Closed ryco117 closed 5 years ago
May not be necessary since IPFS nodes already sign all published messages, and will soon reject unverified messages by default. It won't be necessary to implement a signature scheme overtop, since IPFS will allow us to verify any message was sent by the IPFS node that's claimed to have authored it.
Ended up implemented in case there are instances where a public IPFS node distributes keys for private clients, thus requiring verification beyond trusting the IPFS signature.
IPFS routing will already sign all broadcast messages with it's IPFS peer-ID. However, since the account-name field is used to allow multiple different accounts to share an IPFS node, it makes sense to also sign the cipher text using the cert.key.sign keys. Furthermore, cipher text should be verified using the signature included in the message JSON.