It is the app developer’s responsibility to keep the SDK calls isolated from the network. It’s not the SDK’s responsibility, and it’ll be difficult for the SDK to ever fully protect from these attacks.
-
-
-
Not sure I understand what you mean here. Isn't the SDK always connect to a remotely hosted node? How would an app developer isolate the SDK from the network?
- Još 3 druga odgovora
Novi razgovor -
-
-
Yep, this was known and part of the threat model for the beta ("Some of the TYPICAL adversaries, and possibly others, can... Detect when the SDK sends/receives transactions"): https://github.com/zcash/zcash-android-wallet-sdk/blob/master/docs/ThreatModel.md#known-weaknesses … Thanks for verifying!
-
Ah I hadn't seen this. Thanks for sharing
Kraj razgovora
Novi razgovor -
-
-
Does
@ElectricCoinCo plan to do anything about these attacks? We have a mixnet over at@nymproject that your COO can report is sending timing-resistant packets!Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi
-
Čini se da učitavanje traje već neko vrijeme.
Twitter je možda preopterećen ili ima kratkotrajnih poteškoća u radu. Pokušajte ponovno ili potražite dodatne informacije u odjeljku Status Twittera.
An improved Android SDK, now with mainnet support