[Prestashop] Long story short: Prestatrust is dead

[devnull]

Hello!

After googling a while, it appears that all news & articles related to "PrestaTrust" are old and outdated.

PrestaTrust allows to authenticate the code of modules sold on PrestaShop Addons Marketplace and to safely keep track of the sales data in the the Ethereum blockchain

=> PrestaShop launches PrestaTrust, a traceability system based on blockchain

=> Everything You Always Wanted To Know About PrestaTrust

=> Integration of PrestaTrust in module management #8378

In short, PrestaTrust was designed to "flag" modules (and buyers) in order to prevent "sharing":

One solution is to have build-in licensing mechanism inside prestashop core that would ensure merchant have the rights to use the module (of course, you can always modify the prestashop core and disable this licensing mechanism, but that's not something that regular user will do)

So, reusing a module would lead to a warning and also leak data to the merchant (website url, contact email, other?):

However, the main goal was to increase PrestaShop Addons Marketplace profits (30% commission on each sell)

# ---------

The latest "news" I could find is in French (08 Aug 2018) and apparently, the original blog post was deleted: could not find the source on Prestashop Devblog.

=> Mise en pause de PrestaTrust avant la prochaine itération (We put Prestastrust on hold before next iteration)

After that, nothing...

Note that the code is still present : PrestaShop/src/Adapter/Module/PrestaTrust/

But, from my point of view, Prestashop has (silently) shut down Prestatrust cloud servers and any validation request now returns "OK".

If you are still skeptical, you can manually disable Prestatrust:

=> One Page Checkout PS 4.0.5

Have a great day!

 

[xeta]

Thanks for information

 

[xtips]

The module in github is update in the last month!

 

[Makman]

Thanks for the info,

 

[x0rzkov]

thanks for sharing the tip

 

[prestahawe]

thanks for sharing this information

 

[w1nner4fun]

I just saw this post and wanted to thank you for the tip. It's very useful.
But the link you provided is not working, so I had to get the content from google's cache.
Here it is:
(to admins: if my post doesn't comply to the forum's rules, please delete it)

Remove the binding:
1. Open the file \ app \ config \ config.yml , find the line:
base_url: "https://api-addons.prestashop.com"

Replace with:
base_url: "127.0.0.1"

Find the line:
prestatrust:
enabled: true

Replace with:
prestatrust:
enabled: false

Be sure to clear the cache !!!
All. PrestaTrust is disabled.
The rules are as follows:
a) We do not log in from the store’s back office in Prestashop Addons.
b) We make a backup of the file (when updating the prest, the changes will be erased) and set the access rights to 333, 555 or 755.

2. Optional item We
close, just in case, the check of modules that support license checking.
Open the file:
\ src \ Adapter \ Module \ PrestaTrust \ PrestaTrustChecker.php
Find the code:
protected function isCompliant (Module $ module)
{
if (! $ module-> attributes-> has ('author_address')) {
return false;
}
$ address = $ module-> attributes-> get ('author_address');
// Always ensure 0x prefix.
// Address should be 20bytes = 40 HEX-chars + prefix.
if (! self :: hasHexPrefix ($ address) || strlen ($ address)! == 42) {
return false;
}
if (! function_exists ('ctype_xdigit') ||! ctype_xdigit (substr ($ address, strlen ('0x')))) {
return false;
}
return true;
}

Replace with:
protected function isCompliant (Module $ module)
{
return false;
}

This will say that there are no modules supporting verification.
Open:
\ src \ Adapter \ Module \ PrestaTrust \ ModuleEventSubscriber.php
Find:
public function onNewModule (ModuleZipManagementEvent $ event)
{
if (! $ this-> enabled) {
return;
}

$ this-> checker-> checkModuleZip ($ event-> getModuleZip ());
}

Replace:
public function onNewModule (ModuleZipManagementEvent $ event)
{
return;
}