Fixes for bsv-sdk/wallet: Certificate Forgery, VarInt Corruption, ARC Broadcast State Bypass

Vulnerability Overview This Pull Request addresses three high-severity security vulnerabilities (F8.15, F1.3, F5.13) within the and libraries. These vulnerabilities involve missing certificate signature validation, silent corruption of VarInt protocol encoding, and improper handling of ARC broadcaster status. Scope of Impact 1. bsv-wallet (F8.15 - High): The method allows writing user-supplied certificate fields without verifying signatures. An attacker can pass arbitrary signatures, causing certificates to be treated as valid (a credential forgery primitive). 2. bsv-sdk (F1.3 - High): The method silently handles negative values (e.g., -1) and values greater than (masked with ), causing downstream readers to attempt consuming extra bytes. This corrupts transaction data without raising an exception. 3. bsv-sdk (F5.13 - High): The ARC broadcaster previously treated only and as failure states. Responses with statuses , , , or were silently treated as successful broadcasts. Remediation Plan 1. F8.15: Implement BRC-52 signature validation in and before persisting certificates. 2. F1.3: Modify the logic to raise an for negative values and values exceeding . 3. F5.13: Update the failure status list to match the reference TS broadcaster and correct the HTTP wire format for alignment. Key Code Snippets (From Copilot Review Suggestions) 1. Certificate Base64 Decoding Validation ( ) 2. Hex Encoding Length Check ( ) 3. Exception Handling ( ) (Note: The code suggestion captures both and re-raises it as to ensure invalid certificates consistently fail.)

Goal Reached Thanks to every supporter — we hit 100%!

Fixes for bsv-sdk/wallet: Certificate Forgery, VarInt Corruption, ARC Broadcast State Bypass

More from this source