Describe the bug

After Hydra startup log warns about configuration key deprecation. There is no records in documentation reference (https://www.ory.sh/hydra/docs/reference/configuration/) about oidc.subject_identifiers.supported_types.

Reproducing the bug

Steps to reproduce the behavior:

Start Hydra Hydra v1.9.0-alpha.2 with oidc.subject_identifiers.enabled set to public

_Se

Just playing around with my miner tonight, I set burn_fee_cap = -2 and the miner stopped with a thread panic.

Process abort due to thread panic
   0: backtrace::backtrace::libunwind::trace
             at .cargo/registry/src/github.com-1285ae84e5963aae/backtrace-0.3.50/src/backtrace/libunwind.rs:95
      backtrace::backtrace::trace_unsynchronized
             at .cargo/registry/src/git

Is your feature request related to a problem? Please describe.

As observed during #261, users can accidentally set timeouts inconsistently. A concrete example is that one can set a User facing timeout lower than any backend timeout, such that requests may fail early.

Describe the solution you'd like

We should provide some sanity checking to prevent unintended timeout behavior.

Describe the bug

Currently, login requests will fail faster if the user does not exist as the hash does not have to be computed. This can leave to timing attacks where an attacker can guess if a user exists or not, which defeats account enumeration defenses.

Expected behavior

Every login request should take a similar amount of time regardless of whether the user exists or not. The

cc @jcnelson from this forum post.

There should be a setting added that allows the user to adjust the URL for the transaction broadcaster in regards to acquiring names. Should be fairly simple to implement unless it is tied within blockstack.js, in which case an issue would need to

Is your feature request related to a problem? Please describe.
This feature request is Android related. We would like to enable the WindowManagerFlags.Secure flag on every bit of our app, so that the app content gets hidden once the app enters the background (e.g. in Android task overview). This flag also prevents the user from taking screenshots. Adam Pedley once wrote a nice and short blog

Ideally dropins directory should be used to configure new features / external artifacts. We need to move the set of connectors that are shipped in the OOTB product from dropins to plugins directory.