ssbc / ssb-meta-feeds-spec

Design doc for subfeeds in SSB
11 stars 1 forks source link

sign metafeed/announce message #27

Closed cryptix closed 3 years ago

cryptix commented 3 years ago

currently type:metafeed/announce is not signed by the metafeed

cryptix commented 3 years ago

How about this?

const ssbKeys = require('ssb-keys')
const ssbUri = require('ssb-uri2')

// make two keypairs for the two feeds
const keyMeta = ssbKeys.generate()
const keyMain = ssbKeys.generate()

// convert the metafeed keypair into an URI
const metaUri = ssbUri.compose({
  type: 'feed', format: 'bendybutt-v1',
  data: keyMeta.public.replace('.ed25519','')
})

// craft the announce message
const announce = {
  type: 'metafeed/announce',
  metafeed: metaUri,
  tangles: {
    metafeed: {
      root: null,
      previous: null
    }
  }
}

// sign the announce message
const signedAnnounce = ssbKeys.signObj(keyMeta, announce)
console.log("signed content")
console.log(signedAnnounce)

// to verify we need to plug the data from the metafeed uri
let metafeedParts = ssbUri.decompose(signedAnnounce.metafeed)
let pubKey = metafeedParts.data + '.ed25519'
const ok = ssbKeys.verifyObj(pubKey, signedAnnounce)
console.log(`verified? ${ok}`)

// now we would db.publich(signedAnnounce)
// which would properly create a ssb message and sign it with keyMain
const signedMessage = ssbKeys.signObj(keyMain, {
  author: keyMain.id,
  sequence: 42,
  content: signedAnnounce
})
console.log("signed message")
console.log(signedMessage)
signed content
{
  type: 'metafeed/announce',
  metafeed: 'ssb:feed/bendybutt-v1/xShZwxnJ3NHOSxyfLOkRXPOJ6yvjmGICHmLI5wsdve8=',
  tangles: { metafeed: { root: null, previous: null } },
  signature: '4L/pkSxP6e4km2MwjgC1dGXMTNIiyDN3Y+bRTlHLIQralWgDttb1jtl02jlVTCbK3d6gHDWw3CQNicpmr7ATAA==.sig.ed25519'
}
verified? true
signed message
{
  author: '@e57mRlF81l8MgakYShgdykeeibrzejbOjhdiT182R9o=.ed25519',
  sequence: 42,
  content: {
    type: 'metafeed/announce',
    metafeed: 'ssb:feed/bendybutt-v1/xShZwxnJ3NHOSxyfLOkRXPOJ6yvjmGICHmLI5wsdve8=',
    tangles: { metafeed: [Object] },
    signature: '4L/pkSxP6e4km2MwjgC1dGXMTNIiyDN3Y+bRTlHLIQralWgDttb1jtl02jlVTCbK3d6gHDWw3CQNicpmr7ATAA==.sig.ed25519'
  },
  signature: '+ixGcWkdUT8w5aduPS70b0qjPelssJK1NOtYsT1OcbppBaRzbiSHiWmHYS6h9L9EF+BJRUw2RYp02bhgmWMOCw==.sig.ed25519'
}

This is basically what https://github.com/ssbc/ssb-peer-invites did to proof control over the guest keypair.

cc @staltz @arj03

staltz commented 3 years ago

Sure that works, in my opinion. @arj03 I can make a PR to ssb-meta-feeds if you concur.

arj03 commented 3 years ago

Looks good, much easier to understand from the example code :)

staltz commented 3 years ago

Oh and I can also patch the spec too.

cryptix commented 3 years ago

Sorry but I just realized this is insufficient.

We need to add the main/subfeed and check that that equals the (outer) author of the message to protect against replays on other feeds.

staltz commented 3 years ago

Suggestions for the field name? content.subfeed? content.main?

arj03 commented 3 years ago

Ah yes, nice spotting

arj03 commented 3 years ago

My vote is for main, but not super tied to that decision

staltz commented 3 years ago

It's nice if it were always the same everywhere, i.e. content.metafeed and content.subfeed on bendy butt messages and also content.metafeed and content.subfeed on main feed messages. Principle of least WTFs.

cryptix commented 3 years ago

My vote is for main

I must say that main is really not a good term when looking forward to a world with multiple apps and content feeds. :-X

I vote for subfeed for consistency, too.

arj03 commented 3 years ago

subfeed it is then :)

staltz commented 3 years ago

Implemented in JS https://github.com/ssb-ngi-pointer/ssb-meta-feeds/pull/46