Visual representation of the validity of TokenScript files
"default rendering" is the rendering of ERC20, ERC721 tokens when no tokenscript is shipped.
Possible status of TokenScript files.
| status | cause | developer treatment | UI treatment |
|---|---|---|---|
| no tokenscript | token detected but no tokenscript file | no tokenscript to run for this token | Type 0 |
| in working condition | for tsml: signature verified, validated; for xml: validated and no signature in it | run the tokenscript for this token | Type 1 |
| conflict tokenscript | a signature is found in tsml and an xml file is found, both file has the same origins that cover the token | do not run 𝑒𝑖𝑡ℎ𝑒𝑟 tokenscript for this token | type 2: label "conflict tokenscript" |
| bad signature | 1) a signature is found in xml or tsml but failed verification 2) a signature is missing in tsml. (Caused by user debugging or hack) | do not run the tokenscript for this token | type 2: label "invalid signature" |
| bad TokenScript | invalid against the namespace it is in (meaning we should ship 2019/04, 2019/05.... schemas) | do not run the tokenscript (unsure which token it is about) | exception type 'xxx.xml is not valid', the message is in wallet screen. If in debug mode, with validation errors. |
| old tokenscript | A tokenscript in an unsupported old namespace found in the app private storage. If, instead, it is found in the app directory in debug mode, treat it as "bad tokenscript" | do not run the tokenscript for this token | type 2: a label that says the tokenscript is outdated. The label is clickable to let user try to upgrade it by enquiring the repo server |
There are 3 types of UI.
| Status | Treatment | cases |
|---|---|---|
| Type 0: A token is rendered by default rendering (ERC20 and ERC721) '𝑐𝑜𝑠 no tokenscript is found | normal | |
| Type 1: A token is rendered by a Tokenscript in working condition. | give it a label if signed. give it a watermark if it is found in the user-accessible directory. green-label "as trustworthy as www.makerdao.com". If the certificate has expired, yellow-label "was as trustworthy as www.makerdao.com by xxxx"‡ | green-labeled, yellow-labeled, watermarked green labeled, watermared yellow labeled, watermarked no label |
| Type 2: A token is rendered by default rendering 'cos its tokenscript isn't in working condition | give a label on the token (some labels are clickable) | with label, with label clickable |
| Exception type: A bad tokenscript is found. | give a message in the wallet (some messages can be quite long and shown in full when clicked | with a message "bad tokenscript: xxx", with a long message "tokenscript failed validation: xxxxxxxxxxxx |
† In debug mode, if a TokenScript is broken, it's unknown which Token it is about. This situation happens a lot in debugging. When not in debugging, this happens if the wallet is updated and previous valid TokenScript is no longer valid. Because we know the TokenScript <--> Token matching relationship, we can display the message on Token. ‡ If the SSL has an EV certificate, we may as well display the company name and link it to the website.
One hyper-status
- Is a debug file (xml) - potentially taking precedence over an existing tsml file on the user's mobile. a debug file might be not in working condition, or in an unsupported outdated format. It might be rendered with a watermark:
