where does feed / signature validation take place when calling feed.append()?
alexpmorris opened this issue · 2 comments
I recently did a test changing feed.secretKey after a few calls to feed.append(), then called feed.append() again. I expected the call to fail. However, it went through without a problem. If I manually called feed.verify() after that, only then did I receive a "Signature verification failed" error:
> await feed.verify(feed.length-1, feed._storage.signatures.toBuffer().slice(-64))
Uncaught Error: Signature verification failed
There was no replication or persistence with this test feed, so maybe that's part of the problem, as I don't expect it would be that easy to potentially corrupt a propagated feed.
But it also seems that by default, performing this sort of action using a key that doesn't match prior transactions should throw an error.
Appreciate any additional insight on this issue.
I believe I found the answer, so closing this ticket. It seems anyone can append(), but if the invalid feed is propagated to another node, it would reject the tampered feed in _verifyAndWrite() -> _verifyRootsAndWrite(), thus throwing the exception Remote signature could not be verified.
Glad you found an answer! For future reference, it might be good to post issues related to hypercore's internals to the hypercore repo