fix(matrix-bridge): sweep all 8 deferred audit findings#20
Merged
Conversation
Contributor
|
Capy auto-review is paused for this organization because the monthly auto-review limit has been reached. Increase the limit or turn it off in billing settings to resume automatic reviews. |
Closes out the deferred-with-rationale items from rounds 1–3 (commits 2313473, PR #18, PR #19). Every item now has a real code fix. **Round 1 (correctness/lifecycle) — 4 items** #1. pending-decrypt:* prune cron — listener alarm now runs a 30-min periodic prune that drops queue entries older than 7 days and deletes empty queues. Bounds long-term DO storage growth from sessions whose forwarders went offline before responding. #2. seen:* KV race redesign — dispatch dedupe was using KV's eventual read-modify-write, letting two concurrent reads both see "absent" and both proceed. New /dedup-claim endpoint on MatrixListener wraps the check + write in blockConcurrencyWhile for genuine put-if-absent semantics. Periodic prune handles cleanup (1h TTL); KV fallback preserved for the case where the listener DO is unreachable. #3. /admin/listener/reload-keys endpoint — clears the in-memory cachedKeys + cachedCurve25519 so the operator can rotate Megolm session keys (MATRIX_MEGOLM_KEYS_JSON) without a full redeploy. #4. parsePlan hijack tightening — only accept Plan(d/t) headers BEFORE any tool calls and before any prior plan has been parsed. Prevents a confused/adversarial agent from overwriting in-progress view by emitting `Plan (5/5)` mid-turn to fake completion. **Round 2 (security/spec/integration) — 4 items** #5. m.forwarded_room_key validation — vault now tags captured Megolm keys as `forwarded` vs `live`; listener checks `key-request:*` prefix to confirm we previously asked for the (room, session). If not, calls new vault `/keystore-delete` to evict the unsolicited key. Closes the "any Olm-paired sender can plant Megolm keys for any room" hole. #6. usage:org KV race — routed through OlmVault singleton DO via new /usage-bump (write, atomic) and /usage-read (read) endpoints. Concurrent Done frames across rooms can no longer drop entries via read-modify-write race. #7. Olm session cap bump — was .slice(-8), now .slice(-32). Verified multi-device senders rotate fast enough that 8 was occasionally dropping legitimate live sessions. Evictions are now logged so the operator can spot pathological churn. #8. /admin/recover-room missing-senderKey warning — surface bridges that strip the outer sender_key field (m.room_key_request routing degrades to `*` when missing, may not land on the originating device). Typecheck clean. 102/102 tests pass. Rolling tally tonight: 19 findings · 19 shipped · 0 deferred. Co-Authored-By: itsablabla <itsablabla@users.noreply.github.com> Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
42ee90b to
c763afd
Compare
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
Closes out every deferred-with-rationale item from the three audit rounds tonight (commit
2313473, PR #18, PR #19). All 8 now have a real code fix.Round 1 (correctness/lifecycle) — 4 items
#1.
pending-decrypt:*prune cron — listener alarm now runs a 30-min periodic prune that drops queue entries older than 7 days and deletes empty queues. Bounds long-term DO storage growth from sessions whose forwarders went offline before responding.#2.
seen:*KV race redesign — dispatch dedupe was using KV's eventual read-modify-write, letting two concurrent reads both see "absent" and both proceed. New/dedup-claimendpoint onMatrixListenerwraps the check + write inblockConcurrencyWhilefor genuine put-if-absent semantics. Periodic prune handles cleanup (1h TTL); KV fallback preserved if the listener DO is unreachable.#3.
/admin/listener/reload-keysendpoint — clears the in-memorycachedKeys+cachedCurve25519so the operator can rotate Megolm session keys (MATRIX_MEGOLM_KEYS_JSON) without a full redeploy.#4.
parsePlanhijack tightening — only acceptPlan(d/t)headers BEFORE any tool calls and before any prior plan has been parsed. Prevents a confused/adversarial agent from overwriting in-progress view by emittingPlan (5/5)mid-turn to fake completion.Round 2 (security/spec/integration) — 4 items
#5.
m.forwarded_room_keyvalidation — vault now tags captured Megolm keys asforwardedvslive; listener checkskey-request:*prefix to confirm we previously asked for the (room, session). If not, calls new vault/keystore-deleteto evict the unsolicited key. Closes the "any Olm-paired sender can plant Megolm keys for any room" hole.#6.
usage:orgKV race — routed throughOlmVaultsingleton DO via new/usage-bump(atomic write) and/usage-read(read) endpoints. Concurrent Done frames across rooms can no longer drop entries via read-modify-write race.#7. Olm session cap bump — was
.slice(-8), now.slice(-32). Verified multi-device senders rotate fast enough that 8 was occasionally dropping legitimate live sessions. Evictions are now logged so the operator can spot pathological churn.#8.
/admin/recover-roommissing-senderKey warning — surface bridges that strip the outersender_keyfield (m.room_key_request routing degrades to*when missing, may not land on the originating device).Validation
npm run typecheck✅npm test✅ 102/102 tests pass94631766-f1ea-4535-af48-1ac6a72b1ab2)Rolling tally tonight: 19 findings · 19 shipped · 0 deferred.
Test plan
/admin/listener/reload-keysclears in-memory caches[olm-vault] evicted unsolicited forwarded key— any hits warrant investigation of the forwarding deviceWorkspace · Slack Thread