PrismLauncher icon indicating copy to clipboard operation
PrismLauncher copied to clipboard

Published 20 hours ago verified publisher icon PrismLauncher

Option to be independent from a central meta server

Open yukiisbored opened this issue 1 year ago • 1 comments

Role

Setting up Minecraft instances to be ready to play

Suggestion

Generate required metadata to download libraries/artifacts independent from a central meta server

Benefit

Allow users to be resilient towards central supply chain attacks

This suggestion is unique

  • [X] I have searched the issue tracker and did not find an issue describing my suggestion, especially not one that has been rejected.

You may use the editor below to elaborate further.

One of the main concerns that came to light with the recent debacle is a rogue party being able to take control over the central metadata server which allows them to inject malicious code onto users.

For context, the metadata server is a static web server hosted on GitHub pages which contains JSON files generated from a series of Python scripts. The JSON files which are served allow PrismLauncher to know what versions of various Minecraft, mod loaders, libraries are available along with additional required metadata such as the URL to download the artifact.

With control, a malicious actor can easily change these files to direct PrismLauncher to use a malicious JAR file which will be executed by the user as they launch the game.

At a glance, these Python scripts queries data from first-party sources (Mojang's Artifact server, Fabric and QulitMC maven server, Forge files server, etc) and transforms them into a set of JSON files that can be read by the launcher.

With this in mind, I think it's important for PrismLauncher to prevent this potential "exploit" happening in the future by allowing it to be dependent from a single central server.

From what I see there are two options:

  1. Generate metadata on the users local machine and allow PrismLauncher to query local JSON files.
  2. Change PrismLauncher to query first-party sources directly instead of relying on pre-transformed data.

Either way, this will be a huge undertaking but I think it's important in order to protect users from malicious actors.

yukiisbored avatar Oct 18 '22 19:10 yukiisbored

Generate metadata on the users local machine and allow PrismLauncher to query local JSON files.

May cause Prism to be blocked because of high usage

Maybe give each of the devs 1 server each, and allow users to switch between them through radio buttons or pick a custom one?

MenacingPerson avatar Oct 19 '22 16:10 MenacingPerson

The reason why meta was created is to be able to fix issues with other metadata servers remotely. For example, if someone changes their API. As we got a fairly slow release process it would be undesirable to implement unstable API clients in C++.

Scrumplex avatar Nov 27 '22 22:11 Scrumplex