-
Notifications
You must be signed in to change notification settings - Fork 7
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
fix: check ip of archiver against archiver map node maintains #296
base: dev
Are you sure you want to change the base?
Conversation
PR Reviewer Guide 🔍
|
src/shardus/index.ts
Outdated
console.log('FOR DEBUG PURPOSES: our IP', Self.ip) | ||
console.log('FOR DEBUG PURPOSES: archiverIP', archiverIP) |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
These don't need to make it into dev
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
yeah for sure
const isValidSig = this.crypto.verify(archiverCreds, archiverCreds.publicKey) | ||
if (!isValidSig) { | ||
this.mainLogger.error(`❌ Invalid Signature from Archiver @ ${archiverIP}`) | ||
this.mainLogger.error(`❌ Invalid Signature from Archiver`) | ||
socket.disconnect() | ||
return | ||
} |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Crypto.verify is expensive so move this to be the last check. Also use the public key from the archiver map, not the public key included in the socket data. Either use the public key from Archivers
map directly, or make sure the public key included in the request matches the one for that specific archiver in the Archivers
map
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
just to confirm is this what you are asking for @mssabr01 ?
- get public key from data
- get matching archiver from Archivers.recipients with key from data (fail if no matching archiver)
- get key from recipient
- validate signature using recipient pubkey instead of pubkey from data
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
it is mapped by public key
const recipient = Archivers.recipients.get(archiverCreds.publicKey)
https://github.com/shardeum/shardus-core/blob/dev/src/p2p/Archivers.ts#L47-L50
No description provided.