Expand description
§HTTPS-transport ownership proof
Produces and verifies the proof bytes carried in an AnnounceV2 from / to an
HTTPS server. The bytes are a postcard-encoded [HttpsAcmeProof] containing
the announcer’s currently-serving ACME-issued TLS chain — nothing else.
Verification is purely offline:
- postcard decode (wrong-transport / corrupt bytes fail here),
- [
hashiverse_lib::tools::cert_validation::is_cert_valid] — X.509 path validation against the bundled Mozilla NSS roots plus IP-SAN match.
§What V2 guarantees, and what it doesn’t
V2’s only claim is “someone managed to issue a public-CA cert for the announced
IP”. That defeats the original target: a server that fails to acquire a cert
(no control of port 80/443) can’t construct a valid proof and never enters
Kademlia. It does not defeat an attacker who borrows a stranger’s chain —
the chain is public, served on every TLS handshake. But any RPC the receiver
then sends to the announced IP reaches the real server with the real
identity at that IP, and the response-side identity mismatch trips the existing
prune path (HashiverseServer::add_potential_peer_to_kademlia + RPC-failure
pruning in maintain_kademlia). So the chain-borrowing attack is bounded: an
attacker can briefly inject a wrong identity for an IP, and the network
self-corrects on the next round-trip.
Structs§
- Https
Transport Ownership Proof - Server-side proof object for the HTTPS transport. Holds one handle: a clone of
HttpsTransportCertRefresher::base_cert, so every call snapshots the freshest loaded chain without coordinating with the cert refresher’s own loop.