You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Currently, an unsigned init event with data will be successfully store and validate. This should be rejected as MID and Model stream types require init events with data are signed. We actually have a test for one of these explicitly, as it was found in the wild (see #404), but it must have been created at a strange time as it would no longer be accepted by js-ceramic.
Technical Information
The event builder should prevent creating these types of events, but the HTTP/recon APIs are currently less strict.
Not entirely sure where this should live, we could enforce it in decode_car, or in the initial (signature/history) validation logic, or in the pipeline (schema validation).
The text was updated successfully, but these errors were encountered:
Description
Currently, an unsigned init event with data will be successfully store and validate. This should be rejected as MID and Model stream types require init events with data are signed. We actually have a test for one of these explicitly, as it was found in the wild (see #404), but it must have been created at a strange time as it would no longer be accepted by js-ceramic.
Technical Information
The event builder should prevent creating these types of events, but the HTTP/recon APIs are currently less strict.
Not entirely sure where this should live, we could enforce it in
decode_car, or in the initial (signature/history) validation logic, or in the pipeline (schema validation).The text was updated successfully, but these errors were encountered: