No validation for handle correspondence with DID, allowing malicious mentions

[lumi4x]

I am able to mention what seems to be "@bsky.app", but in practice direct to a malicious handle like so:

This is caused by richtext facets allowing any text to be marked as a mention (or URL in another case).

Example code:

func (p *FeedPost) Mention(handle, did string) *FeedPost {
    byteStart := len(p.record.Text)
    p.record.Text += "@" + handle
    p.record.Facets = append(p.record.Facets, &bsky.RichtextFacet{
        Features: []*bsky.RichtextFacet_Features_Elem{
            {
                RichtextFacet_Mention: &bsky.RichtextFacet_Mention{
                    LexiconTypeID: "app.bsky.richtext.facet#mention",
                    Did:           did,
                },
            },
        },
        Index: &bsky.RichtextFacet_ByteSlice{
            ByteStart: int64(byteStart),
            ByteEnd:   int64(len(p.record.Text)),
        },
    })

    return p
}

[bnewbold]

Yup! Thanks for the report.

As some context, the handle name in the mention and the DID in the facet are intentionally allowed to be mis-matched. The use-case for this is to have links (hyperlinks) continue to work if the account's handle is changed after the post is made.

Having a "new" post with a mismatch would mostly likely need to have been intentionally crafted to be misleading.

One possible mitigation for this would be to have the client detect the mismatch and re-write the post text, or display a warning. It is hard for clients to tell whether the change was intentionally misleading or due to a handle change.

A more likely mitigation is to scan new posts and indicate/label them as misleading if the handle doesn't match.