- From: Rimu <rimu@rimu.geek.nz>
- Date: Sat, 12 Apr 2025 08:03:11 +0000
- To: public-swicg@w3.org
- Message-ID: <0108019629062820-37f1fa7e-1add-40d4-b35a-9360ec4b918e-000000@ap-southeast-2.ama>
Hi Melvin, I can see why it would be good to encrypt the private key when it is at rest in the DB. However the private key is used by the instance software to sign Activities <https://docs.joinmastodon.org/spec/security/#http> that the software sends on behalf of the user. How can the software use the key if there is a cryptographic boundary? Wouldn't that prevent it's use? Or have I misunderstood the term? Cheers, Rimu On 12/04/25 19:44, Melvin Carvalho wrote: > > Hi All, > > There’s a major security issue in the way most ActivityPub > implementations work today: private keys are typically stored on the > server, often in plain text or with minimal protection. > > This means: > > * > > Server admins or attackers can fully impersonate any user. > > * > > There is no real cryptographic boundary between the user and their > instance. > > * > > *End-to-end encryption is fatally compromised* — servers can > decrypt or forge "private" messages. > > * > > *Any financial use of ActivityPub (tipping, payments, tokens) is > wide open to theft*, since servers hold the keys that authorize > transactions. > > When the original Working Group formed, we didn’t yet know how > implementations would evolve. But now that we do, we can’t keep saying > that insecure defaults are a feature, not a bug. This is a core flaw > that undermines the promise of secure federation. > > If a new Working Group is formed, security issues such as this* need > be acknowledged and addressed* — including exploring models where > users control their own keys, not the servers. > > Looking forward to hearing thoughts, > > Melvin > -- Phone: +64 21 823 129 https://rimu.geek.nz
Received on Saturday, 12 April 2025 08:03:18 UTC