Skip to content

feat(3058): Allow overriding decryption keys on keys* methods, add createLockbox method to team, add self-assign role method#18

Open
islathehut wants to merge 15 commits intomainfrom
feat/3058-allow-key-override
Open

feat(3058): Allow overriding decryption keys on keys* methods, add createLockbox method to team, add self-assign role method#18
islathehut wants to merge 15 commits intomainfrom
feat/3058-allow-key-override

Conversation

@islathehut
Copy link
Collaborator

@islathehut islathehut commented Jan 13, 2026

No description provided.

@islathehut
Copy link
Collaborator Author

islathehut commented Jan 13, 2026

TryQuiet/quiet#3058
TryQuiet/quiet#3057

adrastaea
adrastaea requested changes Jan 16, 2026
View reviewed changes
packages/auth/src/team/Team.ts Outdated

/** Give yourself a role */
public addMemberRoleToSelf = (roleName: string, decryptionKeys: KeysetWithSecrets) => {
assert(this.selfAssignRoles.includes(roleName), `Cannot self-assign role ${roleName}`)
Copy link
Collaborator

@adrastaea adrastaea Jan 15, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I think this is the wrong place to do this. This is essentially trusting people to self moderate. I think the correct place to do this is in membershipResolver:membershipRules so that peers can enforce the rules themselves and throw out invalidated links.

Copy link
Collaborator Author

@islathehut islathehut Jan 16, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I'm gonna do it there, too, that piece is just more complicated and this blocks the lockbox creation, too.

Copy link
Collaborator Author

@islathehut islathehut Jan 16, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I wanted to take more time to look at the implications of blocking updates to the chain on these sorts of checks but didn't wanna delay being able to test self-assigns.

Copy link
Collaborator Author

@islathehut islathehut Feb 2, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Added a check against this list to the validator as well which will reject the link if the role isn't self-assignable. I'm still doing the check in team but now it will properly reject when other user's get the update.

@islathehut islathehut changed the title feat(3058): Allow overriding decryption keys on keys* methods and add createLockbox method to team feat(3058): Allow overriding decryption keys on keys* methods, add createLockbox method to team, add self-assign role method Jan 16, 2026
@islathehut islathehut marked this pull request as draft January 19, 2026 14:47
@islathehut islathehut force-pushed the feat/3058-allow-key-override branch from 375c8ec to 9997e86 Compare January 19, 2026 17:57
@islathehut islathehut marked this pull request as ready for review February 2, 2026 16:15
This was referenced Feb 3, 2026
Open
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@adrastaea adrastaea adrastaea requested changes

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@islathehut @adrastaea