Has anybody thought about modelling #activitypub with a tool like https://alloytools.org/book.html
to find potential exploits? Thinking about the spec it’s missing any algorithms for authorization, but I already found a couple of edge-cases that make a server DoSssable or give an attacker the ability to spoof messages …
Conversation
Notices
-
Embed this notice
Beady Belle Fanchannel (profpatsch@mastodon.xyz)'s status on Saturday, 28-Feb-2026 12:57:59 JST 
Beady Belle Fanchannel
-
Embed this notice
silverpill (silverpill@mitra.social)'s status on Saturday, 28-Feb-2026 12:57:56 JST 
silverpill
@Profpatsch Yes, the signature contains key ID, from which you can obtain actor ID and perform origin / ownership checks.
-
Embed this notice
silverpill (silverpill@mitra.social)'s status on Saturday, 28-Feb-2026 12:57:58 JST
silverpill
@Profpatsch I don't know Alloy, but I tried to analyze how authorization should be done in ActivityPub. The result is this document:
-
Embed this notice
Beady Belle Fanchannel (profpatsch@mastodon.xyz)'s status on Saturday, 28-Feb-2026 12:57:58 JST
Beady Belle Fanchannel
@silverpill does the http signature not contain the domain of the requesting server and if yes, can't it be used to compare origins after the signature check?
-
Embed this notice
silverpill (silverpill@mitra.social)'s status on Sunday, 01-Mar-2026 10:20:45 JST
silverpill
@Profpatsch I believe most implementations do that. My server re-fetches a key only if the cached key is 1 day old, for example.
-
Embed this notice
Beady Belle Fanchannel (profpatsch@mastodon.xyz)'s status on Sunday, 01-Mar-2026 10:20:47 JST
Beady Belle Fanchannel
@silverpill I mean ideally we already have a cache from the corresponding server key to its origin, so we don’t have to do a https resolution on every incoming message
-
Embed this notice
All GNU social JP content and data are available under the