Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Implemented data signature, verification and recovery #1

Open
wants to merge 1 commit into
base: main
Choose a base branch
from

Conversation

murilo9
Copy link
Owner

@murilo9 murilo9 commented Feb 13, 2025

What was done

In order to detect if data was tampered with, the client signs the data before sending it to the server, and stores a copy of it locally (in IndexedDB). When data is loaded from the server, the client validates the received data with the signature and, in case the data is tampered with, the local copy can be restored.

How to test it

  1. Start both the server and client.
  2. In the client, change the data to anything you want, then click the "Update Data" button. The data will be saved in the server.
  3. Refresh (F5) the client, and the previous data will be loaded from the server.
  4. Click the "Verify Data" button. You should see a verification success message, as the data was not tampered with yet.
  5. Click the "Load Tampered Data" button, which simulates the load of a tampered data from the server. You'll see the data changing to a random string (which is the tampered data).
  6. Click the "Verify Data" button again, and this time you'll see an error message saying that data is tampered.
  7. Click the "Restore Local Data" button to restore the previous (not tampered) data.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

1 participant