zach-planet-nine
commented
1 month ago I still think that the messages to verify shouldn't be created dynamically by the server as it causes the verification process to fail when user sent a message with slightly different format that is still an acceptable JSON. For example user can sign the following message:
{ "pubKey": "xxx", "enteredText": "Foo", "timestamp": "xxx" }which is still acceptable form by the design, but the server will check for:
{{"pubKey":"xxx","enteredText":"Foo","timestamp":"xxx"}}This results in an error as the message was "altered" by the server.
Other than that I have nothing more to add.
I don't disagree entirely, but that part is left to the implementer, and not a part of the protocol. My motivation for having the message be constructed on the backend from the payload rather than sent by the client is threefold:
1) It makes it so that the backend doesn't have to verify that the data in the message matches what is sent in the payload. If for example a client sent a message like giveme10points, but sends a payload like:
{giveme: 500}what does that mismatch mean?
2) A server might handle requests from different transports, and weird reconstruction might be necessary, so seemed reasonable to just assume it from the start
3) Something just feels weird about having that info exposed in the request. I know it's not any more secure, but feels right not to send it already constructed.
I do think though that the use of JSON for the messages in the first place is confusing everything. Kal and I updated Continuebee to be just concatenated strings for the message so as to avoid JSON's different stringification across different languages. I wouldn't be opposed to changing all the examples to using that for messages instead, but there are bigger things for right now.
Adds a Python server with flask, and updates the clis (python still only does blue).