I was referencing the POS tutorial in the Algorand Developer Resources. Creating a Point-of-Sale Application with the Algorand Blockchain | Algorand Developer Portal
So my understanding is that the tutorial describes the flow from the POS app (such as a eCommerce website) to Payment Gateway (the server handling/verifying payment) to client wallet. The solution calls for an unsigned transaction to be generated from POS app, goes through the payment gateway, then passed to the client wallet, which sends the signed transaction back to the payment gateway to be broadcasted.
Assuming these passes are API calls (such as post requests from the wallet to the gateway),
- why can’t the client wallet directly submit transaction to the blockchain and the payment gateway screen for the new blocks that contain this transaction (you could add a unique id in the note field and locate that)? would this cause security risks?
- does this assume that the client wallet is integrated with the payment gateway? if the client is using a third party wallet, how would you expect the wallet to pass the signed transaction back to the gateway?