fix: check ip of archiver against archiver map node maintains #296
Conversation
PR Reviewer Guide 🔍
|
src/shardus/index.ts
Outdated
| console.log('FOR DEBUG PURPOSES: our IP', Self.ip) | ||
| console.log('FOR DEBUG PURPOSES: archiverIP', archiverIP) |
There was a problem hiding this comment.
These don't need to make it into dev
| const isValidSig = this.crypto.verify(archiverCreds, archiverCreds.publicKey) | ||
| if (!isValidSig) { | ||
| this.mainLogger.error(`❌ Invalid Signature from Archiver @ ${archiverIP}`) | ||
| this.mainLogger.error(`❌ Invalid Signature from Archiver`) | ||
| socket.disconnect() | ||
| return | ||
| } |
There was a problem hiding this comment.
Crypto.verify is expensive so move this to be the last check. Also use the public key from the archiver map, not the public key included in the socket data. Either use the public key from Archivers map directly, or make sure the public key included in the request matches the one for that specific archiver in the Archivers map
There was a problem hiding this comment.
just to confirm is this what you are asking for @mssabr01 ?
- get public key from data
- get matching archiver from Archivers.recipients with key from data (fail if no matching archiver)
- get key from recipient
- validate signature using recipient pubkey instead of pubkey from data
There was a problem hiding this comment.
it is mapped by public key
const recipient = Archivers.recipients.get(archiverCreds.publicKey)
https://github.com/shardeum/shardus-core/blob/dev/src/p2p/Archivers.ts#L47-L50
No description provided.