%9D z_wQfnFEQ%r>w9i)&T^^p zY_3u3Ur9bum?Z2kjCYTvqyiXZP-Pyc2Nrk+J{80gcLDLJsjW;*{%&kI2qs%vS{AG2 zXJ)p{+DJ$J6s#S+$D1fWQ=ZCrFtU*BADWv>W~&=swHVT_DL!CwH=^p~29XcF5*u0vMN;hK8Bx%(a9MZ@!rf3EQ5;etluw$MMOk)rymnb^c$6~;2Q*$uJ~?p7*|^wA8}ak{iR^M`P9Qh zq~@0t3KO3i_ANkCK7Hs^JXjv-TJjcW$5~VCGlP!-=U87KAi>zjAju42+1nCtot-~L9RImYC+Pp-gQ=oo zsQ+MefBo;@KUH_uwiItI?rryyWBI9xG371fS8CI`g>Za*-$!bs3FE*f*el9x_RroL zFV6#bsHjk#Sv7bkKJz1~X?~}ytZZ*@Z+*PneB|33Sgr*H1t$mCrzAT!+c%%~oca>g zsJGG+6BeJQ@Fs@6D$mIYdbJNR)3ZU03}WV!d8a0onpX7e zhIs;0R|$iRBwN4cNbG)j@9#GsXI)Fox>Y)=Sn&+3U0th-ifqnL_RWX$Ifz?ueA(%$ zowlZ@YMfwXVFVSOMYARDs5^~xi3thgMY`fop1kWPFmfJN4aL^*7}bCLp0-1xRAlRHHx*REc9LcmUrh>cyuCo8_%EiZecOWpqm2_mFp{H^ZUx{37FMo!%_U8h+1M| zz(BO$FrO`6VJHcxXGf@!9JMQpOU2)Psk=vj@U}ooYLiv(UeP&bcbB@2PX#^0&(v+T@ zaF{;>Lha{2p(yDeCE2D4S*EgYu)RP2nEcXblqIa`Obq*>xw-kwP+vde0=Cm2x8>!< zIV614xYvr+ki=MqqAqT3Zgi1qI=JXW;;A-E#?!REdXLkD#6(gpBJZ|<@(7ni7Wyg3 zxjFdx+dUz*fMo~y+8HC^m_>ztTev{70v$OerG>exL!w1M=Oes_4mI$ z+SWxkiDYIDY|#UtM-2@Q?k+?tdTy9&hqUOur*%KuX*2FgI^MAMI^AibsnPuAEc}f* zILma_MolTkIK?IF^JnisZu!$$e6P`&8Md2GktBA4$x#f&44ZI{n9WZ0JlPvmY||^Y z;dkGh6p$aJ#KRm0-AR=Yqm;eZumTriGs@+1c6swUN?vA9Ug}bH3?x{Rx2t2T2IDt%f{+ zF<6b41qJFAe@bVD$53~j?%4y@NNHkX;vzomqLZSpC5{{8Jm$k>f;OfnO(>V#t z>a?uAyu^g?g~VlLL#C`|YF+GvsjaQ7Dke4{*UK~*@!fD$i&_NHSETq)(chR#GE z1nY5=TUuGcHOHE|w6u431O)}hhldY-5-IX0_bj1bMp~3!J`W@i`JBiKGWnmwr;H$qXe4B@12+Zt^|m?%4Vnv+Q0&%^*fTySfZ*S z!19CkU%!6Ms`3S8VUp_4nzUm-e$3oT5_npr`3;>qNvS=ItB*i-;RT3CG0^G7lg>NVK(Zo2jejaY ziC3D+rEf~wwWP)>uyrp9p3@s=6t}Q&e(w^e&ZEwC*(+-5&e*;GkjQ`xjbw%F`l&Xp zEU!$+Wh|co4>Z01E8x;$451RFCb_xDP#~Jelb8PmsaLUn+mZ-M<+l#|r|J0{MG2qQvOBvjW)2KE zT>#&NoHpg;@qyaEF8E;Q<~At51l1BG8q$;A}m)I)o7-Sg=| zKy)NEtH)bJ9)8HfwUI*YQlqdmW}`ph3j?CBV+42!BYzns9?FVt$&`%r^)+rPb(RPV z3wLimH0m`GetPy^rB@TX*M`LLaC2&+(wfbaqyh(h^4qBd==%E+Q!OwjC+B{ObNc7c zjeq-8G46#1!U?1DC9VuYtp$#|ycVO+pFb~hEGYhwYgD}(Mtv2*&Sp2bOySvhGurQp z_Z_6R)a@N?M845%-!M=cJ|C|j+Oe!9UW;mzF zl3-4#A3Hb0l}5Udeo}uV4g%RUK%dcjNtTjx72=||M1JzW554~HDj-<>822}L(PqMd zK#Uc+*RwYvJP<|Riy6D>_CNOqA@G`0L{%kZT}99)FU~hPlNgnSCjHG7V<+E`9XoPt z3-S^i;~BX}HNA=*xw#&~PsQ(U>D*{=PNMT#Ih)5}rz^QDLL)+f*|xKFhlTzwD^Fun zy!mXwC&JtF#gSdcG`Dn#_!i-#8m8L3JtI4<3Qj5&%MG0Wo>=^R-rjXbfWz^jjWfCx zYe}gAKF{>_|C%V))gV!D`M%KQC6~8)^f7W^YH@w>_<5WG+k6961E;N}iFY7_TYQ&> z6pAQVlkORcn|y=C;iEQ=6H#QBMz&ZmMc6^zkn7pT0nuQ>YZD^sn6EjcbW;tl7SJsv zp&0JBs)>FT`)yKYeby#M=8&(nr=+n7n2qJ7L8D(a&; zI00yZhZj~Wo3^e;d~rnjg9#^3EEd9Z>xXQGn;8>^U)FOZ2LI3xcT!R3S-j`fJz?_8 zHnTQMVJ7yBmbWQ7zu!dr%kkImbru0NtHx>HV0uyZ4knL-A_)5zOFgp5@#6%$_=GyE z&oBoxETQqdw0D*@U5CzVqkQp}>)Wa`N-D49r+&}As}xco=>I8y{BmCRt($sI=^4CH z?W>A@15+Y2sgg)#2#qOD#;B*&3S9B^0IU$MQF_7*kT6H={KoFP{RWcKd(tw?sIYlbF;Y1$68UNqRZlM z*5w_J@rlQMsWx+^yOgv9*$ykRF3x5Rt0KwPECmwczPvCNAcR{cm43r5_E=f*;i=SQ@h?kClM6AqSDZjSjTeHTmk}ohfE1Un=p4|>1WwoYKbUAQdYn2jH z9R5@tJHO6yIQzG~JndZ!>d$yzBd_tXq|*3ojv(o3uIKk+d#7XBM{PmUwlQICl7Y+v zwq?~T(k}8;gh2--w(BwK39+u3~3-c2gs`Rw;(nzeXc{Sv@TgW%^8|5EobafKzKW&!=>6 z?auf$&kMRI{CD^@srYRjY(CpNxj6i}Nmw_>?=e*6L%k%Q+Q25UlqO#iSDajki*G^9 zs5%ETJM;ap1p9>vQK$J@;Me_ipOUPXA2Wk9d;S^z-ofk&4x;wJxM$IEXWTb=GdE;* z6Z!-D4dx+r(*47docU_|m?)#DBfThZLC&2E@p#3LbN|Nb=@J`H#utvr%mqCNCX2QDkHc%V(|&X6ij(uGX~$BzC@ExLVHlLWsj{Vt$DNpbIFB=rDKc-v0I(!*XO>(sa4mUwKPWdR^GfyST|%_D`7&p{Y(yT7mvev91N=B2K%S_K(DJ3diEM6% z#L`++Ocu|6?vHnb^BMHeq2KT5*Bjzqhiiu)5ccCK{_drpLNaSoPy^!1q1(ob6z*s+NY6gR}R)uc#QT>uH7aD8K+f-%W#8Y4SQNpOVNDzduODql8TZ_)t|D z-k^>MZ($?qWh3uuif!&Y!@5jUe%Cxfy|J2WC2X6!vkkaaX%Jr-RARqr5LbAPdtsZw zEECQ-9E&W>(LbN8BtDj2z#-ho6B`=wocnHUohHvre9iH5;dvPA<-0E9(}kl^YU`<# z1WfsC^o4%W4kgtiR90(-0bAnmP(}|`LI19;-g-9GeHhN(lG0@99a;(e4Q5U{2G&JOo zOM!)jHJq=m|Mih6t#5H=?bc*fsf9Qh0$Jb}P*iRn#)He@B#J;{$BNN+=wwkLirV#r z>4P9&$ZuTs#HfwkzCv*>){ z6EOcuvd6EwRi9ot_w|TtlGt0^qSZ$Of>CAm7<+B{^oyr!S{B0p^yVSKIOXidb~JxG zlKY)thG(jQ)CSsh**7$}MxDA4V@D@MEi&JNsROk{+> z?I-Qj>HhA-kIVUm-MxXSk+K7791BF>X4u;^zaD~n9p`G$aF+bJfE*qWKBMm$2 zXT@STd%I(D|MitNE4M6##uDjk5C1Z(7<}{5Hsx1%No1*qu;Ik)H^`ye0;+E6J0C}6 zQjs2rTwbBm!pj3WZr|ak=#+fZ^_GN6GQ-2xUCuUU zC2sq}x}kEeAT`CTxkij&*Vs5odR;!FtEinp{EOe}_X|>9sC1;54nN|3rKf!wq!D~J zKb!#&_ZQozEnpE>Myv5Qlio~tl5VLiEQM4v;mO+~il`C)8?A+*lYx-oIF8WE3!gXL zJsC?q-aD}Pb{Lb%I$B!@&vmc-(Wvc*-C?_D=e782;orp8A|I??vdfB%z|_JshEx@D z7eM&{@$AUJAM=g&FF8n>{=sW^H|}iMAWa@(Ocmuu;`0S~EJq&+E4JGJmuN)Bx%IJ) zYi|p_p?g-^!`Sp(O_!3D$8`btSc-1C!jS3f#h+@Cv@sU3Sl4wG z<)?lfk!ieol=$?Ds-UQ{pNfa>9uQD?Q@Z)hfSe0IKN+y;7t=C&5^C2!k72UvT#>!7 zIbjqYH6ypxlWVBBzDTGs@jeg|hvhmYwOO&BR-Yh$(r&voTw!?MfU8eC(7sgS)1FkA zhQLvH6)a{9Dgxvabec-%9S;5M)Ax=)ALAF4S)D{FT7t zkH=kchKa4KcF}A$R_J!EC?C1DDE5hQtILa$*7JvcyXO6x;fXi%_!qf z5#_59jrd@mr5_Tnt`QjmDsa43T(g|`Z8TX)nHbX7wCRqAexJl;D#QPOc>xxuj%&#b zbkPSTOch#Z083a&p$eAPw7!eW%S5ju5jwa;$`w)lNSr(u4DUP63nez1WcVLU6o4~~ zr{2(Uetvz96pms4;vXJud%>ZNcDbA9A5P(tWjYSR+a+E$g1zhxBKEr7yOvS8(<(EG z1TA_5LY1XUYB__A29e)963J~(yo8P6ooOs6!pSv;XUlu8kP6P1n6M;|@RcWBh{10e9K5#LM+`cdOOBCq#Hl zIAa-Y7zjNOLm(D@>VdM3P&4LGW$*0j;yR=xLOeDK;m{`AvgK0cL3oFfWUzrowPfXf z6=9&``og4n>e%_kZA8BQ28QHKEksei4#Xcd5@ZAYErbqL7Y+Md^u}j_TL_Zkvn%vJ z*%0kjEgD#)RJuUpE-eW$WZ=rc#iH<_o2A2j(*hO}AS@sF(BAw{mm9UH&`cI?xi~+? zrxpg~lt-SPPW3r6G4OWx6;rsK6wY%HI`8)2;ErYB5}a)6CO;*RQe-#}g9paOWKhBBUvpPMx=ZFF!?