Summary
Key-package tag validation currently accepts extra trailing values on tags that are intended to be single-valued.
This is not newly introduced behavior, but it is worth tightening as a protocol-compliance follow-up.
Current behavior
In crates/mdk-core/src/key_packages.rs, validation for single-valued tags such as:
mls_protocol_versionmls_ciphersuite
extracts the value at index 1 and ignores any additional elements.
That means tags like these are currently accepted:
["mls_protocol_version", "1.0", "junk"]["mls_ciphersuite", "0x0001", "junk"]
while the i tag already enforces an exact single-value shape.
Why this matters
For tags that are semantically single-valued, accepting extra values makes validation looser than necessary and can allow malformed events to pass local validation.
Even if other implementations also currently ignore extras, tightening this would make the parser more strict and more explicit about the expected MIP-00 tag shape.
Desired outcome
For tags that are defined as single-valued, require the tag slice to contain exactly:
and reject:
- missing values
- extra trailing values
At minimum, apply this to:
mls_protocol_versionmls_ciphersuite
Suggested follow-up
- Introduce a helper for exact single-value tag extraction/validation
- Update the relevant validators to use it
- Add regression tests covering:
- missing value
- valid single value
- extra trailing value rejected
Summary
Key-package tag validation currently accepts extra trailing values on tags that are intended to be single-valued.
This is not newly introduced behavior, but it is worth tightening as a protocol-compliance follow-up.
Current behavior
In
crates/mdk-core/src/key_packages.rs, validation for single-valued tags such as:mls_protocol_versionmls_ciphersuiteextracts the value at index
1and ignores any additional elements.That means tags like these are currently accepted:
["mls_protocol_version", "1.0", "junk"]["mls_ciphersuite", "0x0001", "junk"]while the
itag already enforces an exact single-value shape.Why this matters
For tags that are semantically single-valued, accepting extra values makes validation looser than necessary and can allow malformed events to pass local validation.
Even if other implementations also currently ignore extras, tightening this would make the parser more strict and more explicit about the expected MIP-00 tag shape.
Desired outcome
For tags that are defined as single-valued, require the tag slice to contain exactly:
and reject:
At minimum, apply this to:
mls_protocol_versionmls_ciphersuiteSuggested follow-up