add more info to README

tonkeeper · Jul 4, 2024 · 4fab977 · 4fab977 · Elikamart · Nov 22, 2024
1 parent 2f2eaca
commit 4fab977
Showing 1 changed file with 46 additions and 0 deletions.
diff --git a/README.md b/README.md
@@ -41,3 +41,49 @@ New Features:
 
 Deploy wallet: `npm run deploy-wallet`
 
+### Known issues
+
+1) Since the `valid_until` is uint32 it will not work after 2106 year. We believe new versions of wallet smart contract will be available by then.
+
+2) If the `action_send_msg` content is invalid and the sendmode has +2, the error will not be ignored. An update of the node is planned where this behaviour will be changed (with +2 sendmode and `action_send_msg` invalid content the error will be ignored).
+
+3) It would be good to do `end_parse()` for messages and contract data. But this is not done within optimisations.
+
+### Gasless flow
+
+1. When sending an USDt (or other Jetton) the user signs one message containing two outgoing USDt transfers:
+
+     * USDt transfer to the recipient's address.
+
+     * Transfer of a small amount of USDt in favor of the Service.
+
+2. This signed message is sent offchain by HTTPS to the Service backend. The Service backend checks message and sends it to the TON blockchain paying Toncoins for network fees.
+
+### Gasless known issues
+
+1) By requesting a gasless service, a user can have time to increase the seqno on his own, or via another service. 
+
+    In this case, the gasless service will incur gas costs. 
+
+    However, this is a non-scalable scenario, as it requires the user to incur gas costs as well. 
+
+    A blacklist on the service backend side solves the problem.
+
+2) The user can request a gasless service and by means of a specialised extension have time to withdraw the entire balance of Jettons without change seqno.
+
+    In this case, the Jetton transfer message from the service will encounter a balance shortage and the Toncoins attached to message will return to the user's wallet.
+
+    However, this is a non-scalable scenario, as it requires the user to incur gas costs as well. 
+
+    A blacklist on the service backend side solves the problem.
+
+### Suggested extensions
+
+1) Decentralised subscriptions. The extension can withdraw a given number of Toncoins or Jettons once in a given period.
+
+2) 2FA: Multisig extension is added, extension prohibits wallet signature;
+
+3) Key recovery: 2FA, but in multisig extension there is an option to change the control keys. Possible cooldown period when the other party can cancel the key change.
+
+4) Key compromise: An extension with a new key is added, extension prohibits wallet signature;
+