~>l zBt9z(*7kR_x(boL!Sg(U#~jD6h-U`q*OJMP*W3Re{HscDuiw)&G^0z2Cle)%rfn_{ zy)K>Nx+I`k-=}GI%RM09K9xg~fIv+W;@7NO9|ErnhXIKE^jGiXZ@^SU@* zPF?;O(V_?XuoAKS;HYE$E-=DXrh`nXl`|IymFvcc_VvzDwg*=XmMN*I7}Nigb}D`)@(CsPR8&-`AtljPgsQ5s z4abQM@FpDC@aGp691#e8^j!A$zv1W)EU?(+u9$ZI8fMWmvW)_;lNeDc5v!;$rt7ei z-Mj{xchJ|;($eDM{;k7Os@EDCLG6pS8{_4&N-@sDR;6R3t^Y~Jq#-Tqjx|}PAn>F! z15vl4k%jzQ#PuZxq-wRG9cOpYh*sL26H+wg;Fpl$vn1z9r%3l_+` znJu8~Yy^|x%e4ym5(iwq=sVD+qv(FjgUjUEE!_uuLNIz1U8L=6#3xdGHvjZb?+A=m zJ`aNzrDjS21y+N#{Z$N-=1s(EPj;=b$HhAgb7TgC-dp2i2e zK&OYafN`S}A6oA(Ka|bN*2+kUir$-&Q4w)*G*{V^5XD69{zTa!C2IF=k9pwWNRHw zG76=)|HCPg0+;!ygFt?e>Hd9289laRTI7FBrt-fo!F##{s<6Y#$1E)VsL9H9&AmeWd8_}8t^2Wf z6q?F(TJE7bVD>H^2g_BM#76)u07EV`ZwPKB9>Nbt} zD4QVJf84_u-63Hn4H!-v451N8ncQpb!diPzfLpn!kqgnt2_&WYiCQf6U5^(7qf|0P z*AWPVW=$QA;UkokD2QL0{s!OKaG-hTGtPwjx+W|LWL=AzRMgZz&D=JID>@GIKFhdN zhWyy#XIFtMol^7zHWXQBz$w7RCEhxZgI4fX;ysVXy8}Ica>A$w*KEnC$Df%fUG?T6 z(Z5drMF$;i11kP;hWMI2Xv~lC^Lg05ew$vPU&Tv@dpxdWXCs{G z(!Rv}o48=@Z(y~?NZ$(D9F1>#cbq(GEXz_bU!98+ileEdPJX@+69&f%PE9lKOg$s} zizxd5;DK0EJs5oDfx1IgTW5NV@oTqHz>$0`<+8IKvzSo)9^0#hpQAaAvn^~+tPOXm zWM+6~i0tW7M6`!yl^OdBd>KDoBz1`mGx5HT3pT0i;t|4=s>#efUNWkxV znUla!>}_W--fsnB!e_LdO2q??WB#(-1v&2eymx%s?ow>)Z0JwB&zWWzEV5hK<~Q)~YM=LQ8v1lNp(*fCvpU3DJH`OV_oZ?i8h<5@ zG2s}uwKH67%{ehTTTq{o`z@gwxFc()Bw9Eq{>y1?o;xUkqZz!(|7>@^h80!q^gWMP zs1q7X0c!QBi=CWybbUCH#=2oIf0tWgLpi$Lc5QfssjW?IaK&dd@GtYcMCo@s+1N@koNx*W;9DL9 zaU5VwFbi~YI(@w(LY^{^S!tKev#}gRo=HwTAmTF=5LKNO+jCQAN(a6))@z5&Eck)^ zqy9S0RFWv?4+))0)%}ZNMT2h~7;Llpn2Ma042TA-$w|h2gA#Z5zH3uZAE|%sn%VJR zU`~8);7E}sO<=W_+gb7@=CFlT!8HhAL>q_l*gb@npdX0uJPfIYBegG!%!F074nUQ{ zFA!=%A~#{9hWqxCRUwK_iW{4%oAX~^_^9U!MahAF0dx1-?qowbq579P^m{PD_4l8~ zz@7d`V4PPQ2@htVVNg8+O#-r4mm{r6h`-_DC*e^trHf4Wp3e6quM5(wjx#@FO#jKJ z6=)Ai3SD|wVkW*m{m-WcdPqB}EG8Nh!EjCLiH6G5E3ZHaW&u%2RC*mUo?-ac&y#f~ zV)chCHIy6rcVO%9E=X@xWLdq9DfXyOHA`Mqz%+beH?2WN9^kxEH3F<&sDy!&}&2rdYW-xuh_N^Kuo0NpwKc2mMS0B{^3^2fAWp#Zz_WG$J!=WM>?G_#WxbtO-KG(jG6(7a9Q?g{ zopdr7rlJfT`IJlI_RCXsoC3xeAC4h`@OQj;pyIK(U`p>rVEFq0f&yRH_;sn zV1xo5-v5+R+i)je^+dnBdBnhP z$_0>el~&Njq7x))%iuequ^H;dEZ5Yg)Lad?WACOoC&XH9ik}Z*gBrovt=)a!Un|s% zkPyVQDxiE*sY3!GFtPd9@I4zqlOl90KyrRr{0q#>+ZfOXgwKC8Lr$;^A+b2}fl7h7 zNKfkb8*2OAnNt3zO|jc6={uv+#~0P46cM$f&I=HpaCYBMy`C(82+cMu3$bVB)b>H- zH!0hih~#p3)OI?qP^A7g@N1Ws4$w|4X@iW3nR|?4u-#Az5%r_aUw|S^$~GGoD7m7_ zLZXXIwJw`w8-_r+UWC>=1aUM=uv#DZjXl(_$Jvmi%4az;sk%sTeq1~L0fVW zT@fWj>kRz%)u@{{iDJUVrZdd8bd3nnXUQ}NaX|E%d{95BapfRQm9fM@*0;Vk)4)Uv6jLTkJ+_w zj0sEHn13*V=X7U|R9F?6>g?L#(d*?MIC_<6W>Z8Q1srNURx95sK4f=$L28{%cR>p& zC{Y@*O_B(JWQmd{n$i$RI1qVba>LsskH$%0M9>ivHuIpAUP|?