How to transfer soul bound tokens and sell them on OpenSea?

Even if the token itself is not transferable, SBT will also shake the meaning of soul binding with the transfer of its address authority itself.

Original title: A Method of Transferring and Aucting Non transferable Souls to Bind Tokens in Os

Written by: Fourteen Gentlemen

Vitalik , founder of Ethereum in early May; After the publication of the soul token SBT paper, it quickly became one of the most popular topics in the entire Web3 field. Vitalik used this SBT when it released a new book not long ago. Anyone can donate any amount and obtain a soul bound NFT. However, the new Token standard is not only lacking the reliable application of soul binding in the market, but also the loophole of forced transfer of its soul token itself.

For contract technology veterans, only the contract wallet/A3S protocol two keywords can understand the core content. But if you are interested in the implementation details, let's explore with this article.

1. What is the soul bound token

Liberalism has always been the cornerstone of the vigorous development of Web3 or the blockchain world, but the unruly liberalism has given birth to the fact that only hackers are the most successful groups in the transformation from web2 to web3. So what kind of ideology does the truly valuable Web3 need?

Vitalik believes that Web3 needs to take responsible liberalism as the new belief foundation. So the essence of SBT is to introduce the reputation mechanism into Web3, so that the digital world can evaluate and measure the reputation of accounts, and establish reputation, responsibility and social capital in a decentralized world.

The way to achieve this is to issue a non transferable token under the target of wallet address, and call it Soulbond.

1.1 Case of SBT application scenario

SBT, Soulbond Token (soul bound token), as its name implies, is a token bound to a user account or wallet. Once generated, it cannot be traded. It can be used to represent commitment, qualification, affiliation, etc., similar to the resume as a proof of corresponding social relations.

In Vitalik's paper, the related account binding SBT is defined as Soul.

For example, the account (Soul) bound by Ethereum Foundation can issue corresponding SBT to those who participate in its developer conference, and the account (Soul) bound by a university can also issue SBT representing the degree certificate to its graduates, etc.

The sample target of this article is that when Vitalik releases a new book, the SBT will be attached to the donation address.

1.2 Minimum realization of SBT

In fact, both ERC20 and ERC721 perform the transfer function through the transfer and SafeTransferFrom in the contract standard. Therefore, for the minimum implementation of SBT, you only need to delete the transfer code, so that only Mint can modify the user balance table_ Balances.

2. What are the vulnerabilities of transferring SBT?

2.1 Overview of wallet classification

In fact, it is very simple. It is the wallet that can initiate transactions on the chain, and the wallet is divided into single sign and multi sign.

Single sign wallet: we need to send a transfer transaction to the blockchain, and we need to use the wallet to make a signature. We sign our name and send the transaction, and the transfer will be successful if the transaction is executed successfully. This is a typical single sign wallet, and it is also the money package we use most often.

The multi signature wallet, as its name implies, is a wallet that requires multiple people to sign to perform an operation. Use multi sign wallet to transfer money, which often requires>= The transfer operation is completed only after one person signs and sends the transaction. When using the multi signature wallet, we can specify the m/n signature mode, that is, the operation can be completed if there are m signatures in n individuals.

The multi sign wallet is often used for individuals who need strong security, as well as investment institutions, exchanges and project parties that manage public assets. The core value is fund security and fund joint management

2.2 How to mintNFT the multi sign wallet?

In Ethereum, the multi sign wallet is often a smart contract, and to achieve multi sign management of the contract, there are two paths corresponding to each other

  • The Ownbit multi signature wallet uses the signature authorization method: use your private key to sign the corresponding cost (amount, target address, etc.) and give the signature result

  • Gnosis multi sign wallet uses the transaction authorization method: use your private key to send an Ethereum transaction, call a specific interface, and give specific parameters;

Let's use earlier versions of Gnosis to implement V1 as an example

2.3. Gnosis multi sign execution process of any transaction

It is divided into four stages: initialization stage → proposal stage → voting stage → implementation stage

  • Initialization phase: define several administrators_ Owners, only these addresses can be called for subsequent transactions

  • Proposal stage: any administrator submits a transaction through the submitTransaction method and gets a transaction number, transactionId. The submitted transaction needs to carry the three parameters destination, value and data

  • Voting stage: other administrators submit ETH; Vote by transaction and call the confirmTransaction method of the contract

  • Execution stage: when the number of people confirming reaches the minimum requirement, the internal logic of executeTransaction will be triggered,

The final contract executes any operation through call remote call

2.4 Why can I perform any operation?

Because destination is the target address, value is the amount, and data is the parameter attached to the transaction.

