Description
Both /api/chat and /api/chat/stream destructure wallet from req.body:
const { messages, wallet } = req.body // untrusted!They use this body-supplied wallet for session resolution (line 124/152), ignoring the JWT-authenticated req.wallet. Authenticated user A can pass wallet: "<user B>" in the request body and resolve user B's session context.
File
packages/agent/src/index.ts:113,141
Fix
Use (req as any).wallet from JWT instead of req.body.wallet:
const wallet = (req as unknown as Record<string, unknown>).wallet as string
const { messages } = req.bodyPriority
HIGH — session impersonation via body parameter
Description
Both
/api/chatand/api/chat/streamdestructurewalletfromreq.body:They use this body-supplied wallet for session resolution (line 124/152), ignoring the JWT-authenticated
req.wallet. Authenticated user A can passwallet: "<user B>"in the request body and resolve user B's session context.File
packages/agent/src/index.ts:113,141Fix
Use
(req as any).walletfrom JWT instead ofreq.body.wallet:Priority
HIGH — session impersonation via body parameter