Hi, I’m a real newbie to Algorand and I have a question about ASA.
In Ethereum, minting a mintable token is usually done on a smart contract running on EVM, so all the already-minted tokens are sort of ‘validated’ by the contract.
However, as far as I know, process of creating an Asset in Algorand is not done on VM or something like that so the validation cannot be done during the ‘minting’ process. Maybe the only way to validate already-minted tokens is to check the MetaDataHash parameter of the tokens.
Then how can you ‘invalidate’ or remove those fake tokens on the Algo chain? (I think) it would be possible for somebody to make a fake token with the same name but false MetaDataHash to cheat and make an exchange with another naive user as if the token is real.
Actually, the attack you mention is also true for Ethereum.
Anyone can create a smart contract minting tokens with any name on Ethereum, the same way anyone can create a token with any name on Algorand.
A user may get cheated the same way on both chains: by having an exchange selling a fake token with the name of a valuable real token.
On Algorand, the only way to accurately identify a token is via its “asset ID”, which is ensured to be completely unique.
In addition, if you trust a given account, you may just check this account is the “creator” of the token.
On Ethereum, this is more complex: to identify a token, you need to know the smart contract address, the token ID, and in addition you need to check the smart contract is a legit one.
Indeed, anyone can create smart contract with the ERC-20/ERC-721/ERC-1155 interfaces that actually allow for example to mint more tokens than claimed for example. There is no such risk on Algorand as tokens (called ASA) are a layer-1 feature and token parameters are immutable.
Finally, you can also have more complex on-demand minting on Algorand using smart contracts / applications and application accounts. But this is another topic.
So you mean that if I want my token to be minted only if a minter finds a password that can decrypt a certain byte array, then I have to make a smart contract/application that can perform on-demand minting on such a circumstance, and verifying it can only be done by checking the asset ID or MetaDataHash?
How the asset is transferred to the person who found the password?
Part 1: Creation of the asset
If you know in advance the assets you will issue, just create them normally in advance and move them for part 2.
If you don’t know in advance exactly the assets you are creating, then you will need to create a smart contract application that creates on demand the asset. But most likely this is not needed.
Part 2: Minting/transfer to the user
You cannot just mint by having the user provide a password as anyone can intercept the transaction made by the user, steal the password, and mint for themselves.
This is not specific to Algorand, this is also true on Ethereum.
Instead, you need to essentially have the password being used to derive a signature secret key and have the user use this signature secret key to sign the transaction ID. Then the smart contract verifies the signature using ed25519verify and makes the transfer/minting.
Note also you need high entropy password otherwise an adversary can just easily try all passwords. Using scrypt/argon2 may allow reducing password complexity but if the password is 6 digits, there is no chance you can get something secure.