After discussing this with notmyname, UUID are not particularly secret and could be stolen and used to detect the lack of swift usage for a particular account... Though this does not sound very valuable for an attacker.
I still suggest a C1 type of bug and propose we open it by next week if no objections.
After discussing this with notmyname, UUID are not particularly secret and could be stolen and used to detect the lack of swift usage for a particular account... Though this does not sound very valuable for an attacker.
I still suggest a C1 type of bug and propose we open it by next week if no objections.