Abstract
This SNIP proposes a standardized method for encoding StarkNet transactions into QR codes, facilitating a user-friendly way for wallets to interact with StarkNet transactions. This method aims to streamline the transaction signing process, making it more accessible and efficient for end-users, enabling users to interact with transactions directly through QR code scanning. The proposal covers all types of StarkNet transactions, including but not limited to token transfers, contract interactions, and state updates.
Motivation
Currently, StarkNet transactions require manual input or complex interfaces to sign. Encoding transactions into QR codes simplifies this process, allowing users to scan a QR code with their wallet to sign transactions directly. This enhancement improves user experience and accessibility, especially for those unfamiliar with blockchain transactions.
Specification
Developers should be able to encode user transactions, generate a qrcode and write it to a file or canvas. The following methods would be available to enable developers encode user transactions.
- toFile(output_path, transaction_config, options)
- toCanvas(transaction_config, options)
- toAddressString(transaction_config)
- toDataUrl(transaction_config, options)
- readStringToJSON(value_string)
- getJSON()
- produceEncodedValue(transaction_config, options)
Syntax
The QR code encoding will follow a structured format that includes the transaction type, transaction ID, and any relevant parameters.
For example:
starknet://transaction/<transaction_type>/<transaction_id>?<parameters>
where:
Base URL: starknet://
Path: transaction/<transaction_type>/<transaction_id>
Parameters: ? (optional, depending on the transaction type)
Implementation Details
Transactions are serialized into a JSON string, including all necessary details such as the transaction type, contract address, function to be called, and parameters leveraging the serialization format already implemented by the braavos team (GitHub - myBraavos/starknet-url: Build & parse StarkNet URLs and GitHub - myBraavos/starknet-deeplink: StarkNet deeplink generator) that enables transactions and invocations on starknet to be encoded as URLs.
We then proceed to make a few modifications to the Ethereum-QR-code qrcode generator to enable us to leverage the same qrcode generation logic to encode the transaction or invocation URL as a qrcode.
This approach to the implementation enables us to have backward compatibility with ethereum qrcode generators already in production and used by most applications.
There are two possible ways to go about the library implementation of which we require your suggestion.
Implementing a separate qrcode library for starknet
Integrating starknet transactions qrcode encoding and decoding with already existing solutions like ethereum-qr-code
Each approach would require a different call to action for developers
Implementing a separate qrcode library for developers: This would require developers to install the new library to invoke the functionality they need
Integrating with already existing solutions: This would require developers who are already using the available libraries in production to upgrade their version to the latest version with the release. While this may seem like a good approach, there is no guarantee of how fast changes and updates to the library can be made as it is not managed by our team and can only be updated when our pull requests have been merged.
Backward Compatibility
This proposal is backward compatible with existing StarkNet transactions. It introduces a new method for transaction encoding and does not alter the underlying transaction structure.
Example instantiation
Let qr = new StarknetQRPlugin()
Const sendDetails = {
To: “Ox…..”,
Value: 1,
Gas: 42000,
}
const configDetails = {
size:180,
options: {
margin: 2
}
};
const path = './qrcode_image.jpg'
qr.toFile(path, sendDetails, configDetails)
Security Considerations
User Confirmation: Ensure that wallets require user confirmation before signing transactions scanned from QR codes.
QR Code Expiration: QR codes would be implemented as a one-time-use and have a timed expiry, to minimize the risk of unauthorized access and prevent attackers from misusing transaction data.
Data Privacy: Minimize the amount of sensitive information included in QR codes to protect user privacy.