amark / gun

An open source cybersecurity protocol for syncing decentralized graph data.
https://gun.eco/docs
Other
18.14k stars 1.17k forks source link

Any user can overwrite any authenticated user graph object's subkey values #1178

Closed draeder closed 2 years ago

draeder commented 2 years ago

I and other users have been struggling with and debating this issue on the chat for some time. There does not appear to be an obvious or tenable solution to this dilemma.

To me, it would seem that any data written by an authenticated user to their own graph, including any object subkey values should be immutable to all but the original author.

An authenticated user puts an object to his graph:

    let data = { myData: 'some cool data others should not be able to mutate' }

    gun.user(ack.soul).put(data)

This returns as expected:

    gun.get('~'+ack.soul).get('myData').once(data => {
      console.log(data)
    })

However, a non-authenticated user can overwrite the object keys' data:

    gun.get('~'+ack.soul).get('myData').put(null)

This will then return null:

    gun.get('~'+ack.soul).get('myData').once(data => {
      console.log(data) // null
    })

And so will this:

    gun.user(ack.soul).get('myData').once(data => {
      console.log(data) // null
    })
draeder commented 2 years ago

I think I found my answer in content addressing. I was so focused on the immutable links portion that I completely overlooked that I could do this:

  gun.on('auth', async ack => {
    console.log('Authenticated')

    let data = JSON.stringify({hello: "world"})
    let hash = await SEA.work(data, null, null, {name: "SHA-256"})

    gun.user(ack.soul).get('#').get(hash).put(data)

    gun.user(ack.soul).get('#').get(hash).once(console.log)

    let badGuy = await gun.get('~'+ack.soul).get('#').get(hash).put("hi")
    console.log('badGuy', badGuy)

    let afterBadGuy = await gun.get('~'+ack.soul).get('#').get(hash)
    console.log('afterBadGuy', afterBadGuy)

  })