I’m currently using monero addresses as the sole authentication method for a custodial service, similar to how mullvad VPN has a single account number to authenticate. My understanding is that these are unique, and impossible to guess. For a custodial service, this makes withdrawing user funds trivial as well.

Can anyone tell me why this is a bad idea?

  • Unkn8wn69@monero.town
    link
    fedilink
    arrow-up
    3
    ·
    1 year ago

    I don’t see a reason why it should be a monero address tied to it. Just make it a random string like mullvad does)