MikeWatch Forks of the Mike legal-AI codebase, distilled for legal-tech readers
Home · bmersereau/mike · this thread

bmersereau closes a timing-attack loophole in Mike's download tokens

A security helper meant to be tamper-proof was leaking a tiny clue about its inputs - bmersereau patched the leak before anyone could use it.

securityinfrastructure

The helper guards download links by comparing secret tokens in a way that's supposed to take exactly the same amount of time regardless of whether the input matches. The problem: it was bailing out early when the lengths didn't line up, which technically let an attacker measuring response times tell a length mismatch apart from a content mismatch. That's the kind of side-channel that constant-time comparisons exist to prevent.

The rewrite always runs the comparison first against equal-length buffers, then folds the length check into the final result. bmersereau is honest that this isn't a live exploit - every token in the system is the same fixed length today - but the helper now actually honors its contract, and a small test suite is in place so future callers that pass variable-length inputs inherit a primitive that behaves the way its name promises.

So what Anyone running Mike in production should care: it's a quiet defense-in-depth fix that makes a security primitive trustworthy on its own terms.

View this fork on GitHub →

Spotted something wrong? Or know the PR text has fresher detail than the writeup above?