fix: use crypto.getRandomValues for randId to eliminate collision risk#1282
fix: use crypto.getRandomValues for randId to eliminate collision risk#1282danditomaso wants to merge 3 commits into
Conversation
Math.random() gives ~30 bits of entropy and no cryptographic guarantees. Switch to crypto.getRandomValues over a Uint32 buffer so device / saved- connection IDs get full 32-bit range and don't collide across concurrent transports. Closes meshtastic#1273
|
@danditomaso is attempting to deploy a commit to the Meshtastic Team on Vercel. A member of the Team first needs to authorize it. |
|
No actionable comments were generated in the recent review. 🎉 ℹ️ Recent review info⚙️ Run configurationConfiguration used: Organization UI Review profile: CHILL Plan: Pro Plus Run ID: 📒 Files selected for processing (1)
🚧 Files skipped from review as they are similar to previous changes (1)
📝 WalkthroughWalkthrough
ChangesCryptographic identifier generation
Estimated code review effort: 2 (Simple) | ~10 minutes Poem
🚥 Pre-merge checks | ✅ 5✅ Passed checks (5 passed)
Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out. Comment |
There was a problem hiding this comment.
🧹 Nitpick comments (1)
apps/web/src/core/utils/randId.test.ts (1)
17-24: 🩺 Stability & Availability | 🔵 Trivial | 💤 Low valueTest is inherently probabilistic (extremely low flake risk).
With ~0.01% collision probability across 1000 samples from 2^32 space, this test could rarely flake in CI despite the comment acknowledging it. No action needed given the negligible probability and existing documentation, but worth being aware of if intermittent failures ever appear.
🤖 Prompt for AI Agents
Verify each finding against current code. Fix only still-valid issues, skip the rest with a brief reason, keep changes minimal, and validate. In `@apps/web/src/core/utils/randId.test.ts` around lines 17 - 24, No code changes are required; retain the existing randId uniqueness test and its explanatory comment.
🤖 Prompt for all review comments with AI agents
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.
Nitpick comments:
In `@apps/web/src/core/utils/randId.test.ts`:
- Around line 17-24: No code changes are required; retain the existing randId
uniqueness test and its explanatory comment.
ℹ️ Review info
⚙️ Run configuration
Configuration used: Organization UI
Review profile: CHILL
Plan: Pro Plus
Run ID: ff91998e-8c79-4b82-b6fe-20fee8f354fb
📒 Files selected for processing (2)
apps/web/src/core/utils/randId.test.tsapps/web/src/core/utils/randId.ts
There was a problem hiding this comment.
Pull request overview
This PR addresses collision risk in randId() by switching ID generation from Math.random() to cryptographically strong randomness via crypto.getRandomValues, and updates the unit tests accordingly.
Changes:
- Updated
randId()to return a uint32 generated viacrypto.getRandomValues. - Adjusted tests to validate integer + uint32 range and removed the old
Math.random-specific assertion.
Reviewed changes
Copilot reviewed 2 out of 2 changed files in this pull request and generated 1 comment.
| File | Description |
|---|---|
| apps/web/src/core/utils/randId.ts | Switches ID generation to Web Crypto (getRandomValues) for improved entropy/collision resistance. |
| apps/web/src/core/utils/randId.test.ts | Updates tests for the new uint32-based behavior (but current uniqueness test is probabilistic). |
| for (let i = 0; i < 1000; i++) { | ||
| results.add(randId()); | ||
| } | ||
|
|
||
| expect(results.size).toBeGreaterThan(95); | ||
| // With 32 bits of entropy over 1000 samples, collisions are vanishingly rare. | ||
| expect(results.size).toBe(1000); |
Under strict + noUncheckedIndexedAccess (TS7 default), buf[0] is number | undefined. Uint32Array(1) guarantees length 1, so assert non-null to satisfy the number return type.
Closes #1273.
randId()(used for device / saved-connection IDs) generated values withMath.floor(Math.random() * 1e9)— ~30 bits of entropy and no crypto guarantees. Swapped forcrypto.getRandomValues(new Uint32Array(1))[0]for full 32-bit range.Tests updated to drop the
Math.randommock assertion and check the uint32 range plus uniqueness across 1000 samples.Test plan
pnpm --filter @meshtastic/web test -- randId— greenSummary by CodeRabbit