From 3c236581fadf791e7a5c352ddda66f163fb63311 Mon Sep 17 00:00:00 2001
From: Powersource <jacob.karlsson95@gmail.com>
Date: Mon, 25 Mar 2024 16:33:41 +0100
Subject: [PATCH] Make getSigkeysInAccount consider "del" (#24)

---
 lib/index.js             | 16 +++++---
 lib/msg-v4/validation.js |  6 ++-
 test/account-add.test.js | 89 ++++++++++++++++++++++++++++++++++++++++
 3 files changed, 105 insertions(+), 6 deletions(-)

diff --git a/lib/index.js b/lib/index.js
index d6ae914..7527b9e 100644
--- a/lib/index.js
+++ b/lib/index.js
@@ -409,11 +409,17 @@ function initDB(peer, config) {
       if (!msg?.data) continue
       /** @type {AccountData} */
       const data = msg.data
-      if (data.action !== 'add') continue
-      const purpose = data.key?.purpose
-      if (purpose !== 'sig' && purpose !== 'shs-and-sig') continue
-      if (data.key.algorithm !== 'ed25519') continue
-      sigkeys.add(data.key.bytes)
+      if (data.action === 'add') {
+        const purpose = data.key?.purpose
+        if (purpose !== 'sig' && purpose !== 'shs-and-sig') continue
+        if (data.key.algorithm !== 'ed25519') continue
+        sigkeys.add(data.key.bytes)
+      } else if (data.action === 'del') {
+        const purpose = data.key?.purpose
+        if (purpose !== 'sig' && purpose !== 'shs-and-sig') continue
+        if (data.key.algorithm !== 'ed25519') continue
+        sigkeys.delete(data.key.bytes)
+      }
     }
     return sigkeys
   }
diff --git a/lib/msg-v4/validation.js b/lib/msg-v4/validation.js
index 13aa9fe..3106278 100644
--- a/lib/msg-v4/validation.js
+++ b/lib/msg-v4/validation.js
@@ -332,7 +332,11 @@ function validate(msg, tangle, sigkeys, msgID, rootID) {
   if ((err = validateSigkey(msg))) return err
   if ((err = validateData(msg))) return err
 
-  if (tangle.type === 'feed' && isMoot(msg)) return // nothing else to check
+  try {
+    if (tangle.type === 'feed' && isMoot(msg)) return // nothing else to check
+  } catch (err) {
+    return err
+  }
 
   if ((err = validateDataSizeHash(msg))) return err
   if ((err = validateDomain(msg.metadata.domain))) return err
diff --git a/test/account-add.test.js b/test/account-add.test.js
index ea3b32f..c16db93 100644
--- a/test/account-add.test.js
+++ b/test/account-add.test.js
@@ -6,6 +6,7 @@ const os = require('node:os')
 const rimraf = require('rimraf')
 const Keypair = require('ppppp-keypair')
 const { createPeer } = require('./util')
+const MsgV4 = require('../lib/msg-v4')
 
 const DIR = path.join(os.tmpdir(), 'ppppp-db-account-add')
 rimraf.sync(DIR)
@@ -206,4 +207,92 @@ test('account.add()', async (t) => {
 
     await p(carol.close)()
   })
+
+  await t.test(
+    "Can't publish with a key if the key has been del'd",
+    async () => {
+      rimraf.sync(DIR)
+
+      const keypair1 = Keypair.generate('ed25519', 'alice')
+      const keypair2 = Keypair.generate('ed25519', 'bob')
+
+      let peer = createPeer({ keypair: keypair1, path: DIR })
+
+      await peer.db.loaded()
+
+      const account = await p(peer.db.account.create)({
+        keypair: keypair1,
+        subdomain: 'person',
+      })
+      const accountMsg0 = peer.db.get(account)
+
+      const consent = peer.db.account.consent({ account, keypair: keypair2 })
+
+      const accountRec1 = await p(peer.db.account.add)({
+        account,
+        keypair: keypair2,
+        consent,
+        powers: ['external-encryption'],
+      })
+
+      const goodRec = await p(peer.db.feed.publish)({
+        account,
+        domain: 'post',
+        data: { text: 'potato' },
+        keypair: keypair2,
+      })
+      const postMootRec = peer.db.feed.findMoot(account, 'post')
+
+      const tangle = new MsgV4.Tangle(account)
+      tangle.add(account, accountMsg0)
+      tangle.add(accountRec1.id, accountRec1.msg)
+      // can't publish() account msgs. and creating this manually for now until we have a .del() fn
+      const delMsg = MsgV4.create({
+        account: 'self',
+        accountTips: null,
+        domain: accountMsg0.metadata.domain,
+        keypair: keypair1,
+        tangles: {
+          [account]: tangle,
+        },
+        data: {
+          action: 'del',
+          key: {
+            purpose: 'sig',
+            algorithm: 'ed25519',
+            bytes: keypair2.public,
+          },
+        },
+      })
+      await p(peer.db.add)(delMsg, account)
+
+      const badRec = await p(peer.db.feed.publish)({
+        account,
+        domain: 'post',
+        data: { text: 'potato2' },
+        keypair: keypair2,
+      })
+
+      // Re-load as Carol, add the msgs to validate them
+      rimraf.sync(DIR)
+      const keypair3 = Keypair.generate('ed25519', 'carol')
+
+      const carol = createPeer({ keypair: keypair3, path: DIR })
+
+      await carol.db.loaded()
+
+      await p(carol.db.add)(accountMsg0, account)
+      await p(carol.db.add)(accountRec1.msg, account)
+      await p(carol.db.add)(postMootRec.msg, postMootRec.id)
+      await p(carol.db.add)(goodRec.msg, postMootRec.id)
+      await p(carol.db.add)(delMsg, account)
+      await assert.rejects(
+        p(carol.db.add)(badRec.msg, postMootRec.id),
+        /add\(\) failed to verify msg/,
+        "Adding msg with del'd keypair is supposed to fail"
+      )
+
+      await p(carol.close)()
+    }
+  )
 })