But the app owner can't really control the userfunds like he controls his own funds in his dashboard right ?
The only way he could "control" it is by tipping it to himself or whereever with some malicious code or stealing the token/cookie and gain access to his account, or am I missing something there ?
The only way he could "control" it is by tipping it to himself or whereever with some malicious code or stealing the token/cookie and gain access to his account, or am I missing something there ?
Yes. Just with the tipping and using the users token https://www.moneypot.com/api-docs#v1-auth-tip-another-user
But the players should be aware of it.
