Goal
Prevent man-in-the-middle attacks during the auto-update process.
Description
The current updater in src/updater.rs downloads a binary and executes it. This is vulnerable to MITM attacks if the transport layer is compromised.
Implement signature verification:
- Generate an Ed25519 keypair; hardcode the public key in the TRX source
- For each release, sign the binary with the private key and upload a
.sig file alongside it
- In
updater.rs, download both the binary and the .sig file
- Verify the signature using the
ed25519-dalek crate before executing the binary
- Abort the update if verification fails and display a clear error
The private key must never be committed to the repository.
Tech
Rust, Cryptography (ed25519-dalek), Release CI pipeline
Difficulty
Level 3 – Advanced
Goal
Prevent man-in-the-middle attacks during the auto-update process.
Description
The current updater in
src/updater.rsdownloads a binary and executes it. This is vulnerable to MITM attacks if the transport layer is compromised.Implement signature verification:
.sigfile alongside itupdater.rs, download both the binary and the.sigfileed25519-dalekcrate before executing the binaryThe private key must never be committed to the repository.
Tech
Rust, Cryptography (
ed25519-dalek), Release CI pipelineDifficulty
Level 3 – Advanced