Difference between revisions of "Crypto API"
From MgmtWiki
(→Problems) |
(→Context) |
||
| Line 3: | Line 3: | ||
==Context== | ==Context== | ||
| − | + | * [https://www.w3.org/TR/WebCryptoAPI/#dfn-CryptoKey-extractable W3C web crypto API]. | |
* [https://www.coindesk.com/markets/2017/09/16/bitcoin-in-the-browser-google-apple-and-more-adopting-crypto-ready-api/ Bitcoin in the Browser: Google, Apple and More Adopting Crypto-Ready API] 2017-09-16 | * [https://www.coindesk.com/markets/2017/09/16/bitcoin-in-the-browser-google-apple-and-more-adopting-crypto-ready-api/ Bitcoin in the Browser: Google, Apple and More Adopting Crypto-Ready API] 2017-09-16 | ||
Latest revision as of 12:49, 10 March 2022
Full Title or Meme
The ability of any Progressive Web App to access cryptography engines on the device.
Context
- W3C web crypto API.
- Bitcoin in the Browser: Google, Apple and More Adopting Crypto-Ready API 2017-09-16
Problems
- Any web site can download a Progressive Web App for use whether or not the user chooses to "install" it and thereby pretend to be the user.
- If a wallet is installed by a web site, there is no way for another site to use it by sharing cookies as that has been blocked since 2022.
- There is no reason for the user or any other party to trust the app as it is not known who installed the app or why.
References
- Also see this wiki page PWA initiators for implementing in a Progressive Web App page.
