Hello everyone, I wonder whether the env.message.sender is legit and secure to be checked?
To return sensitive information based on a specific address only?
I see everywhere “secret passwords” / “viewing keys” are used in an input, if so, what is it’s purpose?
Or forking a chain and pretending to be any address is possible?
Another question, does transactions replay in a forked chain is possible?
If so, an attacker could probably replay all the txs and get to a state on a non-SGX (or tweaked) machine?