[FR] - Force pool's metadata to be hosted on pool website as a way to prove ownership

[CarlosLopezDeLara]

FROM TICKET ON ZENDESK Adding this here under Sava's guidance:

As a delegator I want to be 100% sure that the poolowner is indeed the owner of the website as well.
Let’s play the devils advocate here.
I create a stakepool called “Rabo” and I add the website rabobank.com and pretend I am a large Dutch bank who runs a pool....
How am I supposed to know if this is true or not?
It should NOT be possible to add a website you don’t own.
Delegators should have 100% certainty that the stakepool belongs to that website imo.
This should be quite an easy fix? The url in the meta data json file, MUST match the domain it is uploaded to
If you have the domain rabobank.com in the json file, the json file must be uploaded to the domain rabobank.com.
OR have an option/ticker where stakepools can verify ownership of their domain so delegators can be sure they are dealing with the right entity

[mark-stopka]

Thats a functionality suited for wallet, not for a node, it may be implemented in Daedalus or cardano-wallet backend, it has no place in the node.

[kevinhammond]

Yes, not node-related, but could be a feature for SMASH or Daedalus, perhaps. I think the proposed scheme might run into some difficulties with e.g.

URL spoofing (man-in-the-middle)
Sub-domains
Domain mapping (where a company has multiple domains and remaps them internally)
Domain reuse (where a domain is no longer in use, but is acquired by a third party)

A scheme based on a signature in the metadata or an associated file would probably provide more guarantees, or perhaps some standard certificate could be used.

[dcoutts]

It should NOT be possible to add a website you don’t own.

This is where we need to be clear about the security model is and what the legitimate expectations are. We need to be clear about who is relying on what information for what purpose. Only then can we come up with an overall design and check it fits the needs. So I'd caution against an ad-hoc approach.

[AndrewWestberg]

I've downvoted this FR. It's already a huge problem for SPOs that aren't able to get a quality website running to host their metadata based on how many issues of people falling out of the wallet listings. JorManager was designed so that the user can simply enter their info into a form and it will be hosted automatically on a high-availability cloudfront backed by s3 website. I believe people hosting their metadata on pooltool do the same.

[mark-stopka]

@AndrewWestberg

It's already a huge problem for SPOs that aren't able to get a quality website running to host their metadata based on how many issues of people falling out of the wallet listing

Really think it's a good idea to have such people run public SPO service? 🤷‍♂️

[AndrewWestberg]

@mark-stopka Non-technical and "unqualified" people going to run pools whether I want want them to or not. I land on the side of helping prevent them from making a bad name for the overall ecosystem by making it easier to run a pool. In any case, happy to discuss further on Telegram instead of a github FR.

[mark-stopka]

@AndrewWestberg sure, it's late overhere, ping me tomorrow!

[glitch40]

#1354
Should handle this "proof" of ownership for a domain and the hosting issues.