Authors: Volodymyr Kozieiev [email protected]
- Why 3rd party API can be a problem?
- 3rd party APIs used by Status
This specification discusses 3rd party APIs that Status relies on. These APIs provide various capabilities such as:
- communicate with the Ethereum network
- allow users to see address and transaction details on external website
- get fiat/crypto exchange rates
- get information about collectibles
|Fiat money||Currency which established as money, often by government regulation, but that has no intrinsic value|
|Full node||Any computer, connected to the Ethereum network, which fully enforces all the consensus rules of Ethereum.|
|Crypto-collectible||A cryptographically unique, non-fungible digital asset . Unlike cryptocurrencies, which require all tokens to be identical, each crypto-collectible token is unique or limited in quantity.|
Relying on 3rd party APIs interferes with
censorship resistance Status principle. Since Status aims to avoid suppression of information it is important to reduce amount of 3rd parties crucial for app functionality.
Infura hosts a collection of full nodes for the Ethereum network and provides an API to access both the Ethereum and IPFS networks without having to run a full node.
Status works on mobile devices and therefore can’t rely on local node. So all communication to Ethereum network happens via Infura.
Making a HTTP request means that a user leaks metadata, which can be used in various attacks if an attacker hacks the service. Infura hosts on centralized providers. If these fail or the provider cuts off service, then Status features requiring Ethereum calls will.
Etherscan is a service that allows user to explore and search the Ethereum blockchain for transactions, addresses, tokens, prices and other activities taking place on Ethereum.
Status Wallet allows users to view details of addresses and transactions on Etherscan.
If Etherscan fails user won’t be able to view address or transaction details with it. But inside the app this info will still be available.
CryptoCompare is a service that shows live streaming prices, charts and analysis from top crypto exchanges.
Status regularly fetches crypto prices from CryptoCompare. Using that info Status calculates fiat value for transaction or wallet assets.
Making a HTTP request means that a user leaks metadata, which can be used in various attacks if an attacker hacks the service. If CryptoCompare fails Status won’t be able to show fiat equivalent of crypto in wallet.
There is a set of services that used for getting information about collectibles:
Making a HTTP request means that a user leaks metadata, which can be used in various attacks if an attacker hacks the service.
Service that helps in creating documents that make websites and apps compliant with the law across multiple countries and legislations.
Copyright and related rights waived via CC0.