Hacker News new | ask | show | jobs
by jloveless 3219 days ago
It also has to match on the OriginID and AssetID has as well - the checksum is a final check on the actual payload (once decompressed).
1 comments
hedora 3219 days ago
Right, but if I modify your client to be malicious, I can spoof those two id's, right?
link
jloveless 3219 days ago
You can but our backplane won't know about you local modifications. When you're client informs the backplane (on a sync) it will see that those IDs and hashes we're registered and it will instruct you client to delete them.
link
jloveless 3219 days ago
E.g. modifications that happen in your local instances are checked against our backplane. If an asset hasn't been registered (and verified independently via our backplane) it won't be available for replication
link