Skip to content

Commit 92baa73

Browse files
philipliuphilipliu
committed
Update recommendations section
1 parent 58cef2b commit 92baa73

File tree

1 file changed

+2
-2
lines changed

1 file changed

+2
-2
lines changed

ecosystem/sep-0006.md

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -270,7 +270,7 @@ SEP-6 lays out many options for how deposit and withdrawal can work. These are r
270270
* Determine which anchor endpoints will require authentication
271271
* Fetch the asset's deposit & withdrawal fee structure: if `fee_fixed` and `fee_percent` are provided, show this to the user early in the process so they're fully informed.
272272
* If the `/fee` endpoint is enabled, use it for computing fees when you need to show them to the user.
273-
* While `/info` allows an anchor to communicate non-standard fields that are needed for `/deposit` or `/withdraw`, it's easier for a basic wallet implementation to hard-code extra fields that are needed on a per-anchor basis, and ensure those fields are passed in properly.
273+
* While `/info` allows an anchor to communicate fields that are needed for `/deposit` or `/withdraw`, Anchors are recommended not to collect these through request parameters, but rather through [SEP-12](sep-0012.md) to avoid leaking sensitive information through URLs. If the anchor requires fields to be provided through request parameters, the wallet can hard-code any extra fields on a per-anchor basis to ensure those fields are passed in correctly.
274274
* **Authentication**
275275
* If needed, perform [authentication](#authentication) via SEP-10 before hitting those endpoints
276276
* **Make a request to `/deposit` or `/withdraw`.**
@@ -288,7 +288,7 @@ SEP-6 lays out many options for how deposit and withdrawal can work. These are r
288288

289289
### Basic Anchor Implementation
290290

291-
* Provide a full-featured implementation of [`/info`](#info).
291+
* Provide a full-featured implementation of [`/info`](#info) using SEP-12 to collect any KYC or financial account information from the user.
292292
* Decide which endpoints, if any, need to be [authenticated](#authentication), and declare that properly in the `/info` endpoint.
293293
* Pick your approach to [fees](https://github.com/stellar/stellar-protocol/blob/master/ecosystem/sep-0006.md#fee). We recommend using `/info` to express fees as it provides a better user experience (the user can see the fee structure in the wallet early in the process).
294294
* **For both deposit and withdrawal**:

0 commit comments

Comments
 (0)