Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

prevents incorrect session encryption from halting process #5483

Merged
merged 1 commit into from
Oct 3, 2024
Merged

prevents incorrect session encryption from halting process #5483

merged 1 commit into from
Oct 3, 2024

Conversation

hughy
Copy link
Contributor

@hughy hughy commented Oct 3, 2024

Summary

if a client submits data to the broker server encrypted with the wrong passphrase and key then all other clients will now skip that data

adds a 'challenge' to the session which is a string encrypted with the session passphrase and key

if a client fails to decrypt the challenge then the client throws an error

decrypts message data only when necessary

Closes IFL-3028

Testing Plan

manual testing:

  • ran dkg with two participants while a third client submitted bad data to the server
  • tried to connect with incorrect passphrase and failed decryption challenge

Documentation

Does this change require any updates to the Iron Fish Docs (ex. the RPC API
Reference)? If yes, link a
related documentation pull request for the website.

[ ] Yes

Breaking Change

Is this a breaking change? If yes, add notes below on why this is breaking and label it with breaking-change-rpc or breaking-change-sdk.

[ ] Yes

@hughy hughy requested a review from a team as a code owner October 3, 2024 22:59
@hughy
prevents incorrect session encryption from halting process
a7279a9 
if a client submits data to the broker server encrypted with the wrong
passphrase and key then all other clients will now skip that data

adds a 'challenge' to the session which is a string encrypted with the session
passphrase and key

if a client fails to decrypt the challenge then the client throws an error

decrypts message data only when necessary
@hughy hughy force-pushed the feat/hughy/session-decryption branch from a94c736 to a7279a9 Compare October 3, 2024 23:02
@hughy hughy merged commit 5aa6159 into staging Oct 3, 2024
9 checks passed
@hughy hughy deleted the feat/hughy/session-decryption branch October 3, 2024 23:31
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@mat-if mat-if mat-if approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@hughy @mat-if