gabriel / muse public
feat patch msign+store main #30 / 44
gabriel · 54 days ago · Apr 16, 2026 · Diff

feat(msign+store): upgrade MSign to 6-field canonical message; enforce sha256: prefix at every layer

MSign wire format (6-field canonical message, alg in header): - canonical_message: {alg}\n{METHOD}\n{host}\n{path}\n{ts}\n{body_hash} - Header: MSign handle=\"...\" alg=\"ed25519\" ts=... sig=\"...\" - _normalise_host: strips :443/:80, keeps :10003 and other non-standard ports - ParsedMSign gains alg field; parse/verify/regex updated accordingly - sign.py: remove unused canonical_message import

sha256: prefix defense-in-depth (all layers): - snapshot.py: hash_file, compute_snapshot_id, compute_commit_id normalize inputs - store.py: _commit_path/_snapshot_path strip prefix; write_branch_ref, write_head_commit, read_head updated to require/accept sha256: prefix - object_store.py: all 4 integrity-check sites compare with sha256: prefix - validation.py: validate_object_id/validate_ref_id require sha256: prefix - stat_cache.py: _hash_str returns sha256: prefix; get_cached normalizes hits - workdir.py: verify_workdir_integrity hashes with sha256: prefix - transport.py: normalize bases/missing at API boundary

Tests: 50 msign tests + 108 transport/sign/dual-sig tests all green

sha256:cd1681509826d0afe21392145109fa851c079cb4ae5a47c7363e56add0f7677d sha
sha256:ffc1f005a517c8c728b2dc4a04c478d673fb0b0b8ef51e8eafb91ecb3f5b6259 parent
sha256:2e35abc023c92f00793db4d018f7298fd75dba44c082ca2ac82292d77fa43aa9 snapshot
Older Merge dev: fix SIGPIPE + add CHUNK_COMMITS to transport sha256:4340bd47344e2f5b677590d95bfc26c68b66a34861310390a6de80469741d182 All commits Newer fix(object_store): strip sha256: prefix before constructing file… sha256:4058d36a2c03c33e95f854d8b237027f186d3afaec2cb1bddcad1f4677da90a7

0 comments

No comments yet. Be the first to start the discussion.

To add a comment, use the Muse CLI: muse hub commit comment sha256:cd1681509826d0afe21392145109fa851c079cb4ae5a47c7363e56add0f7677d --body "your comment"