Skip to content
This repository has been archived by the owner on Apr 26, 2024. It is now read-only.

Handle events which fail auth on their auth_events differently from those that fail on the resolved state #11018

Open
richvdh opened this issue Oct 7, 2021 · 1 comment
Open

Handle events which fail auth on their auth_events differently from those that fail on the resolved state #11018

richvdh opened this issue Oct 7, 2021 · 1 comment
Labels
T-Enhancement New features, changes in functionality, improvements in performance, or user-facing enhancements.

Comments

@richvdh
Copy link
Member

richvdh commented Oct 7, 2021

Following up a comment at #10956 (comment):

We can now mark an event as rejected in either of two cases:

  • the event does not pass the auth rules based on its auth_events
  • the event does not pass the auth rules based on the resolved state at that point on the DAG.

As is pointed out in that comment thread, we should probably consider these two cases differently.
@richvdh richvdh changed the title Handle events which fail auth on their auth_events differently from those that fail on the resolved state Handle events which fail auth on their auth_events differently from those that fail on the resolved state Oct 7, 2021
@richvdh richvdh mentioned this issue Oct 7, 2021
Open
@richvdh
Copy link
Member Author

richvdh commented Oct 7, 2021

It's worth noting that the spec says nothing about treating these differently:

  • Passes authorization rules based on the event's auth events, otherwise it is rejected.
  • Passes authorization rules based on the state at the event, otherwise it is rejected.

... so improving this will also involve updating the spec.

@DMRobertson DMRobertson added the T-Enhancement New features, changes in functionality, improvements in performance, or user-facing enhancements. label Oct 18, 2021
@matrixbot matrixbot mentioned this issue Dec 21, 2023
Open
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees
No one assigned
Labels
T-Enhancement New features, changes in functionality, improvements in performance, or user-facing enhancements.
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@richvdh @DMRobertson