Security fixes: swarm signature verification and error handling

This commit is contained in:
Clawd Deploy Bot
2026-01-30 16:50:49 +01:00
parent 495a037eb1
commit 50355b740a
21 changed files with 850 additions and 467 deletions
+34 -13
View File
@@ -2,12 +2,15 @@
* Swarm Announce Endpoint
*
* POST: Receive announcements from other nodes joining the swarm
*
* SECURITY: All requests must be cryptographically signed by the sender node.
*/
import { NextResponse } from 'next/server';
import { z } from 'zod';
import { upsertSwarmNode } from '@/lib/swarm/registry';
import { buildAnnouncement } from '@/lib/swarm/discovery';
import { verifySwarmRequest } from '@/lib/swarm/signature';
import type { SwarmNodeInfo } from '@/lib/swarm/types';
const announcementSchema = z.object({
@@ -21,7 +24,11 @@ const announcementSchema = z.object({
postCount: z.number().optional(),
capabilities: z.array(z.enum(['handles', 'gossip', 'relay', 'search', 'interactions'])).optional(),
timestamp: z.string().optional(),
signature: z.string().optional(),
});
// Schema including signature for verification
const signedAnnouncementSchema = announcementSchema.extend({
signature: z.string(),
});
/**
@@ -29,39 +36,53 @@ const announcementSchema = z.object({
*
* Receives an announcement from another node and responds with our info.
* This is how nodes introduce themselves to the swarm.
*
* SECURITY: All announcement requests must be signed by the sender node.
*/
export async function POST(request: Request) {
try {
const body = await request.json();
const announcement = announcementSchema.parse(body);
const data = signedAnnouncementSchema.parse(body);
const ourDomain = process.env.NEXT_PUBLIC_NODE_DOMAIN;
// Don't process announcements from ourselves
if (announcement.domain === ourDomain) {
if (data.domain === ourDomain) {
return NextResponse.json(
{ error: 'Cannot announce to self' },
{ status: 400 }
);
}
// SECURITY: Verify the node signature before processing
const { signature, ...payload } = data;
const isValid = await verifySwarmRequest(payload, signature, data.domain);
if (!isValid) {
console.warn(`[Swarm] Invalid signature for announcement from ${data.domain}`);
return NextResponse.json(
{ error: 'Invalid signature' },
{ status: 403 }
);
}
// Add/update the announcing node in our registry
const nodeInfo: SwarmNodeInfo = {
domain: announcement.domain,
name: announcement.name,
description: announcement.description,
logoUrl: announcement.logoUrl,
publicKey: announcement.publicKey,
softwareVersion: announcement.softwareVersion,
userCount: announcement.userCount,
postCount: announcement.postCount,
capabilities: announcement.capabilities,
domain: data.domain,
name: data.name,
description: data.description,
logoUrl: data.logoUrl,
publicKey: data.publicKey,
softwareVersion: data.softwareVersion,
userCount: data.userCount,
postCount: data.postCount,
capabilities: data.capabilities,
lastSeenAt: new Date().toISOString(),
};
const { isNew } = await upsertSwarmNode(nodeInfo, 'announcement');
console.log(`[Swarm] ${isNew ? 'New' : 'Known'} node announced: ${announcement.domain}`);
console.log(`[Swarm] ${isNew ? 'New' : 'Known'} node announced: ${data.domain}`);
// Respond with our own info
const ourAnnouncement = await buildAnnouncement();