Overview API Downloads
NotesStore poisoning

Store poisoning mature

An attacker may deliberately submit objects with a wrong hash to a store, in an attempt to poison the cache. If store accepts such objects, it will claim to have objects that it does not actually have.

Preventing poisoning at the store

Stores can avoid poisoning simply by checking the SHA-256 hash of each incoming object.

Alternatively, the store may defer this check until the first has object request, or until an object with the same hash is submitted.

Preventing poisoning at the client

If the client does not trust the store, it must avoid has object requests, and instead request the bytes of each object through a get object request, and verify the hash manually.

Storage errors

Conceptually, store poisoning is equivalent to data loss. In fact, errors in the underlying storage system may also result in objects with wrong hashes.

Condensation is free and open. You may use all contents of this website under the terms of the CC BY 4.0 license, attributing the work to condensation.io. Source code is available under the MIT license.
This website is work in progress. If you have suggestions, or want to talk about Condensation, please get in touch with us.
Page status: unknown