Appointments should only be returned to authorised users
A good start:
The signed message should be a current block number, and we only accept it if the provided number is within 5 blocks of the current one. This stops requests from be replayed later if they are intercepted - although we should start using https soon as well.
Appointments should only be returned to authorised users
A good start:
The signed message should be a current block number, and we only accept it if the provided number is within 5 blocks of the current one. This stops requests from be replayed later if they are intercepted - although we should start using https soon as well.