AZ Azerbaijan / AZN
MUPZA OperatorOwner accountMU
M
MUPZAOSRestaurant OS command
Access Abuse

Public receipt access abuse guard

Public receipt reads are protected with mock rate-limit, replay and bot-signal decisions. Blocked reads return no receipt payload and never touch POS, payment, receipt, provider-send or LAN authority.

Read abuse guardDecisions: 5Blocked: 3Mutation: false
QR coveredtrue
Website coveredtrue
Rate limittrue
Replay blocktrue
Bot signaltrue
Auditedtrue
No payload on blocktrue
No LAN blocktrue

Abuse decisions

qr_menuallowed_read
Masked ref: receipt_ref_masked_qr_001Reads: 3 / 12Audit: audit_receipt_abuse_qr_allowed_read_001

Normal QR receipt reads stay read-only and return receipt/status evidence without touching POS or printer state.

websiteallowed_read
Masked ref: receipt_ref_masked_web_001Reads: 2 / 12Audit: audit_receipt_abuse_website_allowed_read_001

Normal website receipt reads are allowed inside the local mock window and never trigger provider sends.

qr_menublocked_replay
Masked ref: receipt_ref_masked_qr_001Reads: 4 / 12Audit: audit_receipt_abuse_qr_replay_block_001

Repeated access reference inside the replay window is blocked and audited without changing receipt state.

websiteblocked_rate_limit
Masked ref: receipt_ref_masked_web_001Reads: 18 / 12Audit: audit_receipt_abuse_website_rate_limit_block_001

High-frequency website receipt reads are blocked at the public edge and cannot block LAN restaurant workflows.

websiteblocked_bot_signal
Masked ref: receipt_ref_masked_web_001Reads: 9 / 12Audit: audit_receipt_abuse_website_bot_signal_block_001

Bot-like access is blocked before receipt payload return; audit evidence keeps the decision visible.

Guard policy

Access link dependencytrue
Masked fingerprintstrue
Rate windowtrue
No provider sendtrue
No receipt mutationtrue