General Nomenclature

This page is about TokenScript concepts, Mobile-wallet-specific stuff goes to Mobile Wallet Nomenclature

Token Negotiation

If a web service supports multiple tokens, or that it only supports one token, and a user has multiple instances of it, Token Negotiation is the process of finding the match. Token here is a broad word. It also covers the matching of attestations.

Example 1. On 1st Jan 2018, BWS, a website, requires the buyer to be over 18 years old. It request an identity attestation:

(&(|(objectClass=DriverLicence))(objectClass=Passport))(valid>=2018101)(birthDate<20000101))

Meaning one of Driver's licence, NSW Photo Card and Passport will do, as long as it isn't expired on that day, and has a birthDate earlier than 18 years ago.

Another example would be the same BWS website allowing the user to check out with either store credit, cash-equivalent (DAI) or crypto. Such negotiation is more complicated than the identity case because it needs to specify the required balance in multiple ways and might have different transaction rules for each. For example, if you use an American Express credit card, the price is $10 off for $100 minimum spent.

Token Cards and Action Cards

A card has one or more <view> or <audible>. As a rule of thumb, design for those with good eyes and provide <audible> when TokenScript grews big enough that accessibility is relevant. One of the <view> can be an iconified view.

An action card either produces a blockchain transaction or an attestation. A token card just renders a token or an attestation.

A token can have as many token cards as its contexts, and limitless action cards. Most action-cards are only used by the token's owners, but a token-card doesn't assume the context being in the user's wallet.

For example, Alice, a car owner, has a Car token with a "lend" action, which is an action-card. Alice uses it to produce an attestation "AuthorisationToUse" to Bob. That AuthorisationToUse would cause the car token to be rendered in Bob's wallet context (Bob can see it in his own wallet), which is a token-card.

Express of trust

A TokenScript can be signed by one or more entities or trusted by one or more entities. By signing, it is associated with an identity. Currently, we relax the requirement to allow web certificate, which is typically not supposed to be used in Signing, to sign a tokenscript, indicating that the tokenscript is authored by a certain website's team. AlphaWallet-issued TokenScripts are signed with a DV certificate with higher authenticity, as a 3rd-party has verified the organisation (AlphaWallet Pty Ltd).

The signing of tokenscript does not indicate the tokenscript has anything to do with the very token for which it is providing essential security functions (e.g. forming a transaction). That part is dealt with Express-of-Trust.

An express-of-trust is a normal Ethereum transaction coming from a token contract's deploying address, showing that the same person who deployed the token contract trusts the TokenScript. The recipient address is one that is calculated from the TokenScript's DigestValue. The amount can be anything, normally zero but any ether sent in that transaction is considered a tip to the TokenScript project. More in the document