Skip to content

Security: WebSocket Room Access Control#2937

Closed
MichaelSovereign wants to merge 76 commits intoScottcjn:mainfrom
MichaelSovereign:security-fix/websocket-room-validation
Closed

Security: WebSocket Room Access Control#2937
MichaelSovereign wants to merge 76 commits intoScottcjn:mainfrom
MichaelSovereign:security-fix/websocket-room-validation

Conversation

@MichaelSovereign
Copy link
Copy Markdown
Contributor

@MichaelSovereign MichaelSovereign commented May 2, 2026

Summary

This PR hardens the WebSocket subscription logic by restricting clients to a predefined set of public rooms.

Changes

  1. Room Whitelisting: Implemented an whitelist in the event handler. This prevents clients from subscribing to arbitrary room names, which could be used to intercept internal messages or probe for private event channels.
  2. Input Normalization: Added string normalization and stripping for room identifiers.
  3. Error Reporting: Added explicit error emission for unauthorized room requests.

Closes #2295

@MichaelSovereign
feat: implement RIP-309 Phase 1 Fingerprint Check Rotation
9005379
@MichaelSovereign
fix: address Codex review for RIP-309 Phase 1
1c1e41c
@MichaelSovereign
fix: complete RIP-309 integration with reward gating and signature fix
d4ad46b
@MichaelSovereign
fix: integrate canonical RIP-309 rotation module for reward weighting
4d2b086
@MichaelSovereign
fix: bind _handle_get_state signature to msg_id and ttl (arity fix Sc…
d5c825d 
…ottcjn#2288)
@MichaelSovereign
Security: Hardened P2P sync with replay protection, nonces, and deter…
2080a24 
…ministic JSON
@MichaelSovereign
Security: Prevent mining reward type confusion in mempool and UTXO apply
464a08e
@MichaelSovereign
Security: Hardened Server Proxy with path whitelisting and header for…
ba859a7 
…warding
@MichaelSovereign
Security: Atomic balance checks and secure hash generation for Bridge…
a84314c 
… API
@MichaelSovereign
Security: Fix voting precision by migrating from REAL to INTEGER weights
ed6d1e9
@MichaelSovereign
Enhancement: Added environment variable support and API authenticatio…
2437488 
…n for auto-settler
@MichaelSovereign
Security: Implemented cryptographic authentication for bounty claims …
574c26b 
…and contract updates
@MichaelSovereign
Enhancement: Added address validation and security checks for x402 co…
2aef619 
…nfiguration
@MichaelSovereign
Security: Fixed potential SQL injection in passport listing
cc7b765
@MichaelSovereign
Security: Protected Hall of Rust from SQL injection and data vandalism
9e59f39
@MichaelSovereign
Security: Hardened LLM JSON extraction in Sophia Governor
1239068
@MichaelSovereign
Security: Switched to full SHA-256 for machine identity to prevent co…
92a73c9 
…llisions
@MichaelSovereign
Security: Added robustness to cache feature extraction to prevent cra…
4851646 
…shes on empty data
@MichaelSovereign
Security: Switched from float to Decimal for precise financial calcul…
29c6686 
…ations in payouts
@MichaelSovereign
Security: Switched from print to logging and improved error handling …
ee06e4e 
…in claims eligibility
@MichaelSovereign
Security: Enforced commitment matching in BCOS attestation to prevent…
dfbfa93 
… report tampering
@MichaelSovereign
Security: Added database-level CHECK constraints for transaction amou…
1b134b4 
…nts to prevent negative value injection
@MichaelSovereign
Security: Hardened claim ID generation to prevent potential ID collis…
179a811 
…ions
@MichaelSovereign
Security: Prevented field-level DoS in hardware binding by capping MA…
11e7c32 
…C address and flag storage
@MichaelSovereign
Security: Implemented HMAC authentication for P2P state and attestati…
a0cee05 
…on endpoints to prevent data leakage
@MichaelSovereign
Security: Implemented atomic transactions for IP rate limiting to pre…
88cac3f 
…vent race condition bypass
@MichaelSovereign
Security: Implemented input sanitization to prevent prompt injection …
a6ec6e6 
…in Sophia Inspector
@MichaelSovereign
Enhancement: Added environment variable support and timeout protectio…
2d532ae 
…n for Ergo anchoring
@MichaelSovereign
Security: Prevented Sybil attacks in Warthog rewards by enforcing uni…
140f85d 
…que WART addresses per epoch
