From c2417423596c5be5c0256166ca8a71fd462ebbb1 Mon Sep 17 00:00:00 2001 From: dmc Date: Tue, 11 Jun 2024 14:57:12 +0200 Subject: [PATCH] verify discoveryKey --- subsystems/sidecar/index.js | 9 ++++----- 1 file changed, 4 insertions(+), 5 deletions(-) diff --git a/subsystems/sidecar/index.js b/subsystems/sidecar/index.js index 67dbbb10d..4a6612d6a 100644 --- a/subsystems/sidecar/index.js +++ b/subsystems/sidecar/index.js @@ -728,11 +728,10 @@ class Sidecar extends ReadyResource { if (trusted.apps.has(state.key.z32) === false) { const author = await appBundle.db.get('author') - let authorTrusted = author !== null && await trusted.identities.get(author.publicKey) - if (authorTrusted) { - const data = '' // TODO: need correct data to verify from hypercore/hypercore - authorTrusted = await crypto.verify(data, author.attestation, author.publicKey) - } + const authorTrusted = author !== null && + await trusted.identities.get(author.publicKey) && + await crypto.verify(drive.discoveryKey, author.attestation, author.publicKey) + if (authorTrusted === false) { const err = ERR_PERMISSION_REQUIRED('Permission required to run key') err.key = state.key