>mkz@+dD$;jN{ka6 zLVkT51w|s34xKcBW_Qx`XGfP6TSK?B!c)lB{}-zV$D~K@jtwY+gl{Ow(IN>wK-k2a z2=1LdY~#PiUQ2@$rB&0)vDG@e_2H7I10xkWT~B&6dLQiXislPdU*t<=eZ6c(o@>IC z0&x!7L+aaDr(=9dyktqb8xa_T_-y1FKLXE-7A!lSCO!vdSzw$mtsT}CEHI1N2!L-< z*D}*qk{)M9^s_TcmQ9h-Zt_{un$Xii68~d#uohY0j#@W7;SsXx$Qdl_3@WC30*~ho zRuk~1iNNuGd(G>2HQywQ>&r($)=&qskAYE1WYO#3RQ>XkZLW(nc;KhJfJX<7LW3`+ zhP=2!=*mdNXJI{a4TAm_o5NZ@EEZTTxPzwh8*BVO#w*r+EpD7(M_N_fjK25^GwykB z8ZtchJN(|if7$yR@MCL?6R%qfyN%&T)pgJ8+#vL5_JW1|2Ndss=P544AqC`Lo#ZIU0px^4cxSN_)~YB~SwBO^=sy}RF0R4B!7iKQ2prj$WUn3c zzWwIzE_m1!RlbL@{AOkT<)3ZXW>s(6uIUgW4;RJIDo)ZX_SZZm+J`rF)YUh;y!uL3 zur;O#8vbw?SlQRd|E@(FNn%zK|H?U&RW=_c7YLuu5i)oPFBR1>Z1cf zZ}N5R1ANjKWI&XW@G^9~l)Zz{(Fz$!j!*?sGpQ=G)^xFl^adjDR&N-IJ|QoI9>_4Y z(PkX6O%ilauM(GPy|hUuxs1_ht7{25kGF){ZqN9p`()%bM98-K?xU?9De>EYhS%B5 zOW8eSBqOdO+8g(ZTb;M10ix;=B9v zmZq9r`9eYj;&Z^0JBXrCWUJY9Ai5)HV{TY7kJ1h3z55HdE@MkZVf|}}VYSfyV-tz1 zXm93xKX^0IRW`@$lcfGf*AW7h&K|nX-4qC0)?=U)`(bchfqovk>sPGH7{N@lRGo{4 zcOMj21YG8f`wXXvUQxX~zLujt-%|xCZ!XjEs!_ zJ0a%3`4Jcx)xiLU(4zNMnGCqT?6F=jAhLWiM5C}=#4zXZ2b4CPVt?#`V^eikk{F)C z9KQ7H(GLre*dD+wY6v^4i|%kkuW6T$Gy%l82S0GXMh`M;!qJ~*S26-VZNPCug#d18 zyy`wI4hB{A3$XuGj(!?!`A#47-@{v>e#j*|OBW31?ME+eVxYO`{3Us#Y(|YLaAL(( zV<952iGoI76B+l)h!23r7+tB;ZB@y(oiuC1PaZaIQ2~_$g(HdoCcrg_bAv~I*ID@8 zV{dDGzo$FSXW;F8aLN*V8|MZTCCu#{<=?;N&1g*P%Te|Ef}SMA!QMVFyIK~^Vd@CU4Ag=Rzw>Z2U$rJ{<%B#c zA?rbKR8;x?e-s%%B_18twW~jLiYhDPE_umthDSzfG+F6Z*Vp$>&pjKoV;8}>FBA3R z#Z$Uqw8^yS&!P=K_@=F=Yvc3y@DLBwbT~N5&pB6npav;3({Oj`7sw2FH+&+ceXXIt z@E0pE!4~IdXJ=Pc2`p{{TSiBWCZkYvX_uD5)XVpJp%@8Wexu1sD#qY9Wff-_|N9+P zQ~G`2G0=7^^-oo^rFOGb5&xBI{m|*#Ivg1uzOD53Er(ltegE1%FAon?S3UQ7D512+ zCZY6FMWsPvkQ+K(Vel2qY+JRv3hZP+>;ZG0>&6z=g z)1o?XZDhm|ZFeMO#-xF&llRJvxncV3Oz(xBYUka7p!88Rm26d6laYY|i!h|ogqX`w zYT)PgB@TnkKmhd<0<}YzPODNYx%~L?d$c8AQEg&Eu=r0)KVU8Jr7q*{PO-pAMO^v8jbg@ChN@TWwIOnc+WWRU` zNYF8IOu*uSy%6e#+UDcU^}W2j*vaGsYN5g>5C~&%ro*`q|M~xLDR{x;oBzgqn>r(n zfEREcN+td$g{_TZ8PF^SU^D@L{MWBvKY!K%B}z36dp@K{M3qa0*7FMT>i@XOz4EDd zZ+J`S(^Zh+=>}?p^bk^3~fuWQYiMRrf#e2p%Zy#KM>=iyCpjVp~;YyFH}Nc^e60QkPj^I@~k!|t#t(A8S? za4dh_k{<+M8Y8bnZ?04)rSI#n!Zf&doNMdqk^|HGO(Y~*UcAE8k>DI@;!5&ceE4Bw zrXe+uE>c=bs;#~KrgpO1G{K+U<5&&iLGDM?5k!%LD^S&;wz`VQmtLyg9dTb4n(3(b zj*pLbJKXg6UkAG86DrtHr&C)O&0=Rj>?(>LFO1Y5l%utWUa?De*jg=msF#|WwIE5z z4|*Oo(;OTgnkOvT@CSa)&R(8!nmI>X!?CbXN;o%sSmQ#HOW|_7amoW`W@)i!Xi?