You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
because of encointer/encointer-wallet-flutter#645
It could be beneficial if a user can provide a proofOfAttendance after registering as a newbie and get upgraded to reputable
(very similar to endorsement after registration)
It could also make sense to support de-registering in the same go.
The text was updated successfully, but these errors were encountered:
For the unregistering i see the following issue.
The reputation that is used to register is not recorded anywhere, just set to VerifiedLinked.
When we do an unregistering, we do not know which reputation to reset to VerifiedUnlinked. The straight forward solution would be that the participant provides this reputation in the unregister xt.
But then we get an attack vector:
Someone can register with an unliked reputation that is about to expire and then unregister providing a newer reputation that was already linked before, thus tricking reputation lifetime. Another possibility for an attacker would be to transfer unliked reputations through different communities.
I would argue that this threat is not severe and we can just accept it. But I would like to hear your opinions @brenzi and @clangenb before I implement it. What do you think?
a reputation refresh is not an attack vector. it's just fixing that one may have previously subscribed (and attended) as newbie without using their reputation. So we don't need to prevent a "refresh"
because of encointer/encointer-wallet-flutter#645
It could be beneficial if a user can provide a proofOfAttendance after registering as a newbie and get upgraded to
reputable
(very similar to endorsement after registration)
It could also make sense to support de-registering in the same go.
The text was updated successfully, but these errors were encountered: