I'm working on realize a new Tron DApp, very simple. But I'm newbie so I'm working starting from this tutorial: https://blog.yudiz.com/build-your-first-dapp-on-tron-blockchain/
It helps me a lot. So, here what I've made:
I've installed TronLink on my Chrome browser and I've selected the Shasta Network;
I've create a new Account (for easy, I named it "A");
I've got the Private Key and the wallet address from TronLink (I'll use it later);
I've cloned and installed the Tron-DAPP.git repository with the command:
npm install
Then, I've configured the index.js within private key and the Address "A";
Then, on https://tronide.io I've loaded the HelloWorld.sol contract, and thanks to Plugins Solidity Compiler and DEPLOYMENT I've compiled and deployed my contract; this generates a popup with the unique hash of my contract; it has got the TronLink account to require authorization to public this contract on Shasta Network;
Using this hash, I've searched it on https://shasta.tronscan.org/ to get the Contract Address;
I've copied this one on the file index.js;
Starting the DApp with:
node index
I've reached my app using 127.0.0.1:8001; Great! It works!
Now, my question: If I use my Address "A" in order to use the Contract action "postMessage()", it consumes TRX for transaction, and all things is done successfully. But if I use another Tron Wallet Address, like "B", I don't get any consume of TRX, but more important it don't require me authorization to proceed.
Instead, if I proceed on https://shasta.tronscan.org, and I make access on my Contract, within TronLink on Address "B", when I make "postMessage()" in order to write on my Contract, it requires me the authorization, and after that I consume TRX for the transaction.
What's wrong in this DApp? Why it doesn't require authorization when I make "postMessage()"?
thanks for your precious help.
It does not require authorization because your dApp has your private key. If an dApp has your private key has total control over your wallet.