ha
Haardik@haardik·Apr 24

question for lens folks cc @nader.lens @stani.lens

a dispatcher essentially has an 'infinite approval' to do actions on a user's behalf - re: posts, comments, etc.

currently, there is a "official" lens dispatcher - and other dispatchers need to be whitelisted through a form

going forward, what is the plan to have the ease of use that comes with a dispatcher combine with the decentralization of not needing to trust "official"/"approved" dispatchers only who, to my understanding, can essentially do whatever they want even if the user didn't explicitly ask them do?

or do you think in the long run, something like AA will allow for session-key signing under the hood which enables the integrity of the broadcast method without the clunky UX of signing every action?

  • ze
    zero solong@01287·Apr 25

    may be

    0
    • ko
      kolomb@kolomb·Apr 25

      It’s an interesting topic.

      1
      • jo
        Josh@wagmi·Apr 24

        It’s an interesting topic. When you add a dispatcher, you are giving another address ability to do stuff on your behalf forever, but you raise a good point about maybe you only wanting it to have it for the active session and nothing more. Right now, the advice is if you don’t want to trust the dispatcher, don’t, and approve signatures for all.

        Of course, that is not the best UX, but you want more control over what is being done, so approving every action gives you that.

        For a more streamlined solution, as you said, an AA wallet which signs under the hood for you without the need to trust anyone and sends tx using the withSig methods (aka broadcast). We will most likely start seeing integrations like this in the apps as they grow. The beauty of this is it still allows it to be gasless without sacrificing the trust element you mentioned.

        70