Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Correctly calculating inbound event depth #88

Closed
Half-Shot opened this issue Apr 30, 2018 · 2 comments
Closed

Correctly calculating inbound event depth #88

Half-Shot opened this issue Apr 30, 2018 · 2 comments

Comments

@Half-Shot
Copy link

Half-Shot commented Apr 30, 2018
edited
Loading

Depth should be max(previous_events.depth) + 1, otherwise we could suffer from the same attacks that Synapse received recently where the depth was escalated to the maximum supported by postgres.

Rather than trusting federated depth as Synapse currently does, the current proposal is to make a best guess estimate of what the depth should be on arrival which is tracked in the proposal document linked:

https://docs.google.com/document/d/16ofbjluy8ZKYL6nt7WLHG4GqSodJUWLUxHhI6xPEjr4
@Half-Shot Half-Shot changed the title Eventauth should check depth Correctly calculating depth Apr 30, 2018
@Half-Shot Half-Shot changed the title Correctly calculating depth Correctly calculating inbound event depth Apr 30, 2018
@kegsay
Copy link
Member

kegsay commented Mar 4, 2020

Is this still relevant? What is the actionable item here?

@kegsay
Copy link
Member

kegsay commented Apr 30, 2020

Superceded by #187

@kegsay kegsay closed this as completed Apr 30, 2020
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@Half-Shot @kegsay