Not sure if this is the right place for this, but seems as good as any…
Let's say I create a copy of the compound.finance website, and also copy the Compound smart contracts.
As I understand it, if I only need to use my website SSL certificate, the Tokenscript would look correct?
How does one get around that problem? Feels like there needs to be a strong link between the account that deployed the token contract, and the account signing the tokenscript? Then it could be verified automatically by wallets etc.
Quite possible I have missed something though!