In order to prevent people from reporting fake messages, they came up with a way to have the client sign messages with an RSA keypair tied to each user's Minecraft account. The signature includes the signature of previous messages in a sort of merkle chain data structure, so that reports can't include arbitrarily re-ordered messages.
1 comment
[ 0.28 ms ] story [ 7.7 ms ] threadIn order to prevent people from reporting fake messages, they came up with a way to have the client sign messages with an RSA keypair tied to each user's Minecraft account. The signature includes the signature of previous messages in a sort of merkle chain data structure, so that reports can't include arbitrarily re-ordered messages.