Skip to content

Fix flaky TestTamperedTokenFails (qryptinvite) reddening main CI#18

Merged
ralyodio merged 1 commit into
mainfrom
fix/qryptinvite-flaky-tamper-test
Jun 14, 2026
Merged

Fix flaky TestTamperedTokenFails (qryptinvite) reddening main CI#18
ralyodio merged 1 commit into
mainfrom
fix/qryptinvite-flaky-tamper-test

Conversation

@ralyodio

Copy link
Copy Markdown
Contributor

flipLastChar toggled only the last base64 char of the signature segment; for a 64-byte Ed25519 signature that char holds unused trailing bits, so the toggle could decode back to the same bytes and still verify — making the assertion flaky and turning main's test workflow red. Now corrupts a decoded signature byte (sig[0] ^= 0xFF) instead. Verified deterministic over 50 runs; go vet clean.

🤖 Generated with Claude Code

flipLastChar toggled only the last base64 char of the signature segment.
For a 64-byte Ed25519 signature that char carries unused trailing bits, so
the toggle could decode back to the same bytes and still verify — making the
"corrupted signature must fail" assertion flaky (it reddened main CI).

Corrupt a decoded signature byte (sig[0] ^= 0xFF) and re-encode instead, so
the signature always differs. Verified deterministic over 50 runs.

Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
@ralyodio
ralyodio merged commit 7a90c50 into main Jun 14, 2026
5 checks passed
@github-actions

Copy link
Copy Markdown

vu1nz Security Review

0 finding(s) in PR #?

No security issues found.

@ralyodio
ralyodio deleted the fix/qryptinvite-flaky-tamper-test branch June 14, 2026 17:06
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant