ICRC-25: Specify verification of rejected calls, addresses sec finding F05

dfinity / wg-identity-authentication

Repository of the Identity and Wallet Standards Working Group

https://wiki.internetcomputer.org/wiki/Identity_%26_Authentication

Apache License 2.0

27 stars 8 forks source link

ICRC-25: Specify verification of rejected calls, addresses sec finding F05 #64

Closed frederikrothenberger closed 9 months ago

frederikrothenberger commented 9 months ago

This PR expands the relying party verification of responses received from the signer to also cover rejected and done canister calls. This addresses security finding F05.