fix(crypto): correct DeviceEntry publicKey validator length#178
Conversation
…ex chars Device keypairs are Ed25519 (32-byte public key = 64 hex chars), but the validator was checking for 130 chars (uncompressed secp256k1). This would reject real device keys on encrypt→decrypt round-trip. Also fixes test fixture and docs to match. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com> Entire-Checkpoint: 944ab984b10d
|
Warning Rate limit exceeded
⌛ How to resolve this issue?After the wait time has elapsed, a review can be triggered using the We recommend that you space out your commits to avoid hitting the rate limit. 🚦 How do rate limits work?CodeRabbit enforces hourly rate limits for each developer per organization. Our paid plans have higher rate limits than the trial, open-source and free plans. In all cases, we re-allow further reviews after a brief timeout. Please see our FAQ for further information. ✨ Finishing Touches🧪 Generate unit tests (beta)
Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out. Comment |
Summary
DeviceEntry.publicKeyvalidator checking for 130 hex chars (uncompressed secp256k1) instead of 64 hex chars (Ed25519 32-byte key)docs/METADATA_SCHEMAS.mdto document 64 hex charsContext
Device keypairs are Ed25519 (
generateDeviceKeypair()→ 32-byte public key → 64 hex chars), but the validator inschema.tswas checking for 130 chars (copy-pasted from secp256k1 uncompressed key validation). This would reject real device keys on encrypt→decrypt round-trip. Found by CodeRabbit on PR #175.Test plan
pnpm --filter @cipherbox/crypto test)🤖 Generated with Claude Code