I saw the video tutorial about the security level/ACL/CLP, but I still have some doubts.
Letâs suppose I have a web game where a user log in with his wallet and then pay some tokens (like BNB, ETH or some other tokens) to buy some tickets to play the games on the website. So he pays 1BNB and he gets 100 tickets. Now in my code I update the âticketsâ column for that user and set the value to â100â. But if the logged user see my code, he can easily call the same function I use to update the value, but passing 300 instead of 100 for example, and getting free ticket. How can I prevent that? If I disable read/write even for the current logged user, I suppose I canât update the value when he buys his tickets.
Thank you!