Malicious user can change message ordering by re-using signed contents of messages (orbitdb key not the same as Quiet content signing key)

[holmesworcester]

This is related to #1927

[leblowl]

The OrbitDB signing key needs to be tied to the identity of a user and checked because the OrbitDB signing key attests to the ordering of the DAG. The OrbitDB signing key and the message signing key need to be tied together or unified. If they mismatch, that indicates an issue. Currently, for messages, we simply sort by user-provided timestamp, so the order of the DAG matters less, but for other stores (e.g. CSRs) it's quite important.

[holmesworcester]

What's the impact for CSRs?

[leblowl]

The order of CSRs and every other store besides messages is based on the DAG. So community metadata that references a prior community metadata payload supersedes that referenced payload. The ordering is what enables community metadata to change. CSRs that reference other CSRs are more current than those referenced CSRs. It's also what allows someone to change their name or have precedence if they submitted a CSR before someone else.

[leblowl]

The DAG also helps prevent replay attacks. That applies to all stores and can be prevented by verifying that the OrbitDB entry itself is signed by who we think created the entry.