Description
The URI field stores an off-chain pointer, but there's no on-chain proof of what the metadata contains. Adding a content hash would enable:
- Verification that metadata hasn't been tampered with
- On-chain proof of metadata existence
- Trustless metadata verification
Current Code Location
project_registry/src/types.rs:5-10 — ProjectData
Recommendation
- Add
metadata_hash: BytesN<32> field to ProjectData
- Require hash to be provided during project creation
- Add verification function that compares hash against provided data
Severity
Low — Enhances trust and verification.
Description
The URI field stores an off-chain pointer, but there's no on-chain proof of what the metadata contains. Adding a content hash would enable:
Current Code Location
project_registry/src/types.rs:5-10— ProjectDataRecommendation
metadata_hash: BytesN<32>field to ProjectDataSeverity
Low — Enhances trust and verification.