+Z zlfIFAWH`^Fz+*k_aX1B5^n^=Za1fhqhxMCqv$1V~m;wbOP>Z7|c5dI9lE`aW?YeJf zY56F`5HEn9Izqd~abxv&9^mLJpWnW5;BW7JSo?wHR*@js$BllGXXsOR+b>gyFeKC7 zOlO92v{=Pk@1JXHE20##qtCU8B~($`1k?HD45WC4+o4s>R1a4TP=}L~piqppqUfHWpvzFO z1pZei!Q{fa19I$=6A>4z9Oh@-s&OHi{RVzCP11V^mr-wF&CX zbLO89aS#TMCuil7UF|B`o=}*?PBz)#)zCcqwV+_%wGQ?3#lsY}y4@Zj3l7UC1mqMH z8X6kMcu3!0&y->yFewoqyM$8-#YVm7m^m4)Tz3=_VxYvUtf&BWWbfdhBswp59P%nO zs)6|(iU|YfAi7XPS78^T+4r&8+*~NQ%ubqIv;~oZ5Urf?17iT?ei3cWyn>YBKy$PG zIk}S0yQCNLjv%)ANCK74T=JJ)P>>ui0L<}Yvfz480~}F9wq8|_z54DkRNW4)EJVKj z=G=Cb0Kx!kEHmTnTPcO0p>-`96I^?jsQ_S1qot}EOWkx-EbPj3`<5z=>!$#t%Pa&n zk>rHSji;mC-Jw4^yFv7jP*S@I{&>8A<_*W}^=8)u@YlnTvvPBLmlM}sKDhD?T*gpF zB+&{LtK;JdY2@o_)1RSG5-N|zP;!aCVzumz(wWT?TD4g#6K^AA11ssm@Nl_=ztY_o z*HD+9o0*knNLQ2@J=Baf943RpgM6Q$c}yrK#P5tMjs+uKEe<_x&__?Jt34e@J_AmDmBgAB*JRb5fR3-)n0?6l|Y&yO(F zrsTv9^t0G3W`D^j5ku(hUDn^=R3cVP5$^E3bMqQVolfhc93c7N1weJE^vE1NUBk>w zU!M(>75`UzNesK|2W<^TV^7k5h(8)XW(pM-S*9yNDZh+%kKK2iC+BxyvEEiPHa51i z1vugAZL&HsK?(3k8Gp%&33I)Mfkj?b~NfO#|HZ9Cc5!|BD2jrpi!Ob<^A|@=p&)N6N0Rjmrn-+@o#$yyLD+*o<&|=hThSjtTzYBRmiF!cuo-r=biS>T1 z(3b`SjS?K((#_cO*)d-MR_X{oUS0_Lx8Acu_04$un3W^OD+Gcd0R8_0(BN(Jv%608 zJ-#_VWsx_3x8pHwQ9C27)#>SJkl`Fz<}>58UN2xFkaiYlwP_3;|LHYQTn552Y}Do4 zd$$metNj;16V9*xUq{ya#R!+^v0G><-q5NHLzVri_hQrd?^<>5pFhE#eci5EAuOy% z>g*~a(fKTiH6btB%5WV#-+879SO_&MBn?P$nKoAtd)?*R>`$+P5rNmDtI3$b z?mLhwkFo6Ds2EZ2^1ehM9>*fRB%{u~p;BIzy+0%3e{2L6(%=~I6{`&dQ<*9?Ndww= z&dyDPh`rmq>!*u?(kq(Q8|aAYotaNH9vtro_I0!yjg}AtM$yU@1s!X|a@R5umr4Us zDHa=S5BH;Gke62w0&T{TMefJ=`ulKf318gxD=sY+fO)d*`iB`RC-(Ci;=|po>&+OF zh$6ap3P&?0Y;j^}RBiMFYT+tk4GD%Z-zz5wohx>@9py{UIN!!hE0eOaZR31kX~-Kb z9a3o@KIC&?bGY;8oxdX9;#rcr1D?1{)a+Yb=^xOiCA!erMKN}?@g99H(n8!u+b#x` zTDJA4p(gA*&n@^L1CHhHfY(PHYR;+*zpdy;9Nos4LJNOzJ(JU)VrT!lHNG#nrlj@(x|A{taqBmC{%R+w_h>;i*2~}HB@L^ z*R6VPEqAe&*igHFu@xvi`uglFuZCCT^reEr=|O5;rdBF)`i1-UtHO)9(Y}V%%k4$& zvliDho!R@^X=tCxparp4nShPE7H5RwsIV=ym3l;pJvJYkct=|JwrN zO0U-iDckvc7wTng=8>#+#}fn1e&DuRONvx@A2-Z5c-WbD_~_Vs%ta@+gYScEA zD-6aCxmd1DBvsq=Qc!%;u-|c2@v5q_wH)5{9ueibUqrb}6#9kQ)n_Me1K1iZq!p|S z3#kg84=o-|A5Hoc?ZfC(y&MkT=higE*DIPJeGBF`iwYPMQzlCGJ&pxu{+(2n#)(SH zDJY7tSXy30lT)u>?71a-sVJ$`?dGj7DoV1}IUElx>?Y^9vheUHGYP|4hS4L5o|o4r+b>5X*P}1j10y$U*1U)c2Dmv0VZZ zueI|djfRw34)xkh=jFVblpI#WiNbmpiJEWY4ae)3W_31Fb*Dq6iUQhhPexzJq0YSy zhT9r0@Y8EA#N1>jYg+b4+~%$8F8h!1FTad*;nikLzhNUjn~3*vTV+vnQBb{{8{Iyc zd%yqmht#qd{OftftBa8N#pQ4HE{iigXB31Y%IAh7+PyQFCEdji0!N`*V>Bj5;S0Gk zKL+lQlEAOxR1L3_Xc|p2XWhi)eHV|qjidb_Oqan-{M(lT=bx{iz?>C`o!^=$`2N*o zxi|x+1mBTD@oeStFGKps#g`>@Q}ZrGFZ9%+_9kNs*eptk`n%i?>T8W#y#A>c&(vMg zT%Lwxu1uI;?kuiqv7HJWoMgUhbXoCxwCHvIz9{p^xc(x~`XcIlb^cK7V*Bjq@t@R` zoQr?2@Z2Tp?aw#F+(OPfcm9n~4C}RZ^*+07Q>7dDrs#RLcKHX>)Bd8_%VRgS z!S)Z!-1H-q{o47A2V9Hj@%rn0JeFPmZ|L!#GZ*bkn4&Y7pDtx>7qf-^L+3P>geu+a z8ztC(f~iv|X|huH-be04mwE5Czt>oO14Dn(t^ z{$*Mly*)(4_QCU=qN%H9X~tU(>*(@2o#q>#6w;oOK!wMpo<7|nmAp8p+n8|=-|tkM z{v^B?!8TDrLe!sS+%Qym`Dn3jZ4O(5icKtAv-$}i6TIPDix)fZ6=J)bW5Wu@-qWZ* z-u1~R-fvyln!cR+p(UWgSulE=sNt0By=c@p6PrmwPKD|yweGqbl!goJf2x}TvpiQ4(P z6JC$By)Ik#liQZ6OpgE>PYM(VoD!2#USwwn1}0OgetnwuXRt%gr(#oK`n)OQUDju3 z5ksnMoZ}`l8Vg;pu~|tEJT#NN_*fHsSl@6_S_;e9O?CrSW;ma>67sS-mH;D z_S!Sdf^=l4xo5Evz(nEY`V-|H0n;_N`5*vqfS*yXQtJJ=UF|y0HKKDX09K3qvCE3L z%5RnW62=-|cKEGr##OsPsgC1#SD#evU-`-yTh7S+kB6cS zA-^1ZIz~s@2+)p1%+T*D(S9p+2lsgZ)QV1n0H7+r7k#~VM$g;&eoABgOx+AI{(nk2 z)2F7gG>ivnbl4gZT0{#F(82%`7DW+4x*9EEXuuI^%!D0GM#WBR3L^xPkrM27K?ng% z0f`tEfj|Tr*#f~vWeFGwlBg{(C?TYSKy$-(Npj~fQ}Y+h*Zbw3I`^FSocnv9=OJ90 z>byF}r3(rdSHanl+6KlH?N&D_^jwk+9CXTv@6p#FJgD2k{v$udIeALx+3P==U<b(OZlc^t5I@#$o=4ON`dXb&49CDuB9*=oZ!*=$8{d$bZMG@5&!^ zuc+g@H$t6UtxfcED#nc&ktq8|7%@={GoDx zDj*Ferlw(0i#Lm!wf&&<&uCb5;U3GZKLuZN_(-TO|7SdP47u~Ol)y`+!H##$#Eg`n zuE3C!l&WZ|%Od?my3+KeTKR_^A?sR?w*SA{dzm0!vb~+icy!a<9ft$=N@CPACneLq z==>O2%##Ga-Yab0h{~%oE*5|EbwA{BBQv`s?R&Ek7puZA{GQRo_nU(QRp4M;m>?p5 zug$7eZ+lv|G;raFaL>MTO+&A8Y+I?NI-CCR`TX6QObn{h2m9gq(ww&6mu@*KV}=nz zi#vCr>RBDLQ4+tPaHfL4;a@R7~o#Qh6gsZbg72E6R-Y+xe5wqGGy z`pzT)*a}Sgx2CN@Y7(XUOYUOu-v0GNRy{uz8HuEdeC0) zq>aqP?P^1mCvL3i<JXyE(GA;{mSnxZuFjQM?KXn z+k0m`n#L214Py-U%iryNAZtwc3cR0_jrV^aK4gJH`8DkUpbRC$-}~ks5abSH`@waP z-O-f;hSltGEIA4!3H-wg{_Xs3;=(HzfZzkJfv%q=hxHZ8&DI?As=9WTgsgvla5St7 z@CeZ1Tsc);nGKI>(axKZ+lQ*<1X0kcXyh6#qk`=a@Me*mByqP0nYz+Q^&+>nXoFHV z+E2mbp?-Zr|CAf2HFFbBI$lRmGJ_9&o+@zQl$0C;30b=M13FAFB}QVl@?6Q743aev zqR*UJ0tW5WcTW==Da0*Q_<@ga$<;9?I@46qce2i`i&-8gbmYU#4O36~=>Y7Jr)$h* z3V=nMj@|8=V3yyf8Eo19U&?WtjLhbHr{NN)_%Xs;YRlI%^gYDxAK4O|I{HwR{>U2c zH!0?I|ka` zK94I=k#QGD*UR5eu@JuC0Fpj=$X888Zw6OPJwZGQ3Ld=SJ9B;u(nJUpUVoG?VMvv%9bfZO0*Gje0i;O7g~ym&M;zHjNQSDn$jOs z8^U&HrMFmTy~Sfk`@x#gOx3db9~ zdVBQB;F3{k8p5*Ea5)`4sgx^h^$2l2Lz0#r`A5EAzzDoB+mPZbKdk$dvVQwSpY3eJ zPeWZku-C)ZT(raI)JEe##B@WeR45woEkwXlL1u$kB9ZSbMlqkvT&zW0u!>&cZDY@oRd%vwA7rn0t3wFs^=demDSqFYKB-P|4DY&Prb3?^7hy+rHL1su}!DvGt)0-&8TcL8^@a6Bn%me z0_&78Z#Zpb)&zz{=Qtj=Asrd$l011N5|K7^@z0G2^uQY>cTge$uI{i^<5te|90~;C zT{+8Gwwl+6iGiykkf7IT!JWfZ(8TPCKE6u?qOY-LZS-oO%1o=~OscBHOJR6KT~t<| zq&+db*F@=hb<%YNCMxegLpS{*ZS<+i+Hp3#h@LQ18YUPPI#i}JO7)4QE7(sEPQ7n< z8RFLX$h$aOnI&)%@JXcPANyTYrkUIE-Bcm-8b7d%)bmj@H$J@N^;gv!M`ue?qutq_ z!i>RR7fQ|iC6{C-ko(2ScHhfUBpu23!fg$dV*A#c(QV#M&5J%-rALzs5grYg9`G1i