At the moment, the app is updating and retrieving data from NoSQL collections in Firebase. This setup is prone to failures from someone closing the app while a transaction is pending or just using a 3rd party client to make calls to the contract and change its state. We can mitigate this vulnerability by fetching the data directly from the chain (using RPC nodes) and only use Firestore to augment the data onchain.
At the moment, the app is updating and retrieving data from NoSQL collections in Firebase. This setup is prone to failures from someone closing the app while a transaction is pending or just using a 3rd party client to make calls to the contract and change its state. We can mitigate this vulnerability by fetching the data directly from the chain (using RPC nodes) and only use Firestore to augment the data onchain.