Skip to content

docs(auth): enforce nine-byte contract for client_id with MUST-level language#45

Open
VasilevNStas wants to merge 1 commit into
APN-Network:masterfrom
VasilevNStas:13-docs/client-id-length
Open

docs(auth): enforce nine-byte contract for client_id with MUST-level language#45
VasilevNStas wants to merge 1 commit into
APN-Network:masterfrom
VasilevNStas:13-docs/client-id-length

Conversation

@VasilevNStas

Copy link
Copy Markdown
Contributor

Description

Strengthens the documentation for Auth.client_id to explicitly state that the field MUST be exactly nine bytes and that implementations MUST validate this length before HMAC computation or verification.

Problem

Auth.client_id is declared as bytes with no proto-level length constraint. The comment said "exactly nine raw UTF-8 bytes" as a description, not a requirement. The HMAC covers (client_id || timestamp), so a non-nine-byte value verifies cleanly as long as both sides use the same wrong-length bytes — the nine-byte identity contract is silently unenforced.

Changes

  • client_id comment rewritten: "MUST be exactly nine bytes", explicit warning about HMAC passing with wrong lengths, validation requirement for both sender and receiver.
  • hmac comment updated: "Implementations MUST verify client_id is exactly 9 bytes before computing or checking this tag."

The underlying issue (no schema-level enforcement) cannot be fully fixed without protoc-gen-validate or a custom plugin, but this makes the contract unmistakable.

Closes #13

@VasilevNStas

Copy link
Copy Markdown
Contributor Author

@davvd please review

@davvd

davvd commented Jul 4, 2026

Copy link
Copy Markdown
Member

@VasilevNStas we have merge conflicts here, please resolve them and we'll merge

@VasilevNStas
VasilevNStas force-pushed the 13-docs/client-id-length branch from 0803261 to df5ecb3 Compare July 4, 2026 18:01
@VasilevNStas

Copy link
Copy Markdown
Contributor Author

@davvd conflicts resolved.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

Auth.client_id has no length constraint; nine-byte identity contract is unenforced

2 participants