Deleplace
commented
7 years ago Spy attack (guessing the chanID of some user and receiving her data) is supposed to be low since #108 : 62^11 combinations. Spam attack (guessing a qrKey of some user and sending data to her) is exactly equally low, because since #108 we have qrKey==chanID.
Let's say the detection for these supposedly unlikely events is not current priority.
This would let us take appropriate measures to mitigate the attack : invalidate current sessions, raise the complexity of the chanIDs ...