Daniel Nadeau • almost 12 years ago
Ability to Tamper?
Okay so I've been looking through documentation, and it seems like the ValueRequestMessage's have the ability to be tampered with...
Ex. A value request message could be sent to a user, but before withdrawing and converting to a ValueMessage, the .setAmount() method could be called to modify the amount being given back to the actual payee.
So, in other words, would you be required to confirm on the payee side that the correct value has been paid? This could make things like paying for stuff at a retailer a much more complicated issue, as the retailer would have to receive confirmation of the requested valuation being returned.
Comments are closed.