I’d characterize this as an attack where a mint and a user can collude to entrap another user. In brief, a user can flag to the mint one of their secrets, and when this secret gets swapped or redeemed, a notification occurs. To mitigate this, the receiver of token(secret) should be able to re-blind. I think this should be pretty straightforward operation. Right now we can take the signature: _C transform to C. Any receiver of a token should be able to transform to C_ with an entirely new secret before presenting for redemption.
You could ask the mint to flag one of your proof secrets. If it gets redeemed, it could send a notification. Honestly, I find this a bit scary - pixie dust tokens - and it has got me thinking that anyone should be able to re-blind a proof before they redeem it./cc nostr:npub12rv5lskctqxxs2c8rf2zlzc7xx3qpvzs3w4etgemauy9thegr43sf485vg
Discussion
No replies yet.