From 6e903567e66db0f0fd33da15668a2d55bec02723 Mon Sep 17 00:00:00 2001
From: Xeophon <508704820@qq.com>
Date: Wed, 13 May 2026 01:51:04 +0800
Subject: [PATCH] FIX(#4850): use random signing key instead of deterministic
 pubkey hash

- Generate random signing key per validator instance in __init__
- Replace hashlib.sha256(pubkey) with self._signing_key
- Prevents forging challenge signatures from public key
---
 rips/rustchain-core/src/anti_spoof/network_challenge.py | 6 ++++--
 1 file changed, 4 insertions(+), 2 deletions(-)

diff --git a/rips/rustchain-core/src/anti_spoof/network_challenge.py b/rips/rustchain-core/src/anti_spoof/network_challenge.py
index 42d3a4ac6..4b2b08403 100644
--- a/rips/rustchain-core/src/anti_spoof/network_challenge.py
+++ b/rips/rustchain-core/src/anti_spoof/network_challenge.py
@@ -441,6 +441,8 @@ class NetworkChallengeProtocol:
     def __init__(self, validator_pubkey: str, hardware_profile: Dict):
         self.pubkey = validator_pubkey
         self.hardware = hardware_profile
+        # Generate a random signing key instead of deriving from pubkey
+        self._signing_key = secrets.token_bytes(32)
         self.validator = AntiSpoofValidator()
         self.pending_challenges: Dict[str, Challenge] = {}
         self.failure_count = 0
@@ -458,8 +460,8 @@ def should_challenge(self, block_height: int, target_pubkey: str) -> bool:
 
     def create_challenge(self, target_pubkey: str, target_hardware: Dict) -> Challenge:
         """Create a challenge for another validator"""
-        # Use pubkey as signing key for demo (use real keys in production)
-        privkey = hashlib.sha256(self.pubkey.encode()).digest()
+        # Use randomly-generated signing key (not derivable from public key)
+        privkey = self._signing_key
 
         challenge = self.validator.generate_challenge(
             target_pubkey=target_pubkey,