zZYXP-cKmY1`(7nunv1-Zesjv}D(E#``zPs{L4r}xUw|dR%n|$>d)@-F`{z4BGwlC( bsAm}Uq*vVgx?T$M3sE7b!cR7SmyrE$RGdbn literal 0 HcmV?d00001 From aa5debd722fe1eb8f0cb915aa157a81dfa84bae8 Mon Sep 17 00:00:00 2001 From: karczu Date: Tue, 23 Apr 2024 09:38:23 +0200 Subject: [PATCH 5/5] rfc-1104/confirmingTx text extension after CR --- src/RFC-1104_ConfirmingTx.md | 31 ++++++++++++++++++++++++------- 1 file changed, 24 insertions(+), 7 deletions(-) diff --git a/src/RFC-1104_ConfirmingTx.md b/src/RFC-1104_ConfirmingTx.md index c573157..b2fd3af 100644 --- a/src/RFC-1104_ConfirmingTx.md +++ b/src/RFC-1104_ConfirmingTx.md @@ -1,6 +1,6 @@ # RFC-1104/ConfirmingTx -## Tari Universe: rules of confirming transactions +## Tari Universe: User confirmation when submitting transactions ![status: draft](theme/images/status-draft.svg) @@ -48,7 +48,7 @@ technological merits of the potential system outlined herein. ## Goals -The aim of this Request for Comment (RFC) is to describe the rules for confirming transactions by the user. +The aim of this Request for Comment (RFC) is to describe the rules for user confirmation when submitting transactions. ## Related Requests for Comment @@ -59,6 +59,14 @@ The aim of this Request for Comment (RFC) is to describe the rules for confirmin ## Description +#### Background + +Due to approvals in Ethereum contracts, there are a number of attacks where the user is tricked into signing a transaction granting access to the malicious user to act on their behalf. For example an attacker could create a phishing site and then trick the user to sign approval for an ERC20 to the attacker's public key. + +In Tari approvals and transactions happen differently, but there is still some things which can be done to prevent the user from falling victim to these attacks. + +#### Concepts of confirming transactions + For the moment the vast majority of dapps uses external wallets, like MetaMask, to allow users to interact with the dapp, confirm and sign transactions. The flow roughly looks like this: - Init transaction with the data to be signed (e.g. by pressing a button) @@ -93,9 +101,13 @@ At Tari Universe simplicity and security should go hand in hand, so below a few Simulate the transaction and summarize the difference of user holdings in case the transaction is executed. It can be done with transaction dry-run before submitting it to a validator node. For more details see [RFC-0350/TariVM](https://rfc.tari.com/RFC-0350_TariVM) +#### Warning in the confirmation dialog + +An additional layer of security