diff options
author | Marcello Stanisci <marcello.stanisci@inria.fr> | 2016-02-16 20:16:54 +0100 |
---|---|---|
committer | Marcello Stanisci <marcello.stanisci@inria.fr> | 2016-02-16 20:16:54 +0100 |
commit | b909ded00c717c575b8110a689e7b7d2e1d582ac (patch) | |
tree | e0c8d2240ace404764336b44d67e9a0e41fb9d06 /impl-merchant.rst | |
parent | 4479b49bda602a73f6e1c24fdfb68dfbbf15b069 (diff) | |
download | docs-b909ded00c717c575b8110a689e7b7d2e1d582ac.tar.gz docs-b909ded00c717c575b8110a689e7b7d2e1d582ac.tar.bz2 docs-b909ded00c717c575b8110a689e7b7d2e1d582ac.zip |
minor
Diffstat (limited to 'impl-merchant.rst')
-rw-r--r-- | impl-merchant.rst | 9 |
1 files changed, 5 insertions, 4 deletions
diff --git a/impl-merchant.rst b/impl-merchant.rst index 505376d0..28bfc76b 100644 --- a/impl-merchant.rst +++ b/impl-merchant.rst @@ -52,10 +52,11 @@ The following API are made available by the merchant's `backend` to the merchant .. http:post:: /hash-contract - Ask the backend to compute the hash of the `contract` given in the POST's body. This feature - allows frontends to verify that names of resources which are going to be sold are actually `in` - the paid cotnract. Without this feature, a malicious wallet can request resource A and pay for - resource B without the frontend being aware of that. + Ask the backend to compute the hash of the `contract` given in the POST's body (the full contract + should be the value of a JSON field named `contract`). This feature allows frontends to verify + that names of resources which are going to be sold are actually `in` the paid cotnract. Without + this feature, a malicious wallet can request resource A and pay for resource B without the frontend + being aware of that. **Response** |