mortonjack
commented
1 month ago Upon further investigation I think this is just a poor explanation. The bottom of the README explains the signing mechanism in full.
Closed mortonjack closed 1 month ago
mortonjack
commented
1 month ago Upon further investigation I think this is just a poor explanation. The bottom of the README explains the signing mechanism in full.
Messages are not signed with a user's private key. Hence, messages such as
server_helloandpublic_chatcan be easily forged.We should modify this to ensure all messages of type
signed_dataare signed with the sender's private key in some way.