Securing input from malicious users

I have a contract that takes payment to start a game, when the game is finished the score is recorded in the contract and the highest score after a certain amount of blocks takes all that has been paid to play, and the cycle restarts.

What are some ways I can secure the input of the score so a user doesn’t set up a bot to wait till the last block and send in a randomly high score and take the winnings?

Is it possible to have a user sign a transaction that produces an ID that can be checked before the score is recorded?

you will have first to make sure that you got the right score on your server, then you can use chainlink or sign the data that is sent to the smart contract

when you say sign do you mean using a gasless tx with something like biconomy, or is there another way of doing that?

I mean to sign some data with a private key so what you can check it in the smart contract

1 Like

Is this what EIP712 is used for? Or does that not apply

something similar with that one, but usually you will have to sign the messages and not the users, then send the signed message to the user so that the user makes the smart contract call with that signed data so that the user will end paying the gas fees for that transaction

Do you know of any articles explaining or key words i could use to search? I couldn’t find anything helpful searching signing data private key etc.

1 Like