coracle/caravel
1
1
Fork 2
Code Issues 4 Pull Requests Actions Packages Projects Releases Wiki Activity

Relay secret rotates on every infra sync #25

New Issue
Closed
opened 2026-04-17 17:52:41 +00:00 by userAdityaa · 1 comment
userAdityaa commented 2026-04-17 17:52:41 +00:00
Contributor
Copy Link
Copy Source

Description

  • Infra sync currently generates a new relay secret each time sync_relay runs and includes it in both create (POST) and update (PUT) payloads.
  • Infra sync is triggered by create_relay, update_relay, activate_relay, and deactivate_relay activities.
  • Because relay secret is not persisted and reused, routine updates can rotate secrets unintentionally.

Expected behavior

Relay secret remains stable per relay unless an explicit rotate-secret action is requested.

Looking at zooid spec here (https://gitea.coracle.social/coracle/zooid#zooid):

  • Every update sends a new secret to Zooid.
  • Zooid updates its config file with the new secret.
  • The relay's public key changes.
  • Next time a client connects, they see a different public key.
  • The relay appears to be a different relay.
### Description * Infra sync currently generates a new relay secret each time `sync_relay` runs and includes it in both create (POST) and update (PUT) payloads. * Infra sync is triggered by create_relay, update_relay, activate_relay, and deactivate_relay activities. * Because relay secret is not persisted and reused, routine updates can rotate secrets unintentionally. ### Expected behavior Relay secret remains stable per relay unless an explicit rotate-secret action is requested. ### Looking at zooid spec here (https://gitea.coracle.social/coracle/zooid#zooid): * Every update sends a new secret to Zooid. * Zooid updates its config file with the new secret. * The relay's public key changes. * Next time a client connects, they see a different public key. * The relay appears to be a different relay.
hodlbod commented 2026-04-17 18:55:51 +00:00
Owner
Copy Link
Copy Source

Absolutely, I think the solution is to change this request form a PUT to a PATCH

Absolutely, I think the solution is to change this request form a PUT to a PATCH
👍 1
Sign in to join this conversation.
No Branch/Tag Specified
Branches Tags
Labels
No items
No Label
Milestone
No items
No Milestone
Projects
Clear projects
No project
Assignees
Clear assignees
hodlbod (hodlbod)
No Assignees
2 Participants
Notifications
Due Date
No due date set.
Dependencies

No dependencies set.

Reference: coracle/caravel#25
Delete Branch "%!s()"

Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?