Signing data structures the wrong way (blog.foks.pub)

The article argues that common serialization/signing approaches can suffer from “domain separation” failures, where two different message types serialize identically and a signature for one can be misapplied to another. It proposes “domain separators in the IDL” as part of the Snowpack/FOKS approach: random, immutable type tags are embedded into the schema and are included in the bytes that are signed, encrypted, or MAC’d, while the tags themselves are not serialized. The post also describes how Snowpack aims to produce canonical encodings for safer verification and forwards/backwards-compatible upgrades.