Skip to content

Fix/peer auth fetch #465

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Draft
sirdeggen wants to merge 2 commits into
base: master
Choose a base branch
from
Draft

Fix/peer auth fetch #465

sirdeggen wants to merge 2 commits into from

Conversation

@sirdeggen
Copy link
Collaborator

@sirdeggen sirdeggen commented Jan 20, 2026

Description of Changes

First set out to fix Auth Middleware but it turns out the issue is fixable from Peer class.

The /.well-known/auth endpoint hangs because:

The middleware sets up a listener for certificates but never responds if:

No certificates are sent by the client
A session already exists for that identity
The response is only sent when:

The Peer class calls transport.send() with a response message
This happens inside the messageCallback processing
Your backend's onCertificatesReceived callback (server.ts:54-72) calls next() on line 71, but this only happens AFTER certificates are received

The initial auth handshake response should be sent by the Peer class through the messageCallback, but if the Peer doesn't respond (perhaps due to session state or missing configuration), the request hangs forever.

The fix would involve ensuring that:

The Peer always sends a response for the initial /.well-known/auth request
Or the middleware sends an explicit response if no session/certificates are needed
Or there's a timeout mechanism to prevent indefinite hanging

Bug #1: Race Condition in Timeout Setup
Bug #2: Inconsistent Key Usage (Less Critical)
Stored promise with: message.yourNonce
Resolved promise with: peerSession.sessionNonce

Testing Procedure

Describe the tests you've added or any testing steps you've taken.

  • I have added new unit tests
  • All tests pass locally
  • I have tested manually in my local environment

Checklist

  • I have performed a self-review of my own code
  • I have made corresponding changes to the documentation
  • My changes generate no new warnings
  • I have updated CHANGELOG.md with my changes
  • I have run npm run doc and npm run lint one final time before requesting a review
  • I have fixed all linter errors to ensure these changes are compliant with ts-standard
  • I have run npm version patch so that my changes will trigger a new version to be released when they are merged

@sonarqubecloud
Copy link

sonarqubecloud bot commented Jan 20, 2026

Quality Gate Passed Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube Cloud

@github-actions
Copy link

github-actions bot commented Jan 20, 2026

🏁 Benchmark Comparison (Node 22)

Comparing this PR (8a2d9ce) against master (0f3c5ad).

✅ No regressions over the 5% threshold detected. 🎉 2 significant speedups (>5% faster).

Speedups

  • 🎉 Reader & Writer – 400 medium payloads is 5.07% faster (14.78 ms vs 15.57 ms).
  • 🎉 Atomic BEEF – Transaction.fromAtomicBEEF is 11.88% faster (3.56 ms vs 4.04 ms).
Benchmark Metric PR Branch Master Δ Change
BigNumber Arithmetic mul large numbers 8.81 ms 8.83 ms -0.02 ms -0.23%
BigNumber Arithmetic add large numbers 1.45 ms 1.47 ms -0.02 ms -1.36%
BigNumber Serialization toSm big 2.81 ms 2.87 ms -0.06 ms -2.09%
BigNumber Serialization toSm little 2.87 ms 3.00 ms -0.13 ms -4.33%
BigNumber Serialization fromSm big 2.94 ms 2.97 ms -0.03 ms -1.01%
BigNumber Serialization fromSm little 3.02 ms 3.07 ms -0.05 ms -1.63%
BigNumber Serialization fromScriptNum 3.01 ms 3.07 ms -0.06 ms -1.95%
Script Serialization Big script round trip 3.89 ms 3.82 ms +0.07 ms +1.83%
Transaction Verification deep chain verify 576.52 ms 576.10 ms +0.42 ms +0.07%
Transaction Verification wide transaction verify 596.24 ms 587.28 ms +8.96 ms +1.53%
Transaction Verification large tx verify 292.07 ms 293.12 ms -1.05 ms -0.36%
Transaction Verification nested inputs verify 163.86 ms 164.94 ms -1.08 ms -0.65%
Symmetric Key encrypt large 2MB 1744.03 ms 1733.89 ms +10.14 ms +0.58%
Symmetric Key decrypt large 2MB 1703.71 ms 1687.24 ms +16.47 ms +0.98%
Symmetric Key encrypt 50 small 7.53 ms 7.53 ms +0.00 ms 0.00%
Symmetric Key decrypt 50 small 7.16 ms 7.17 ms -0.01 ms -0.14%
Symmetric Key encrypt 200 medium 182.91 ms 181.81 ms +1.10 ms +0.61%
Symmetric Key decrypt 200 medium 177.05 ms 176.43 ms +0.62 ms +0.35%
Reader & Writer mixed ops 0.23 ms 0.22 ms +0.01 ms +4.55%
Reader & Writer large payloads 28.02 ms 29.20 ms -1.18 ms -4.04%
Reader & Writer 3000 small payloads 1.71 ms 1.75 ms -0.04 ms -2.29%
Reader & Writer 400 medium payloads 14.78 ms 15.57 ms -0.79 ms -5.07%
Atomic BEEF Transaction.toAtomicBEEF 1.49 ms 1.49 ms +0.00 ms 0.00%
Atomic BEEF Transaction.fromAtomicBEEF 3.56 ms 4.04 ms -0.48 ms -11.88%

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@sirdeggen