In an Ethereum transaction, the Data field is the incidental information of the transaction and has clear rules for control. For example, the following figure is the most common ERC20 transfer transaction. The display logic after Etherscan analysis is as follows, while the original text before transaction analysis is

0xa9059cbb0000000000000000000000003baf10686c60680d491f49ea3f720a1831c3391e00000000000000000000000000000000000000000000f92e1b81422bfc3a0000

The principle of parsing is that the corresponding function name and parameter list can be obtained according to the ABI file of the contract corresponding to the first 8 bits, and the subsequent 64 bits will be converted and parsed according to different parameter types

Therefore, for a proposal, you only need to clearly specify the target address, amount, and transaction parameters, and then you can perform any operation

2.5 Summary - Comparison of advantages and disadvantages of contract wallet model

Here is an overview of the implementation logic of the core GnosisV1 version. In fact, it has been gradually revised into the form of an owner like model, which uses the signature verification mode. The main reason is that

Sending transaction representative proposals and votes has the advantages of being easy to understand, avoiding complex signature calculation, and being traceable at any time throughout the online implementation, but also has significant disadvantages

  • One proposal requires more than one person and the transaction cost is high

  • The last voter has higher gas fee, that is, the cost is unbalanced

  • The actual logic of re transaction is in the data field, which is difficult to read and understand

Therefore, the user weighed the advantages and disadvantages and finally gave up the transaction confirmation method, allowing him to move towards the mode of signature holding and signature verification.

3. How does SBT sell on OpenSea?

So far, it has been very significant. Just use the contract wallet, whether Gnosis or Ownbit, to initiate donations and then take away NFT. That can't transfer the Token itself. It can be sold with the wallet itself.

Of course, getting is not the end. Our goal is to have an appropriate way to auction him! To achieve pricing for SBT

Here we need to use a special protocol named: A3S

A3S protocol architecture diagram

It is a multi chain protocol to build the next generation address standard. Providing liquidity and integration for addresses, A3S enables addresses to be securely traded, leased and hosted. Therefore, the address becomes the infrastructure on the chain that can be transferred and priced.

The user casts a Commander NFT from the smart contract address factory, and it will automatically deploy the corresponding smart contract. The owner of the smart contract points to the corresponding NFT holder. The contract can receive any type of on chain assets, and only the owner is allowed to send assets. That is, the smart contract will be used as a carrier for users to interact with any blockchain dApp.

Who holds the NFT is the remote controller holding the smart contract. If the NFT is transferred, the management right of the smart contract is transferred.

Through this principle, we can finally see that there are some orders on Opensea based on this protocol. Of course, there is no price. After all, there is no large-scale social consensus on wallet address transactions.

summary

This article outlines the concept cornerstone of SBT, and highly recognizes that Web3 needs to take responsible liberalism as the new belief foundation, but the new concept needs to fully consider the sniper guns issued in dark forests such as smart contracts. By outlining the implementation principles of Gnosis and Ownbit, and combining the more advanced A3S wallet address transfer protocol, it systematically explains that SBT even though Token itself is not transferable, It will also shake the meaning of soul binding with the transfer of its address permission.

Finally, when I collected the data in this paper, I also found that 5660.eth, a researcher who had originally had a similar idea, transferred this SBT contract wallet to Vitalik's wallet address, perhaps to remind V God and his Ethereum Foundation to make more periodic optimization of the subsequent EIP proposal around SBT, such as detecting whether the awarding object is the contract address.