Add API for Token information

[poor-defined]

Currently, the browser provides a method for developers to upload Token Info via email to the developer community. However, this method is no longer sufficient to meet the needs of new frameworks like Kuai for SUDT development. Instead, an API for Token Info uploading should be introduced as a replacement.

Current way

Related part in Kuai

• Also a workflow are supposed be added to ensure the TokenInfo can only be modified to the Token creator.

[zmcNotafraid]

1. Is anyone can use this api to upload udt info? or only used by KUAI?
2. Upload info has limit or not? Such every day once ..
3. Uplaod info is updated immediately or needs admin to approve?

[poor-defined]

1. Is anyone can use this api to upload udt info? or only used by KUAI?

It's better to open it only for KUAI first.

2. Upload info has limit or not? Such every day once ..

No limit.

3. Uplaod info is updated immediately or needs admin to approve?

No approve.

cc @Keith-CY

[Keith-CY]

It's better to open it only for KUAI first.

I doubt if it's feasible to only support for Kuai, because it's impossible to differentiate requests from projects built by kuai.

No limit.

If the request is not limited by some rule, it will be used to attack the service. E.g., sending 100,000 requests in a minute

No approve.

If the submission is not audited, it will be used to harm the service, e.g. update the decimal to make transfer amount 10x than it's, so the attacker can cheat others by claiming that he/she has sent 10x sudt.

[poor-defined]

I have added a workflow for verifying the creator's email.
Please check this link
@Keith-CY

[Keith-CY]

I have added a workflow for verifying the creator's email. Please check this link @Keith-CY

A Report button can be placed next to the verification code if the creator is forestalled by the attacker.

[zhangyouxin]

frontend pr： Magickbase/ckb-explorer-frontend#127

[poor-defined]

Report wording：https://vs0cjf.axshare.com/?id=ujekkc&p=_____token_api_email_report&g=1
NFT proposal : https://vs0cjf.axshare.com/?id=t9j7vc&p=%E8%A1%A5%E5%85%85%E6%8F%90%E8%AE%AE%EF%BC%9A%E4%B8%BAnft%E5%A2%9E%E5%8A%A0api%E6%8F%90%E4%BA%A4%E6%B8%A0%E9%81%93&g=1

@Keith-CY

[zmcNotafraid]

PR: nervosnetwork/ckb-explorer#1555

[Keith-CY]

I found the UI design is slightly different from the PRD

In PRD, there is a dialog with options submit token info and modify token info for the next step, but the dialog is missing in the design.

Another question is about Report mentioned at #374 (comment) it's neither mentioned in the PRD nor the design.

Please check @Sven-TBD

Besides, I would suggest adding a button on the token detail page for users to submit a modification.

[poor-defined]

I found the UI design is slightly different from the PRD

In PRD, there is a dialog with options submit token info and modify token info for the next step, but the dialog is missing in the design.

Another question is about Report mentioned at #374 (comment) it's neither mentioned in the PRD nor the design.

Please check @Sven-TBD

Besides, I would suggest adding a button on the token detail page for users to submit a modification.

I guess this is because I made two version, the one with dialog is on the original version and is deleted after a meeting. And I put the report button on the original version which should be on the latest one. BTW, do we still need the dialog? Based on the last meeting we had about the Token API things, the dialog should be deleted because the user could modify the Token Info only on the Token Information page.

The PRD has been updated, and I put the report button here.

[Keith-CY]

I found the UI design is slightly different from the PRD
In PRD, there is a dialog with options submit token info and modify token info for the next step, but the dialog is missing in the design.
Another question is about Report mentioned at #374 (comment) it's neither mentioned in the PRD nor the design.
Please check @Sven-TBD
Besides, I would suggest adding a button on the token detail page for users to submit a modification.

I guess this is because I made two version, the one with dialog is on the original version and is deleted after a meeting. And I put the report button on the original version which should be on the latest one. BTW, do we still need the dialog? Based on the last meeting we had about the Token API things, the dialog should be deleted because the user could modify the Token Info only on the Token Information page.

The PRD has been updated, and I put the report button here.

Got it, I think the dialog for choosing the next step is unnecessary if they can modify token info on the token detail page

[Keith-CY]

Before modifying the info of a token, its original info is expected to be filled in the form. So all fields of token info are expected to be returned in API as https://testnet-api.explorer.nervos.org/api/v1/udts/0x5a2051e1289743e5878e8045e277500c3c105a4b60faa50c91054a32490ce24b

Now website is missing in the response, need support for @zmcNotafraid

---

Besides, I found that creator email is not necessary in the modify token info dialog because it's private information, and getting veri-code doesn't require it to be on the page. @Sven-TBD

[Keith-CY]

Before modifying the info of a token, its original info is expected to be filled in the form. So all fields of token info are expected to be returned in API as https://testnet-api.explorer.nervos.org/api/v1/udts/0x5a2051e1289743e5878e8045e277500c3c105a4b60faa50c91054a32490ce24b

Now website is missing in the response, need support for @zmcNotafraid

Besides, I found that creator email is not necessary in the modify token info dialog because it's private information, and getting veri-code doesn't require it to be on the page. @Sven-TBD

According to the discussion yesterday, I need 2 more fields returned in the SUDT info API

1. website, which is submitted when token info is updated
2. creator email, which is submitted when the token info is initialized, and the email address should be protected by concealing some chars, e.g. abc***ail.com
   @zmcNotafraid

[zmcNotafraid]

returns operator_website and email in udt show api

Before modifying the info of a token, its original info is expected to be filled in the form. So all fields of token info are expected to be returned in API as https://testnet-api.explorer.nervos.org/api/v1/udts/0x5a2051e1289743e5878e8045e277500c3c105a4b60faa50c91054a32490ce24b
Now website is missing in the response, need support for @zmcNotafraid
Besides, I found that creator email is not necessary in the modify token info dialog because it's private information, and getting veri-code doesn't require it to be on the page. @Sven-TBD

According to the discussion yesterday, I need 2 more fields returned in the SUDT info API

1. website, which is submitted when token info is updated
2. creator email, which is submitted when the token info is initialized, and the email address should be protected by concealing some chars, e.g. abc***ail.com
   @zmcNotafraid

[Keith-CY]

I found a typo in PRD that MagickBase should be MagiCKBase, it's a combination of Magi and CKBase, it will be fixed in code directly, but please update the PRD and design later
cc @Sven-TBD @FrederLu

[zmcNotafraid]

Ignore total_amount update PR: nervosnetwork/ckb-explorer#1615

[FrederLu]

https://pudge.explorer.nervos.org/sudt/0xe3be4fb98ec914886c6525abac97e1f8769c59492636a1d35955e9163ef46efa

usdt (deprecated) prompts an exception when entering the verification code to submit. It is expected that the data was submitted according to sUDT.

[Keith-CY]

pudge.explorer.nervos.org/sudt/0xe3be4fb98ec914886c6525abac97e1f8769c59492636a1d35955e9163ef46efa

usdt (deprecated) prompts an exception when entering the verification code to submit. It is expected that the data was submitted according to sUDT.

It should be fixed by Magickbase/ckb-explorer-frontend#249

The mismatched typehash comes from computation with default parameters, but it can be read from the url when it's the token detail page.

[FrederLu]

Verified.