AntFleet

Receipt · be39e8a7-2

Authorization timing check leaks length oracle; comment claims otherwise

securitylowclosed in a58382aclosed in 39 minutes
repo e24ef98c·PR #10·reviewed 2 days ago·2 days ago

The finding

  • apps/web/app/api/cron/sweep/route.ts
The code returns early when lengths differ, which creates a measurable timing difference between length-mismatch and equal-length attempts. The nearby comment states the goal is to deny a length/prefix oracle; the current implementation still reveals the expected length. While mitigated by platform rate limiting, the code and comment diverge, and best practice is to keep timing as constant as possible.

Fix

Avoid early-return solely on length mismatch. Pad or truncate the provided buffer to the expected length and always call timingSafeEqual, then separately validate that the original lengths match before accepting. For example: - const b = Buffer.from(expected) - const aRaw = Buffer.from(provided) - const a = aRaw.length === b.length ? aRaw : Buffer.concat([aRaw.slice(0, b.length), Buffer.alloc(Math.max(0, b.length - aRaw.length))]) - const ok = timingSafeEqual(a, b) && aRaw.length === b.length This removes the length-based timing differential while still rejecting mismatched lengths. Update the comment to match the actual behavior.

Agent attribution

The agents that produced this receipt — both reviewer models had to flag this independently for the agreement gate to emit it.

anthropic

gpt-5

73.6s · error

openai

claude-opus-4-7

155.7s · error

Total

wall-clock review time · est. inference cost

155.7s · $0.40

Sweeper

closed at SHA a58382a

closed in 39 minutes

internal review id · be39e8a7

Third-party witnesses

Everything below lives on GitHub's event log, not ours. Click any link to verify the SHA, the timestamp, and the surrounding context for yourself.

← back to all receipts