Question/Issue: It looks like I can add any arbitrary public key to an ONT-IT DDO

[abineandrew]

Greetings,

I know that there's a lot more that will be added to this code, but I see a potential problem or issue with the AddKey function depending on some of the details of the vision for the ONT-ID.

In AddKey the verification is just of the sender and the ONT-ID. If that checkWitness returns true then the newPublicKey is inserted. Nothing depends on the newPublicKey.

I'm not sure it's a problem - that depends. But right now I could add any public key to my ONT-ID, even ones that aren't mine, or importantly even public keys that do not want to be associated (or are being maliciously associated) with an unrelated ONT-ID.

If this isn't what you want a solution could be to go multi-sig for AddKey - so both the owner of the ONT-ID and the owner of the public key would have to participate (or would be the same key). I don't see any particular issue with this as by adding the key to the ONT-ID the "user" is saying that both these keys are part of their identity, so there's no harm in making them prove they have control over both public keys.

[kunxian-xia]

It would be no good for the ONT-ID owner to add other's public key to his account. I think no one would do that.

However, I agree to let the AddKey function to check if they have control over the newPublicKey.

[ghost]

I think AddKey should also ask the owner of new key to use private key to sign the request, additional to existing key and signed data by old private key. Just to make sure the owner has full ownership of old and new keys