tfpauly
commented
2 years ago I think removing the origin name would change the work for the attester quite a lot, and it's not clear to me what the client would send for it's anonymous origin name.
Closed chris-wood closed 2 years ago
tfpauly
commented
2 years ago I think removing the origin name would change the work for the attester quite a lot, and it's not clear to me what the client would send for it's anonymous origin name.
chris-wood
commented
2 years ago The attester is unaffected by this change, unless I'm missing something? It computes the index just as before, but here the index is F(client secret, cross-origin secret) rather than F(client secret, per-origin secret). Everything else is the same. Clients could send a special anonymous origin name that's akin to an "empty" origin.
tfpauly
commented
2 years ago Got it, so we just need to define the value to use for an "empty" origin. Makes sense!
tfpauly
commented
2 years ago Do this with #187
It seems totally reasonable for one to use the rate-limited token type to place an upper bound on tokens minted across origins, so the per-origin requirement seems overly restrictive. Same goes for the interactive requirement, since that only has implications for the origin. In general, these should both be orthogonal to the type of token protocol.