Layr-Labs · litt3 · Jan 14, 2025 · Jan 15, 2025 · Jan 15, 2025 · Jan 16, 2025
diff --git a/api/clients/v2/disperser_client.go b/api/clients/v2/disperser_client.go
@@ -213,9 +213,46 @@ func (c *disperserClient) DisperseBlob(
 		return nil, [32]byte{}, err
 	}
 
+	if verifyReceivedBlobKey(blobHeader, reply) != nil {
+		return nil, [32]byte{}, fmt.Errorf("verify received blob key: %w", err)
+	}
+
 	return &blobStatus, corev2.BlobKey(reply.GetBlobKey()), nil
 }
 
+// verifyReceivedBlobKey computes the BlobKey from the BlobHeader which was sent to the disperser, and compares it with
+// the BlobKey which was returned by the disperser in the DisperseBlobReply
+//
+// A successful verification guarantees that the disperser didn't make any modifications to the BlobHeader that it
+// received from this client.
+//
+// This function returns nil if the verification succeeds, and otherwise returns an error describing the failure
+func verifyReceivedBlobKey(
+	// the blob header which was constructed locally and sent to the disperser
+	blobHeader *corev2.BlobHeader,
+	// the reply received back from the disperser
+	disperserReply *disperser_rpc.DisperseBlobReply) error {
+
+	actualBlobKey, err := blobHeader.BlobKey()
+	if err != nil {
+		// this shouldn't be possible, since the blob key has already been used when signing dispersal
+		return fmt.Errorf("computing blob key: %w", err)
+	}
+
+	blobKeyFromDisperser, err := corev2.BytesToBlobKey(disperserReply.GetBlobKey())
+	if err != nil {
+		return fmt.Errorf("converting returned bytes to blob key: %w", err)
+	}
+
+	if actualBlobKey != blobKeyFromDisperser {
+		return fmt.Errorf(
+			"blob key returned by disperser (%v) doesn't match blob which was dispersed (%v)",
+			blobKeyFromDisperser, actualBlobKey)
+	}
+
+	return nil
+}
+
 // GetBlobStatus returns the status of a blob with the given blob key.
 func (c *disperserClient) GetBlobStatus(ctx context.Context, blobKey corev2.BlobKey) (*disperser_rpc.BlobStatusReply, error) {
 	err := c.initOnceGrpcConnection()