could be to add a warning to the confirmation dialog if there is something suspicious about the transaction the user is signing. This should be a clear warning that cannot be missed by the user, so the warning shouldn't be shown too often. Another idea is to disable the approval button for a number of seconds (like a countdown) to make sure the user can taken the time to see the warning. + #### Suggested solution -As it was discussed, the security comes first, so definitely all transactions need to be confirmed before sending to the Tari Network. At the same time users shouldn’t be overwhelmed by the amount of information, especially not given just the “list of hashes” to sign, which are definitely not understandable for typical users. Therefore the idea is to show the transaction summary and quite a nice example of that is presented by [Radix Wallet](https://www.radixdlt.com/wallet). +As it was discussed, the security comes first, so definitely all transactions need to be confirmed **by the user** before sending to the Tari Network. At the same time users shouldn’t be overwhelmed by the amount of information, especially not given just the “list of hashes” to sign, which are definitely not understandable for typical users. Therefore the idea is to show the transaction summary and quite a nice example of that is presented by [Radix Wallet](https://www.radixdlt.com/wallet). Transactions should be shown in a clear, simple and user-friendly way. They should give users complete visibility and control before signing, with a summary of a transaction and meaningful instructions of each step. It should be easy to see what inputs and outputs are, what’s the transaction cost and so on. @@ -147,12 +159,17 @@ fee: status: ``` -Appropriate designs must be created. The simplest example may look like below. +#### UX/UI + +The entire concept requires the creation of a well-thought-out and clear design. Particular attention should be paid to the issue of warnings, so that only really important threats are shown (kowever implementation can be left to a later date). + +The simplest example may look like below. ![Confirming Tx](./assets/confirm-tx.png) # Change Log -| Date | Change | Author | -| :---------- | :---------- | :----- | -| 25 Mar 2024 | First draft | karczu | +| Date | Change | Author | +| :---------- | :------------------------------------- | :----- | +| 23 Apr 2024 | 2nd draft: add a paragrapf on warnings | karczu | +| 25 Mar 2024 | First draft | karczu |