Closed arhamj closed 1 month ago
⏱️ Estimated effort to review: 2 🔵🔵⚪⚪⚪ |
🧪 No relevant tests |
🔒 No security concerns identified |
⚡ Key issues to review Logic Error The condition to check if the signer is the same as the sender might not work as intended if `NodeList.byPubKey.get(sign.owner)` returns `undefined`. This can happen if `sign.owner` is not in `NodeList.byPubKey`. It would be safer to ensure that the object exists before accessing its `id` property. |
The header and sender check in the Comms module has been updated to ensure that the signer and sender are the same. This fix addresses an issue where internal routes were being used by nodes not in the network.