Ninjastic
PostEdited versionsQuotes to this post
Post
Topic
Board Gambling
Re: 🌟🎲🌟 MoneyPot.com
by
alexbilodeau
on 01/12/2016, 04:19:56 UTC
Quote from: Dexon on October 26, 2016, 07:11:15 AM
Quote from: 3x1t on October 26, 2016, 06:19:52 AM
But the app owner can't really control the userfunds like he controls his own funds in his dashboard right ?
The only way he could "control" it is by tipping it to himself or whereever with some malicious code or stealing the token/cookie and gain access to his account, or am I missing something there ?

Yes. Just with the tipping and using the users token https://www.moneypot.com/api-docs#v1-auth-tip-another-user

But the players should be aware of it.
https://i.gyazo.com/26b98342dafd0f3a6dc7dfe6187a04ec.png

I just read this post, I still don't  understand how the app owner can get the user token without malicious code!