From b3c6658466c1fc425333df6e33106362baaa8fc9 Mon Sep 17 00:00:00 2001
From: Sebastian Messmer <mail@smessmer.de>
Date: Wed, 13 Jan 2021 02:11:28 -0800
Subject: [PATCH] Comments

---
 .../implementations/integrity/IntegrityBlockStore2.cpp          | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/src/blockstore/implementations/integrity/IntegrityBlockStore2.cpp b/src/blockstore/implementations/integrity/IntegrityBlockStore2.cpp
index 06add856..2eb363b7 100644
--- a/src/blockstore/implementations/integrity/IntegrityBlockStore2.cpp
+++ b/src/blockstore/implementations/integrity/IntegrityBlockStore2.cpp
@@ -63,6 +63,8 @@ bool IntegrityBlockStore2::_checkVersionHeader(const BlockId &blockId, const Dat
 }
 
 bool IntegrityBlockStore2::_checkIdHeader(const BlockId &expectedBlockId, const Data &data) const {
+  // The obvious reason for this is to prevent adversaries from renaming blocks, but storing the block id in this way also
+  // makes the authenticated cipher more robust, see https://libsodium.gitbook.io/doc/secret-key_cryptography/aead#robustness
   BlockId actualBlockId = _readBlockId(data);
   if (expectedBlockId != actualBlockId) {
     integrityViolationDetected("The block id is wrong. Did an attacker try to rename some blocks?");