-
Notifications
You must be signed in to change notification settings - Fork 51
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Initial draft of Dip 172: P2M On-Chain Registration
- Loading branch information
Showing
1 changed file
with
70 additions
and
0 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,70 @@ | ||
| --- | ||
| dip: 172 | ||
| title: P2M (eCommerce) On-Chain Registration | ||
| authors: Dimitri Roche (@dimroc), David Wolinsky (@davidw), Yinon Zohar, Daniel Prinz | ||
| status: Draft | ||
| type: Standard | ||
| created: 05/14/2021 | ||
| --- | ||
|
|
||
| # Summary | ||
|
|
||
| This DIP describes the registration step for VASPs to enable eCommerce peer to merchant (P2M) payments. By writing on-chain a VASP’s P2M configuration, future off-chain P2M VASP activity will have the information needed to complete the payment process. | ||
|
|
||
| This DIP builds on previous work in the space of P2M and identity. [DIP-158](https://github.com/diem/dip/blob/main/dips/dip-158.md) describes one approach for supporting P2M leveraging the Diem off-chain protocol defined in DIP-1. DIP-10 defines an on-chain naming service for VASPs, namely the domain portion of a DiemId. | ||
|
|
||
| While there might be many P2M flows, three basic elements can be used to construct many of them: | ||
| A flag signifying whether or not the VASP supports the customer flows for P2M payments | ||
| An authentication URL to kick start the peer authentication and authorization within the customer’s VASP of [DIP-158](https://github.com/diem/dip/blob/main/dips/dip-158.md) | ||
| An URL that links to an image representing the VASPs business | ||
|
|
||
| --- | ||
|
|
||
| # Example Flow | ||
|
|
||
| The scenario begins with a customer, Alice, entering the checkout flow of a merchant website: | ||
| 1. Alice is presented with several options for payment, one of which is “Pay with Diem”. | ||
| 1. Upon selecting that option, Alice is presented with a typeahead to enter their DiemId, e.g., alice@CustomerVASP. | ||
| 1. Simultaneously the merchant site initiates [DIP-158](https://github.com/diem/dip/blob/main/dips/dip-158.md) with its VASP, the merchant VASP, which returns to the merchant site a reference id that represents the payment agreement and the merchant VASP’s on-chain account address. | ||
| 1. The merchant site leverages the on-chain configuration to translate CustomerVASP into an authentication url for iframe integration and includes the reference id and account address provided earlier. | ||
| 1. Alice then authenticates with her VASP (CustomerVASP) and confirms the payment agreement with the merchant resulting in the completion of the [DIP-158](https://github.com/diem/dip/blob/main/dips/dip-158.md) protocol. | ||
|
|
||
|
|
||
|  | ||
|
|
||
|  | ||
|
|
||
| --- | ||
|
|
||
| # On-chain Data | ||
|
|
||
| ### P2M Configuration | ||
|
|
||
| ```rust | ||
| resource struct CustomerVASPConfig { | ||
| enabled: bool, | ||
| authentication_url: vector<u8>, // UTF-8 encoded string | ||
| image_url: vector<u8>, // UTF-8 encoded string | ||
| } | ||
| ``` | ||
|
|
||
| #### Field definitions: | ||
| * `enabled` -- defines whether or not the VASP is currently supporting P2M checkout. The intent here is that the customer experience should be seamless and not require awkward checks between the merchant VASP and customer VASP to validate whether or not the customer VASP supports merchant checkout. If this is false or the CustomerVASPConfig does not exist, then the customer VASP does not support checkout. | ||
| * `authentication_url` -- an endpoint that provides an authentication and authorization flow for the customer, the expected format is defined in [DIP-158’s appendix](https://github.com/diem/dip/blob/main/dips/dip-158.md#appendix-a---prerequisite-sharing-common-payment-identifier-and-address) | ||
| * `image_url` -- an endpoint that points to a standard image type (png, jpeg, gif) and is expected to be no larger than 100 KB (or maybe 10 KB?, the merchant or merchant VASP can always resize larger images to be smaller). | ||
|
|
||
| # On-chain Events | ||
|
|
||
| In order to efficiently identify updates to this, every change to a CustomerVASPConfig results in an event being fired from the TreasuryCompliance account (address 0xB1E55ED). | ||
|
|
||
| ```rust | ||
| resource struct CustomerVASPConfigEventManager { | ||
| events: Event::EventHandle<Self::CustomerVASPConfigEvent>, | ||
| } | ||
|
|
||
| struct CustomerVASPConfigEvent { | ||
| enabled: bool, | ||
| authentication_url: vector<u8>, | ||
| image_url: vector<u8>, | ||
| } | ||
| ``` |