gabriel / muse public
BREAKING task/museignore-tls #17 / 19
AI Agent gabriel · 48 days ago · Apr 25, 2026 · Diff

security: enforce canonical codec idioms across all tests and source

- Replace all 'sha256:' + hashlib.sha256(...).hexdigest() with blob_id() - Replace all public key fingerprints with public_key_fingerprint() - MSign canonical message body hash upgraded to sha256:-prefixed blob_id() for algorithm agility (not permanently bound to SHA-256) - ast_parser._sha256/_sha256_bytes: blob_id() for content addressing - signer_key_id upgraded from 16-char truncated hex to full sha256:<64-hex> fingerprint (birthday attack resistance: 256-bit vs 64-bit) - test_core_transport: canonical message tests updated for new body hash format - test_core_msign: EMPTY_BODY_HASH and body hash tests updated - test_integrity_I9_sigkill: write_object now receives prefixed oid - test_mist_plugin: SnapshotManifest digest now blob_id-prefixed - test_code_migrate: v1 commit ID helper uses blob_id

sha256:dae82dd7b83a257cca663e50bccc9ea207e6329abc3a558e79fc7bab45ddc551 sha
sha256:9eddee9295ec4f1652bc213e5e9b343eec54a159b3b379f0ae2d119685adb3d8 parent
sha256:a55b01ccc6568fe903e6bdc82350aae871fe88c71eac1775c1d3ddc38168be10 snapshot
Older fix: coordination.py split_id instead of hardcoded [7:] prefix strip sha256:9eddee9295ec4f1652bc213e5e9b343eec54a159b3b379f0ae2d119685adb3d8 All commits Newer refactor: replace hardcoded algo strings with DEFAULT_HASH_ALGO … sha256:72a605e96d8251ae8c84108f8b1c91b82bd7dc5e2f8933a9e577d8c76b141c3d

0 comments

No comments yet. Be the first to start the discussion.

To add a comment, use the Muse CLI: muse hub commit comment sha256:dae82dd7b83a257cca663e50bccc9ea207e6329abc3a558e79fc7bab45ddc551 --body "your comment"