Spinning up a thread for us to discuss scoped providers in the NFT and FT V2 standards. An un-scoped provider is akin to โSet Approval for Allโ in the EVM world which is a big source of scams and exploits. Various folks in the community have discussed this issue, and the V2 standard is a good opportunity for us to embed a solution to this into the standard instead of wrapped ones like some of us have tinkered with.
Iโll circle back to this later to add in the various approaches folks have taken, but if anyone has input Iโd love to hear about it
It shouldnโt be a struct. If it is, the struct can be replicated and then things like fungible token allowances are not enforceable. Instead, it should be a resource.
We should probably add an optional expiration so that the scoped provider isnโt valid after a certain time.
I will make an attempt at those changes when I get the chance and pick this up afterwards unless other folks have ideas/feedback