Issue with 3rd-party resource reseller co-signing without server from front-end
- John from Boid:
Proposed a resource calculation API which estimates resource consuption of a transaction in advance, and letting the 3rd party resource delegator pay the resource cost with co-siging users transaction via centralized server that wraps the transaction.
- Dexaran:
Cosigning is impossible for a Dapp, saying "It is not possible to co-sign a transaction in a 'decentralized' way as smart-contract is unable to do so. In order to co-sign a trx application needs a server which effectively turns it into a centralized client-server app so its no longer a Dapp at all."
- Aarin Hagerty:
Co-signing a transaction on-chain might not be possible, without at least an eosio.system contract change.
- John from Boid:
There's also a case (daclify) that a resource provider co-signs a trx without any server, but it signs transaction from user facing front end with private key hard-coded in the code, which means it cannot work securely.
Reference