Skip to content

feat(db): enhance public key conflict handling#4555

Merged
jamesarich merged 1 commit into
mainfrom
fix/psk
Feb 14, 2026
Merged

feat(db): enhance public key conflict handling#4555
jamesarich merged 1 commit into
mainfrom
fix/psk

Conversation

@jamesarich

Copy link
Copy Markdown
Collaborator

Strengthens the NodeInfoDao logic to provide robust protection against public key conflict (PKC) and identity wipe attacks.

Key changes include:

  • Updates will no longer clear a known valid public key, even if an incoming packet indicates is_licensed=true. This prevents an attacker from wiping a node's identity from the database.
  • Refactors the key resolution logic into a dedicated resolvePublicKey function for clarity.
  • If an incoming update is a placeholder (default name, unset hardware model), the existing node's identity (user info, keys) is now preserved while still updating metadata like last heard time and telemetry.
  • Adds and updates tests to verify the new security logic, including scenarios for key mismatches, routine updates, and licensed users.
  • Updates documentation for the new database safety and PKC handling rules for developers.

Strengthens the `NodeInfoDao` logic to provide robust protection against public key conflict (PKC) and identity wipe attacks.

Key changes include:

-   Updates will no longer clear a known valid public key, even if an incoming packet indicates `is_licensed=true`. This prevents an attacker from wiping a node's identity from the database.
-   Refactors the key resolution logic into a dedicated `resolvePublicKey` function for clarity.
-   If an incoming update is a placeholder (default name, unset hardware model), the existing node's identity (user info, keys) is now preserved while still updating metadata like last heard time and telemetry.
-   Adds and updates tests to verify the new security logic, including scenarios for key mismatches, routine updates, and licensed users.
-   Updates `AGENTS.md` and `core/database/README.md` to document the new database safety and PKC handling rules for developers.

Signed-off-by: James Rich <2199651+jamesarich@users.noreply.github.com>
@codecov

codecov Bot commented Feb 14, 2026

Copy link
Copy Markdown

Codecov Report

❌ Patch coverage is 0% with 21 lines in your changes missing coverage. Please review.
✅ Project coverage is 14.50%. Comparing base (da04448) to head (474d99d).
⚠️ Report is 2 commits behind head on main.
✅ All tests successful. No failed tests found.

Files with missing lines Patch % Lines
...in/org/meshtastic/core/database/dao/NodeInfoDao.kt 0.00% 21 Missing ⚠️
Additional details and impacted files
@@            Coverage Diff             @@
##             main    #4555      +/-   ##
==========================================
+ Coverage   14.43%   14.50%   +0.07%     
==========================================
  Files         424      427       +3     
  Lines       14582    14599      +17     
  Branches     2428     2427       -1     
==========================================
+ Hits         2105     2118      +13     
- Misses      12173    12175       +2     
- Partials      304      306       +2     

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

@jamesarich jamesarich added this pull request to the merge queue Feb 14, 2026
Merged via the queue into main with commit c845f92 Feb 14, 2026
9 checks passed
@jamesarich jamesarich deleted the fix/psk branch February 14, 2026 13:58
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

bugfix PR tag

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant