rfc icon indicating copy to clipboard operation
rfc copied to clipboard
verified publisher icon vacp2p

14/WAKU2-MESSAGE: Lack of integrity for `contentTopic` and `timestamp` in waku messages

Open staheri14 opened this issue 4 years ago • 1 comments

Problem

The problem is that currently there is no method to ensure the integrity of the contentTopic and timestamp fields of waku messages. As such, an adversarial node can tamper with these fields without being caught. This can be exploited for censorship, e.g., the attacker can make the message unavailable by changing its timestamp to a time in the past. Similarly, the adversary may amend the contentTopic and make it unreachable to the intended peers. The adversarial peer can be a relay node or a store node.

Acceptance Criteria

  • Investigate the potential attacks related to this issue
  • To sketch out potential solutions

staheri14 avatar Aug 06 '21 21:08 staheri14

FYI: @oskarth, @jm-clius

staheri14 avatar Aug 06 '21 21:08 staheri14

Issue moved here

jimstir avatar Jun 13 '24 19:06 jimstir