Content pfp
Content
@
0 reply
0 recast
0 reaction

Stephan pfp
Stephan
@stephancill
Something that concerns me about the fc signer architecture is how it increases the attack surface area for your account the more apps you allow to sign on your behalf This limits the propensity for users to try new apps especially if they have a large audience Solutions: portable signers? Permissions? Sessions?
14 replies
7 recasts
55 reactions

ccarella pfp
ccarella
@ccarella.eth
Can they be revoked, ie oAuth?
1 reply
0 recast
1 reaction

Stephan pfp
Stephan
@stephancill
Yes they can but if you look at large twitter accounts getting hacked, by the time the account is recovered the damage is already done so I’m afraid revoking retroactively is not good enough
1 reply
0 recast
2 reactions

ccarella pfp
ccarella
@ccarella.eth
Yea totally. I just found that setting in Warpcast and I am connected to a lot of accounts that I forgot about.
1 reply
0 recast
1 reaction

Stephan pfp
Stephan
@stephancill
Be careful when deleting, it also revokes the messages signed by the signer
1 reply
0 recast
0 reaction

pugson pfp
pugson
@pugson
wtf 😳
0 reply
0 recast
0 reaction