restake wallet verification

[Perseverance42]

Please consider adding a way for validators to verify the validity of their entry.
This would give delegators the certainty that the restake wallets listed in this repository are authentic and controlled by the validator.

The current implementation of restake.app bot does need to query for generic delegation grants (ledger workaround), which do not have a delegation whitelist, potentially allowing the restake wallet to delegate to any validator.
A malicious entity could list restake wallets here and redirect delegators staking rewards to a malicious validator, potentially robbing delegators through commissions.

This scenario might be highly unlikely for mature chains with a high enough delegation floor for validators but chains with accessible active validatorset could face this problem.

My suggestion for a verification method would be to have the validator's initial delegator wallet broadcast a transaction that includes the restake wallet address in the memo and attach the transaction hash to the profile or PR.

[tombeynon]

Great suggestion and I completely agree something is needed here for verification. I like the idea of a blockchain based solution but I also want to make it as easy as possible. Ultimately the issue lies in who is allowed to make updates to this repository - we could go with a simpler solution where each validator can specify an array of github usernames in profile.json or authors.json who can make changes. We would then implement a CI workflow to check the user against this array if it exists, and fail any PR which doesn't match.

The initial submission of this list will have potential for abuse, but after that only users who are already in the list would be authorised to change it (unless special circumstances dealt with manually), which at least gives us some author control.

What do you think about that? Potentially in addition to some form of second verification layer like you outlined.

[Perseverance42]

Defining specific GitHub accounts for making changes to existing entries should be sufficient.

For the initial entry, I suggest using keybase as a form of validation. Many validators use keybase identity already as the identity field stored on-chain. Github accounts can be verified as well so it should be relatively seamless for validators who already have this setup.

[coderprovider]

hello mates
I saw your ongoing project and is there any chance to work with you?
I have developed many applications in EVM, Solana, Cosmos and so on
I can contribute to your project