Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Make Hashable not use protobuffs? #330

Closed
taoeffect opened this issue Nov 20, 2017 · 1 comment
Closed

Make Hashable not use protobuffs? #330

taoeffect opened this issue Nov 20, 2017 · 1 comment
Assignees
@taoeffect
Labels
App:Backend App:Frontend Kind:Core Anything that changes or affects the fundamental core data structures & design of the application. Kind:Enhancement Improvements, new features, performance upgrades, etc. Level:Advanced Note:Question Note:Research Priority:High

Comments

@taoeffect
Copy link
Member

taoeffect commented Nov 20, 2017
edited
Loading

Problem

Our current solution for dealing with potential JSON hash inconsistency is to use protobuffs that clearly define the order of keys. However, it might not be necessary to do that.

Solution

If we just store in the database the first version of the JSON string that was created, and only use that string from then on, then we don't need to use protobuffs at all because the ordering of keys is set in stone from that point on.

Getting rid of protobuffs would mean:

  • A simpler codebase
  • A simpler backend (no need to have a table with columns for "version", "parentHash", etc just a pure key/value store)
  • A smaller bundle size
  • Smaller attack surface
  • Can make entries based entirely on SBP calls, which makes for nice integration with Transactions + SBP #320
  • Might be able to have a single events.js file instead of two
  • (?) While we're at it, should also get rid of confusing classes like export class Action extends Hashable and export class Attribute extends Hashable etc

To do this we would need to send the JSON directly as a string. I.e., instead of:

.send({hash: entry.toHash(), entry: entry.toObject()})

Do:

// .JSON never re-calculates JSON again
.send({hash: entry.hash(), json: entry.JSON()})

One of the downsides to try and mitigate is that currently we get runtime validation of the data that's being sent, and it's clear from the shared/events.js file what (a) the events are, (b) what data they expect.

That clarity should be preserved when closing this issue, perhaps via a JSON validator like ajv.

Potential issues?

Implementing this would mean that the hash can no longer be used to verify the integrity of JS objects. Instead, a JS object is considered "verified" if all of these are true:

  • The JSON hashes to the hash
  • JSON.parse parsed the JSON
  • And the resulting object passes validation by the JSON schema validator

EDIT: Since the signature is detached from the JSON itself, double-check that there are no issues if the parts of the JSON that are outside of that signed part are modified!

For example, is there any issue with replay attacks?

EDIT 2: Should be able to get rid of all the classes and just have it be version-specific selector + data
@taoeffect taoeffect added App:Backend App:Frontend Kind:Core Anything that changes or affects the fundamental core data structures & design of the application. Kind:Enhancement Improvements, new features, performance upgrades, etc. Level:Advanced Note:Question Note:Research labels Nov 20, 2017
@taoeffect taoeffect self-assigned this Nov 20, 2017
@taoeffect taoeffect mentioned this issue May 17, 2018
Closed
3 tasks
@taoeffect
Copy link
Member Author

Closed by #431.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@taoeffect taoeffect

Labels
App:Backend App:Frontend Kind:Core Anything that changes or affects the fundamental core data structures & design of the application. Kind:Enhancement Improvements, new features, performance upgrades, etc. Level:Advanced Note:Question Note:Research Priority:High
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@taoeffect