light-client icon indicating copy to clipboard operation
light-client copied to clipboard

Published 20 hours ago verified publisher icon raiden-network

Signer recovery deeply hidden

Open christianbrb opened this issue 4 years ago • 2 comments

Description

The signer recovery of a message is very crucial for the protocol, for example the secret should be only revealed to the receiver of a transfer, and this check is done in (src/transfers/epics/secret.ts:74). However, the address is set from the matrix meta data and only verified against the signature in the function parseMessage. This works, but I do think it would be safer for future source code change to:

  • Set the address from the signature recovery and validate the room meta data
  • Have the validation more prominent, like in a function called validateSender or similar, instead of hidden in parseMessage

Copied from the team repo

Acceptance criteria

Tasks

  • [ ]

Why do this?

Would allow the user to easily download their subkey and use it wherever they want (e.g. MetaMask) and not have it locked in the client.

christianbrb avatar Aug 10 '20 11:08 christianbrb

We could rename parseMessage to something like parseAndVerifyMessage, to make it more obvious. It doesn't make a difference to set the address from the signature recovery, since this function explicitly validate this address is the same than the matrix's peer one, but we can make it more readable.

andrevmatos avatar Aug 10 '20 11:08 andrevmatos

@andrevmatos to include in a separate tech debt issue and close this one.

taleldayekh avatar Mar 30 '22 15:03 taleldayekh