varx/tech on Nostr: npub18369m…z8jp6 As long as the semantics are equivalent for all implementations, ...
npub18369m6ejyjfh47ths7qrlvqcu8jvyzxnuysx72cpvg95jfvt9l0s5z8jp6 (npub1836…8jp6) As long as the semantics are equivalent for all implementations, I'm not too concerned about binary equality—that's a level of canonicalization that I think would generally be a functionality concern rather than a security concern.
I don't have a specific attack in mind. I'm just aware that Alice and Bob disagreeing on the semantics of a message is bad. :-P And structured messages are known to be trouble.
I had another thought about how to prevent these issues: Test data. If you offer a selection of "test vectors" you can include known canonicalization issues and specify that they should cause parse failures. Free unit tests is a very attractive thing for implementers. :-)
I don't have a specific attack in mind. I'm just aware that Alice and Bob disagreeing on the semantics of a message is bad. :-P And structured messages are known to be trouble.
I had another thought about how to prevent these issues: Test data. If you offer a selection of "test vectors" you can include known canonicalization issues and specify that they should cause parse failures. Free unit tests is a very attractive thing for implementers. :-)