Skip to content

Commit

Permalink
Merge pull request #305 from arichiv/patch-1
Browse files Browse the repository at this point in the history
Preventing Issuer Exhaustion
  • Loading branch information
dvorak42 authored Jul 18, 2024
2 parents ae07cb5 + 344d11f commit 3530525
Show file tree
Hide file tree
Showing 2 changed files with 14 additions and 0 deletions.
5 changes: 5 additions & 0 deletions README.md
Original file line number Diff line number Diff line change
Expand Up @@ -235,6 +235,11 @@ We have a number of mitigations against this attack:

When the issuer detects a site is attacking its token supply, it can fail redemption (before the token is revealed) based on the referring origin, and prevent browsers from spending tokens there.

### Issuer Exhaustion

Given a cap on the issuers usable per top-level origin, there might be a race between third-party scripts to call `hasPrivateToken(issuer)` to ensure their preferred issuer is available.
The top-level document can control this process by calling `hasPrivateToken(issuer)` for its preferred issuers before any other scripts are loaded.
This would ensure the availability of the desired issuers and prevent a race to determine availability.

### Double-Spend Prevention

Expand Down
9 changes: 9 additions & 0 deletions spec.bs
Original file line number Diff line number Diff line change
Expand Up @@ -1132,6 +1132,15 @@ operations. In the context of a given origin, two redemptions are allowed initia
the third redemption is only allowed once more than an [=implementation-defined=] amount of time,
usually 48 hours, have elapsed since the first redemption.

Preventing Issuer Exhaustion {#issuer-exhaustion}
-----------------------------------------------
Competing scripts might race to call <code>hasPrivateToken(issuer)</code> to ensure their |issuer|
enters the [=issuerAssociations=] [=map=] before the |issuer| of others given a limit of two per
[=environment/top-level origin=]. To control this process, the [=environment/top-level origin=]
could call <code>hasPrivateToken(issuer)</code> up to twice before any other JavaScript is included
to ensure their preferred |issuer|s are available.


Preventing Double Spending {#preventing-double-spend}
-----------------------------------------------------

Expand Down

0 comments on commit 3530525

Please sign in to comment.