fix: MSign canonical message used enum str instead of 'ed25519' literal

build_canonical_message() defaulted algorithm to KeyAlgorithm.ED25519 (an enum value). In Python, str(KeyAlgorithm.ED25519) == 'KeyAlgorithm.ED25519', not 'ed25519'. The canonical message on the server therefore diverged from the client (which uses DEFAULT_SIGN_ALGO = 'ed25519' from muse.core._types) → every push/stream request got 401 Signature verification failed.

Fix: replace the enum default with DEFAULT_SIGN_ALGO from muse.core._types.

Also updates test_msign_request_signing.py to use the current MWP streaming protocol: /push/stream with application/x-muse-wire and b'' body signing. The old /push endpoint was removed; tests that hit it were getting 404 or passing for the wrong reason (both sides had the same wrong canonical).

sha256:dea27c2c3d3a8aa75c64511a5b7ec000bb7608693834cb4d4522a3b0be52f3d5 sha

sha256:b398e539dd32c742ffe64bf33fd4e9057e57a8a405d0b71e310ada0b8126af9b parent

sha256:2242f02b99ab524baffaccbd8ca2a8732d177a2fe204b913c560481730ed98e3 snapshot

← Older Oldest on dev

All commits

Newer → Latest on dev

0 comments

No comments yet. Be the first to start the discussion.

To add a comment, use the Muse CLI: muse hub commit comment sha256:dea27c2c3d3a8aa75c64511a5b7ec000bb7608693834cb4d4522a3b0be52f3d5 --body "your comment"

Provenance signed

AI Agent

claude-sonnet-4-6

Bump BREAKING

Agent claude-code

Breaking

musehub/auth/request_signing.py::build_canonical_message

Signature Cryptographically verified

Snapshot

ID sha256:2242f02b99ab524baffaccbd8ca2a8732d177a2fe204b913c560481730ed98e3

Files 0

Browse tree at this commit →

Commit

SHA sha256:dea27c2c3d3a8aa75c64511a5b7ec000bb7608693834cb4d4522a3b0be52f3d5

Parent

sha256:b398e539dd32c742ffe64bf33fd4e9057e57a8a405d0b71e310ada0b8126af9b

Branch dev