v1.6-v1.7 Be aware of some PS module with tracing protection

prokill

Well-known member
Diamond
Elite
Joined
Jul 27, 2020
Messages
273
Reaction score
258
Points
63
NullCash
459
Be aware that Prestashop might provide tracking of any installed modules on your shop since PS 1.7.3
with something called "PrestaTrust".

Check out this info:
https://www.prestashop.com/en/blog/launching-prestatrust

You will need to disable PrestaTrust if you want to install some modules protected with Prestatrust you haven't bought.

This concerns only modules with a badge PrestaTrust, which is a kind of license checking.

It might block the use of the module OR it will report to the author the use of the module if he has paid for this extra service from Prestashop.

for example knowband has been using PrestaTrust.

https://www.knowband.com/blog/prestashop-blog/knowband-prestashop-addons-now-verified-prestatrust/

To null a product remove from any modules: $this->author_address
 
Last edited:

prokill

Well-known member
Diamond
Elite
Joined
Jul 27, 2020
Messages
273
Reaction score
258
Points
63
NullCash
459
Just in case the content get removed or if you dont want to link this forum to the website.

After the recent release of its 1.7.3 version, PrestaShop launches PrestaTrust, a traceability system based on blockchain innovation.

PrestaShop Addons Marketplace has been growing quite steadily since 2009, based on the key element for a marketplace: trust.

However, someone might buy a module, then copy it hundreds or thousands of times. From then, the risk is that he can give it away or sell without permission. And of course without financial reward for the contributor. He would not even know about it. As a consequence, when a contributor gets a request for support, he has no absolute proof that the merchant who asks for this service has really bought the module. And he does not easily know if the merchant does use the original code. We have here a traceability issue both for merchants and contributors.

PrestaTrust creates a bond of trust between module developers and module users, by authenticating the code of the module and safely keeping track of its sales data in the blockchain.

Traceability is based on the Ethereum blockchain and guarantees a secure and irrefutable authentication of open source code.
What is Ethereum?

One of the most popular public blockchains. Ethereum is a decentralized platform that runs smart contracts, applications that run without possibility of downtime, censorship, fraud or third-party interference.

PrestaTrust runs different types of smart contracts, in particular:

  • Contributor smart contracts
Once an Addons developer is registered on PrestaTrust, his/her smart contract automatically provides the immutable history of each module version. A Contributor smart contract allows to prove code authenticity.

  • Purchase smart contracts
Created each time a PrestaTrusted module is bought, they contain the encrypted data of the purchased module, the buyer and the seller. A Purchase smart contract ensures the sale’s traceability, allowing the matching between one sale and one usage, preventing the abusive use of non purchased licences.

With this traceability system, PrestaTrust aims to strengthen the links between the different members of its community, by creating a strong bond of trust between module developers and module users. PrestaTrust will allow developers to increase their visibility thanks to the PrestaTrust badge stamped on their module.


What will the merchant see?

The purchase of a PrestaTrusted module will trigger a double check during the module installation on the merchant’s store:

  • a code check: when the module is installed on the store, the code of the module is compared to the original one, in order to make sure no code change happened between purchase and installation
  • a purchase licence check: the idea here is to browse the blockchain to verify that the licence corresponding to this store has been purchased
PrestaTrust is a free service for merchants and only 0.8% extra commission for contributors.

We clearly state that its solution will always remain open source. Moreover, PrestaTrusted modules will not be encrypted which means that PrestaTrust does not block the installation of any module.

As PrestaTrust’s Product Manager Margaux Choplin stated: "Building PrestaTrust has been an adventure of innovation, diving into the unexplored world of blockchain, like gold minors gathered to form an expedition into a world made of blocks, smart contracts, and real-time peer-to-peer transactions. This innovation bridges the trust gap between PrestaShop contributors - who sell open source modules - and merchants - who buy them to enhance their online store. "
 

leoseo

Member
XNullUser
Joined
Sep 14, 2020
Messages
69
Reaction score
2
Points
8
NullCash
8
Thanks for sharing, and what can they do after receiving a notification? Maybe sending emails .... Nothing more
 

JSSSX

Active member
Elite
XNullUser
Joined
Jan 25, 2020
Messages
264
Reaction score
210
Points
43
NullCash
196
Be aware that Prestashop might provide tracking of any installed modules on your shop since PS 1.7.3
with something called "PrestaTrust".

Check out this info:
https://www.prestashop.com/en/blog/launching-prestatrust

You will need to disable PrestaTrust if you want to install some modules protected with Prestatrust you haven't bought.

This concerns only modules with a badge PrestaTrust, which is a kind of license checking.

It might block the use of the module OR it will report to the author the use of the module if he has paid for this extra service from Prestashop.

for example knowband has been using PrestaTrust.

https://www.knowband.com/blog/prestashop-blog/knowband-prestashop-addons-now-verified-prestatrust/

To null a product remove from any modules: $this->author_address

Thank you for that information.
 

prokill

Well-known member
Diamond
Elite
Joined
Jul 27, 2020
Messages
273
Reaction score
258
Points
63
NullCash
459
Thanks for sharing, and what can they do after receiving a notification? Maybe sending emails .... Nothing more
potentially get your ip address, webstore adress, contact or even trace it back to the buyer who has shared the module. depends if the developer is aggressive with legal actions or not.
 

Han85

Member
XNullUser
Joined
May 16, 2020
Messages
249
Reaction score
14
Points
18
NullCash
15
Could you please specify what can a developer do in case he/she finds a non-purchased module used?
 

vanhostingweb.com

Member
XNullUser
Joined
Dec 22, 2019
Messages
400
Reaction score
3
Points
18
NullCash
0
Be aware that Prestashop might provide tracking of any installed modules on your shop since PS 1.7.3
with something called "PrestaTrust".

Check out this info:
https://www.prestashop.com/en/blog/launching-prestatrust

You will need to disable PrestaTrust if you want to install some modules protected with Prestatrust you haven't bought.

This concerns only modules with a badge PrestaTrust, which is a kind of license checking.

It might block the use of the module OR it will report to the author the use of the module if he has paid for this extra service from Prestashop.

for example knowband has been using PrestaTrust.

https://www.knowband.com/blog/prestashop-blog/knowband-prestashop-addons-now-verified-prestatrust/

To null a product remove from any modules: $this->author_address


And what is the solution ?

search for "$ this-> author address" in modules and delete?
 

prokill

Well-known member
Diamond
Elite
Joined
Jul 27, 2020
Messages
273
Reaction score
258
Points
63
NullCash
459
Could you please specify what can a developer do in case he/she finds a non-purchased module used?
I prefer not to know or to be the first one to know. ... tell me about it when you'll figure it out.
 

pk2res

Active member
XNullUser
Joined
Sep 23, 2020
Messages
1,308
Reaction score
5
Points
38
NullCash
5
How disable this protection ?
 

Nheka

Member
XNullUser
Joined
Dec 14, 2020
Messages
293
Reaction score
0
Points
16
NullCash
4
Is there a list of plugins that have that protection?
 

ugriecu

Member
XNullUser
Joined
Mar 18, 2021
Messages
217
Reaction score
3
Points
18
NullCash
16
please wite an how to remove prestatrust, removing author_address is not enough
 
Top