RE: Hive Authentication Services - Developer guide - part 1

You are viewing a single comment's thread from:

RE: Hive Authentication Services - Developer guide - part 1

View the full context
View the direct parent

arcange (78)in HiveDevs • 2 years ago

Could You share some online publications about out-of-band data ?

Yes, more posts about it and how security is managed are coming... 😅

how does the HAS protocol prevent such an attack ?

That will be addressed in the coming posts too.
TLDR; auth_req sent by a malicious app to HAS will expire and be ignored if the user's PKSA is not running. If the PKSA is running, PKSA should ignore them if they did not retrieve a matching off-band auth_req_payload before.

2 years ago in HiveDevs by arcange (78)

$0.00

Sort:

Trending