Guidelines to wallets regarding representing Assets to clients (zcash#32

) This adds to the specification to provide wallets instructions on displaying Asset information to users in an unambiguous way. This addresses [this comment](zcash#680 (comment)).
daira · Feb 7, 2024 · 33b23d0 · 33b23d0
1 parent 3651df5
commit 33b23d0
Show file tree

Hide file tree

Showing 2 changed files with 10 additions and 4 deletions.
diff --git a/zip-0226.rst b/zip-0226.rst
@@ -497,10 +497,6 @@ Security and Privacy Considerations
 - The notes generated via the ZSA protocol are different from those generated via the Orchard protocol. As with any protocol upgrade, it will be possible to distinguish between notes generated by each protocol. However, all ZEC notes will be fully spendable with the ZSA protocol transaction structure due to the built-in backward compatibility.
 - When including new Assets we would like to maintain the amount and identifiers of Assets private, which is achieved with the design.
 - We prevent a potential malleability attack on the Asset Identifier by ensuring the output notes receive an Asset Base that exists on the global state.
-- Wallets need to communicate the names of the Assets in a non-confusing way to users, since the byte representation of the Asset Identifier would be hard to read for an end user. Possible solutions are the use of a petname system or a list of well-known Assets. 
-
-    - One proposal for a petname system for the zcashd wallet is the use of an additional configuration file that stores a one-to-one mapping of names to Asset Identifiers. This allows clients to rename the Assets in a way they find useful. Default versions of this file with well-known Assets listed can be made available online as a starting point for clients.
-
 
 Other Considerations
 ====================

diff --git a/zip-0227.rst b/zip-0227.rst
@@ -180,6 +180,11 @@ The relations between the Asset Identifier, Asset Digest, and Asset Base are sho
 
 **Note:** To keep notations light and concise, we may omit :math:`\mathsf{AssetId}` (resp. :math:`\mathsf{Protocol}`) in the subscript (resp. superscript) when the Asset Identifier (resp. Protocol) is clear from the context.
 
+Wallets MUST NOT display just the :math:`\mathsf{asset\_desc}` string to their users as the name of the Asset. Some possible alternatives include:
+
+- Wallets could allow clients to provide an additional configuration file that stores a one-to-one mapping of names to Asset Identifiers via a petname system. This allows clients to rename the Assets in a way they find useful. Default versions of this file with well-known Assets listed can be made available online as a starting point for clients. 
+- The Asset Digest could be used as a more compact bytestring to uniquely determine an Asset, and wallets could support clients scanning QR codes to load Asset information into their wallets.
+
 Specification: Global Issuance State
 ====================================
 
@@ -509,6 +514,11 @@ In the case that the transaction has no Orchard Actions, ``issuance_auth_digest`
 Security and Privacy Considerations
 ===================================
 
+Displaying Asset Identifier information to users
+------------------------------------------------
+
+Wallets need to communicate the names of the Assets in a non-confusing way to users, since the byte representation of the Asset Identifier would be hard to read for an end user. Possible solutions are provided in the `Specification: Asset Identifier`_ section. 
+
 Issuance Key Compromise
 -----------------------