@MichaelSovereign
Security: Enforced global uniqueness for GitHub accounts and wallets …
631c761 
…in airdrop to prevent double-claiming
@MichaelSovereign
Security: Implemented atomic transactions for fingerprint rate limiti…
f334222 
…ng to prevent TOCTOU bypass
@MichaelSovereign
Security: Prevented Link Injection and Phishing by disabling untruste…
fb68e6e 
…d X-Forwarded-Host header in feed builders
@MichaelSovereign
Security: Implemented score clamping and total re-calculation in BCOS…
bfb8abb 
… PDF generator to prevent misleading certificates
@MichaelSovereign
Enhancement: Added exponential backoff retry logic to payout worker f…
e3856c8 
…or improved reliability
@MichaelSovereign
Security: Implemented input sanitization and type enforcement for Web…
b77099e 
…Socket broadcasts in Elya Service
@MichaelSovereign
Security: Hardened oEmbed video ID extraction and prevented Host Inje…
e98bbc0 
…ction in embed routes
@MichaelSovereign
Security: Prevented authentication bypass in lock ledger when admin k…
726f2b1 
…ey is unconfigured
@MichaelSovereign
Security: Implemented permission validation for pinned TLS certificat…
17d02da 
…es to prevent MitM via certificate tampering
@MichaelSovereign
Bugfix: Fixed broken XML syntax in Atom feed thumbnail generation
4c4946a
@MichaelSovereign
Security: Switched to Decimal for precise balance conversion during U…
4b64929 
…TXO genesis migration
@MichaelSovereign
Security: Switched to Decimal for precise financial calculations in U…
cc48400 
…TXO transfer endpoint
@MichaelSovereign
Security: Hardened WebSocket configuration by restricting CORS and re…
e4c8bfc 
…ducing max buffer size
@MichaelSovereign
Security: Hardened withdrawal archive storage with directory isolatio…
7dbd8bc 
…n and strict file permissions
@MichaelSovereign
Security: Implemented strict public key validation for epoch enrollme…
9a355d2 
…nt to prevent identity spoofing
@MichaelSovereign
Security: Improved Merkle hash calculation efficiency and implemented…
c11ef71 
… row limits to prevent DoS
@MichaelSovereign
Security: Implemented automatic mempool cleanup to prevent resource e…
2d11c1f 
…xhaustion from expired transactions
@MichaelSovereign
Enhancement: Standardized error responses in Elya Service for better …
7155bd9 
…integration with block explorer
@MichaelSovereign
Security: Hardened wallet hopping detection with stricter thresholds …
d0976db 
…and extended history analysis
@MichaelSovereign
Security: Enforced admin authentication for UTXO statistics endpoint …
05e04ed 
…to prevent information disclosure
@MichaelSovereign
Enhancement: Added server time collection to consensus probe for impr…
f907498 
…oved synchronization diagnostics
@MichaelSovereign
Security: Implemented room name validation for WebSocket subscription…
14dc456 
…s to prevent unauthorized channel access
@MichaelSovereign MichaelSovereign requested a review from Scottcjn as a code owner May 2, 2026 06:01
@github-actions github-actions Bot added BCOS-L1 Beacon Certified Open Source tier BCOS-L1 (required for non-doc PRs) BCOS-L2 Beacon Certified Open Source tier BCOS-L2 (required for non-doc PRs) consensus Consensus/RIP-200 related node Node server related tests Test suite changes size/XL PR: 500+ lines labels May 2, 2026
@Scottcjn
Copy link
Copy Markdown
Owner

Scottcjn commented May 3, 2026

Closing as part of Tier 0 hard-ban cleanup — see #3074 / #3104 / #3169 for the documented incident chain. All MichaelSovereign PRs are closed unread per the Tier 0 contract. No review path; no future PRs from this account will be processed. (See feedback_michaelsovereign_tier0_2026-05-02.md.)

@Scottcjn Scottcjn closed this May 3, 2026
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@Scottcjn Scottcjn Awaiting requested review from Scottcjn Scottcjn is a code owner

Assignees

No one assigned

Labels

BCOS-L1 Beacon Certified Open Source tier BCOS-L1 (required for non-doc PRs) BCOS-L2 Beacon Certified Open Source tier BCOS-L2 (required for non-doc PRs) consensus Consensus/RIP-200 related node Node server related size/XL PR: 500+ lines tests Test suite changes

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@MichaelSovereign @Scottcjn