From a262b94836c9f5d8f51ecc92239e17d4dae4bbf8 Mon Sep 17 00:00:00 2001
From: NIC619 <twedusuck@gmail.com>
Date: Fri, 29 Nov 2019 14:12:42 +0800
Subject: [PATCH] Apply PR feedback: check if signing key and ID match

---
 libp2p/pubsub/pubsub.py | 8 +++++++-
 1 file changed, 7 insertions(+), 1 deletion(-)

diff --git a/libp2p/pubsub/pubsub.py b/libp2p/pubsub/pubsub.py
index 69f873af..ac08b413 100644
--- a/libp2p/pubsub/pubsub.py
+++ b/libp2p/pubsub/pubsub.py
@@ -539,6 +539,12 @@ class Pubsub:
             if msg.signature == b"":
                 logger.debug("Reject because no signature attached for msg: %s", msg)
                 return
+            # Validate if message sender matches message signer,
+            # i.e., check if `msg.key` matches `msg.from_id`
+            msg_pubkey = deserialize_public_key(msg.key)
+            if ID.from_pubkey(msg_pubkey) != msg.from_id:
+                logger.debug("Reject because signing key does not match sender ID for msg: %s", msg)
+                return
             # Validate the signature of the message
             # First, construct the original payload that's signed by 'msg.key'
             msg_without_key_sig = rpc_pb2.Message(
@@ -551,7 +557,7 @@ class Pubsub:
                 PUBSUB_SIGNING_PREFIX.encode() + msg_without_key_sig.SerializeToString()
             )
             if not signature_validator(
-                deserialize_public_key(msg.key), payload, msg.signature
+                msg_pubkey, payload, msg.signature
             ):
                 logger.debug("Signature validation failed for msg: %s", msg)
                 return