Conversation
adecaro
force-pushed
the
1205-double-check-marshaltomessagetosign-and-the-way-the-message-is-formed
branch
from
6dc41e0 to
487aee3
Compare
Signed-off-by: Angelo De Caro <[email protected]>
- faster marshaller - regression Signed-off-by: Angelo De Caro <[email protected]>
adecaro
force-pushed
the
1205-double-check-marshaltomessagetosign-and-the-way-the-message-is-formed
branch
from
487aee3 to
71ee2f3
Compare
AkramBitar
approved these changes
Apr 21, 2026
|
|
||
| 2. **Signature Message Construction**: | ||
| - **V1 (Legacy)**: `SignatureMessage = ASN.1(TokenRequest) || Anchor` | ||
| - **V2 (Recommended)**: Uses structured ASN.1 with separate Request and Anchor fields |
Contributor
There was a problem hiding this comment.
Is there a scenario that we will have both of them?
What happens during upgrade/crash recovery?
Why we need to support both of them?
Contributor
Author
There was a problem hiding this comment.
Hi @AkramBitar , here are the answers:
- In a scenario where you have already a running network, you still need a way to replay old transactions if necessary.
- The system will treat each component following the version specification
- For legacy reasons. Actually, it is first time that we do this. It also shows that the system can be upgraded and the regression tests show that token-sdk can still validate requests generated with an old version of the protoocol.
adecaro
deleted the
1205-double-check-marshaltomessagetosign-and-the-way-the-message-is-formed
branch
sid200727
pushed a commit
to sid200727/fabric-token-sdk
that referenced
this pull request
Apr 24, 2026
…ger-labs#1563) Signed-off-by: Angelo De Caro <[email protected]> Signed-off-by: Siddhi Khandelwal <[email protected]>
sid200727
pushed a commit
to sid200727/fabric-token-sdk
that referenced
this pull request
Apr 24, 2026
…ger-labs#1563) Signed-off-by: Angelo De Caro <[email protected]> Signed-off-by: Siddhi Khandelwal <[email protected]>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
This PR introduces ProtocolV2 to address security vulnerabilities in
MarshalToMessageToSignwhile maintaining backward compatibility with ProtocolV1 and ensuring all regression tests pass.Security Issues Addressed
Design Decisions
Protocol Version Strategy