This page demonstrates a timing attack against an insecure string comparison function running in WebAssembly.
The attack will try to guess a 4-byte secret, character by character. Longer strings might not work well due to browser timing attack defenses.
Note: Browser security features may introduce timing jitter, making the attack less reliable on subsequent runs.