Whirlpool uses WebSocket for communication, which means that the client is connected to the server and all communication --except the output registration-- is done using the same connection. The communication consists of messages sent by the client to the server and notifications sent by the server to the client.
The server knows which WebSockets were used to register/confirm which inputs, and it is the server that notifies the client when to register the output. So, a malicious coordinator can notify the client in WebSocket A to register the output, wait for it, and then do the same for the client in WebSocket B, and so on.
Even if WebSockets were not used and a short pooling mechanism were used to get the status of the mix process, the server still provides a **mixId** identifier that the client has no way to verify and the coordinator could provide a different one for each client.
The latter problem is not critical because it is very easy to verify and by sure many users, tools and robots will be checking that everybody receives the same mixId. However, the former requires a protocol change.
nostr:nevent1qqsqqq9sewqh4t8y785azzy8hxk028hm6ygg4cj7kekwhh8pdru7f3gprpmhxue69uhkv6tvw3jhytnwdaehgu3wwa5kuef0qy88wumn8ghj7mn0wvhxcmmv9uq3uamnwvaz7tmwdaehgu3dwp6kytnhv4kxcmmjv3jhytnwv46z7s3nzlh
The server knows which WebSockets were used to register/confirm which inputs, and it is the server that notifies the client when to register the output. So, a malicious coordinator can notify the client in WebSocket A to register the output, wait for it, and then do the same for the client in WebSocket B, and so on.
Even if WebSockets were not used and a short pooling mechanism were used to get the status of the mix process, the server still provides a **mixId** identifier that the client has no way to verify and the coordinator could provide a different one for each client.
The latter problem is not critical because it is very easy to verify and by sure many users, tools and robots will be checking that everybody receives the same mixId. However, the former requires a protocol change.
nostr:nevent1qqsqqq9sewqh4t8y785azzy8hxk028hm6ygg4cj7kekwhh8pdru7f3gprpmhxue69uhkv6tvw3jhytnwdaehgu3wwa5kuef0qy88wumn8ghj7mn0wvhxcmmv9uq3uamnwvaz7tmwdaehgu3dwp6kytnhv4kxcmmjv3jhytnwv46z7s3nzlh