Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

auth: user A should not read/know user B's order #288

Open
lispc opened this issue Aug 25, 2021 · 2 comments
Open

auth: user A should not read/know user B's order #288

lispc opened this issue Aug 25, 2021 · 2 comments
Labels
longterm

Comments

@lispc
Copy link
Member

lispc commented Aug 25, 2021

No description provided.

@lispc lispc added the longterm label Aug 25, 2021
@lispc lispc changed the title auth: user A should not read user B's order auth: user A should not read/know user B's order Aug 25, 2021
@noel2004
Copy link
Member

noel2004 commented Aug 26, 2021
edited
Loading

For data availability, anyone could be able to rebuild whole state from the data on chain so account balance and at least matched orders are always exposed.

Because account is somewhat expensive in L2 (so one could not change his account frequently ) I am afraid it is not too difficult to recognize who actually owning a specified account?

So for the most simple way, just use a collision-resistant order id may be enough to protect one's order from being read by other?

@lispc
Copy link
Member Author

lispc commented Aug 26, 2021

my main concern is not the traded orders. but the put-then-cancel orders.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
longterm
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@lispc @noel2004