|
|
|
|
|
|
by sour-taste
1637 days ago
|
|
|
I'm not associated with this project in any way, but your comment got me curious. It seems that since each message is signed with the private key even if you were able to perform an extension attack (which I agree it seems like you would be able to) you wouldn't be able to sign the message so it should be rejected by the relay. The signature is based on the message ID, which itself is the SHA256 of the rest of the message so by doing an extension you necessarily change the SHA256, which should invalidate the signature. But I'm an idiot so who knows. |
|
|