Verify User Identity
jakobii opened this issue ยท 1 comments
Bug description
This is more of a question than a bug. im new to Java development and more specifically Minecraft mod development.
Is it possible for a client to claim to be a user they are not?
Steps to reproduce the issue
- reverse engineer the binary protocol.
- send the user id of a user i would like to masquerade as.
- communicate with other users on the Minecraft server.
Expected behavior
The simple-voice-chat validates somehow that the client has authenticated as the Minecraft user they are claiming to be in the auth packet
note: I see that there is a field called "Secret", but it looks like its being used more as a connection id, then something like a cryptographic signature.