auth icon indicating copy to clipboard operation
auth copied to clipboard

Decentralized authentication and authorization for team collaboration, using a secure chain of cryptological signatures. (Formerly known as 🌮 Taco.)

Results 32 auth issues
Sort by recently updated
recently updated
newest added

Commented-out validator from `auth\validate.ts` : ```ts signatureKeyIsCorrect: (...args) => { const [prevState, link] = args const action = link.body const { type } = action // at root link, team...

In servers.test.ts there are a bunch of tests demonstrating what a server can and cannot do, but it seems like those permissions are enforced by a combination of two things:...

It's possible that I can currently join a team with an existing user's id and then impersonate them. Need to test this to be sure. A "softer" attack would be...

In crdx Store.dispatch, the you don't have to provide a graph key every time; if no key is provided, we use the same key that was used for the previous...

An invitation can fail to validate in several ways. Currently we have: - The invitation has been revoked - The invitation cannot be used again - The invitation has expired...

In Auth.Connection we ensure that messages are delivered in the correct order. But if we missed an earlier message, we'll just hang and will never throw an informative error (this...

In the `bySeniority` sort function, we just check if `a` is a predecessor of `b` and if not, we assume that `b` is a predecessor of `a`. But they could...

In certain situations we need to know the dependency structure of a graph in order to decrypt it properly. We currently solve that by passing around a ParentMap or ChildMap...

If we wanted to restrict a sync server's read access to application data (as opposed to the team membership data), we would currently have to create a new role that...

The top-level await `await sodium.ready` in @localfirst/crypto prevents this library from being bundled into cjs (even when dynamically imported) and thereby prevents it from being used in tools such as...