verify peer_id in signed-record matches authenticated sender

2026-02-12 16:10:57 +00:00 · 2025-08-20 18:07:32 +05:30
parent 3aacb3a391
commit 3917d7b596
6 changed files with 49 additions and 21 deletions
--- a/libp2p/kad_dht/value_store.py
+++ b/libp2p/kad_dht/value_store.py
@ -161,7 +161,7 @@ class ValueStore:
            # Check if response is valid
            if response.type == Message.MessageType.PUT_VALUE:
                # Consume the sender's signed-peer-record if sent
-                if not maybe_consume_signed_record(response, self.host):
+                if not maybe_consume_signed_record(response, self.host, peer_id):
                    logger.error(
                        "Received an invalid-signed-record, ignoring the response"
                    )
@ -291,7 +291,7 @@ class ValueStore:
                    and response.record.value
                ):
                    # Consume the sender's signed-peer-record
-                    if not maybe_consume_signed_record(response, self.host):
+                    if not maybe_consume_signed_record(response, self.host, peer_id):
                        logger.error(
                            "Received an invalid-signed-record, ignoring the response"
                        )