awesome-bookmarks/Meshtastic-Android
3
0
Fork 0
mirror of https://github.com/meshtastic/Meshtastic-Android.git synced 2026-06-02 06:24:16 +02:00
Code Issues Packages Projects Releases 3 Wiki Activity

feat(db): enhance public key conflict handling (#4555)

Browse Source 
Signed-off-by: James Rich <2199651+jamesarich@users.noreply.github.com>
This commit is contained in:
James Rich
2026-02-14 07:47:59 -06:00
committed by GitHub
parent 5ca2ab4695
commit c845f9222c
4 changed files with 180 additions and 60 deletions
Download Patch File Download Diff File Expand all files Collapse all files
core/database/README.md
+20
View File
@@ -1,5 +1,25 @@
# `:core:database`
This module provides the local Room database persistence layer for the application.
## Key Components
- **`MeshtasticDatabase`**: The main Room database class.
- **DAOs (Data Access Objects)**:
- `NodeInfoDao`: Manages storage and retrieval of node information (`NodeEntity`). Contains critical logic for handling Public Key Conflict (PKC) resolution and preventing identity wiping attacks.
- `PacketDao`: Handles storage of mesh packets.
- `ChatMessageDao`: Manages chat message history.
- **Entities**:
- `NodeEntity`: Represents a node on the mesh.
- `PacketEntity`: Represents a stored packet.
## Security Considerations
### Public Key Conflict (PKC) Handling
The `NodeInfoDao` implements specific logic to protect against impersonation and "wipe" attacks:
- **Wipe Protection**: Receiving an `is_licensed=true` packet (which normally clears the public key for compliance) will **not** clear an existing valid public key if one is already known. This prevents attackers from sending fake licensed packets to wipe keys from the DB.
- **Conflict Detection**: If a new key arrives for an existing node ID that conflicts with a known valid key, the key is set to `ERROR_BYTE_STRING` to flag the potential impersonation.
## Module dependency graph
<!--region graph-->