pull down to refresh

3 sats \ 6 replies \ @TeeVee OP 25 May \ parent \ on: deleted by author bitcoin lightning

deleted by author

write
compose
105 sats \ 5 replies \ @optimism 25 May

Okay. Are you aware that your backend is harvesting counterparty pubkeys, over an authenticated connection that leaks a spark address identifier on every payment (before the transaction is even executed)?

Or, without getting into the code: did you know your app introduces full surveillance of sender->recipient relations?

reply
3 sats \ 4 replies \ @TeeVee OP 25 May

deleted by author

reply
224 sats \ 3 replies \ @optimism 25 May
If you have a better design in mind please share

Sync a list of merchants to the app, do the comparison locally.

reply
72 sats \ 2 replies \ @TeeVee OP 25 May

deleted by author

reply
105 sats \ 1 reply \ @optimism 25 May

Ideally: to not reverse dox your merchants, hash the list entries.

The log message back, its a bit broad. Ideally its a zero knowledge proof and a clear amount, but that's hard and not mature yet. For now, I'd just make sure that its encrypted and strip any data that you don't need. (After all, everything you don't know is something you're not liable for and cannot get subpoenaed for.)

That's something that ultimately you just want to disclose in docs / faqs. Just be precise about what you keep and why. This is the business in the end.

reply
72 sats \ 0 replies \ @TeeVee OP 28 May

deleted by author