描述
while developing the mesh protocol, i also implemented the signature for the payload so that impersonation/spoofing and in general sending fake data can't be done (relevant for things like #529) ... the idea is that each unit has a list of public keys of friendly units that are authorized to receive signed mesh data from.
The current implementation is however commented:
https://github.com/evilsocket/pwngrid/blob/master/mesh/peer.go#L147 https://github.com/evilsocket/pwngrid/blob/master/mesh/peer.go#L199
because with a signature the payload would become too big for a single frame, and the injection would fail here:
https://github.com/evilsocket/pwngrid/blob/master/mesh/packet_muxer.go#L107
Sending more than one frame is not doable as the interface is hopping unpredictably on the wifi channels.
Ideally we should find a way to use a signature scheme that would generate a small overhead in size, maybe something like BLS.