The fixed order in which the fields of a message are parsed and verified does not work. This is also explained in the protocol guide.
It leads to invalid signatures (false negative) and changed hashes of messages. This means replying to other threads and posting of messages that JS clients can't respond to.
I wrote more about it and a saner approach to this problem on this thread on ssb: %M/qtHwvL1qgbQNZUowOnggGXAtgKuagjQMHGgreuETE=.sha256 (gateway viewer link)
Yeap, known about that for a long time now, and frankly, I don't give a shit. SSB needs to get it's act together and stop violating best practices for cryptographic message signing...
The fixed order in which the fields of a message are parsed and verified does not work. This is also explained in the protocol guide.
It leads to invalid signatures (false negative) and changed hashes of messages. This means replying to other threads and posting of messages that JS clients can't respond to.
I wrote more about it and a saner approach to this problem on this thread on ssb:
%M/qtHwvL1qgbQNZUowOnggGXAtgKuagjQMHGgreuETE=.sha256
(gateway viewer link)