Link-based transfer needs enhanced encryption for secure token transmission
The entire process of sending tokens can be broken down into two methods:
Direct transfer. Tokens are directly sent from the current user to a specific address. This transaction is signed by the current user.
Link-based transfer. The current user sends tokens to a randomly generated new address and creates a link. This link contains the private key of the new address. The user can then forward this link to the recipient. Upon clicking "claim" on the link, the recipient signs a transaction using the private key provided in the
location.hash, thereby transferring the tokens from the new address to their own address.
For these methods, every private key corresponds to an address (which is essentially the hash of the address) that has a length of 32 bytes. To claim the link, the recipient only needs to provide the private key; the address is automatically derived from the private key.
However, in some scenarios (for instance, when the sender wants to ensure that the link is not hijacked by attackers to maliciously steal tokens), the private key inside the link needs to be encrypted. Only when the recipient enters the correct passphrase can the tokens be extracted. This security measure can be achieved by employing different encryption techniques like AES, DES, and so forth. By doing so, as long as the sender transmits the decryption key separately to the recipient, it ensures that intermediaries would not be able to hijack the process.