Skip to content

fix(kiloclaw): detect app name hash collisions on Fly app creation#299

Merged
St0rmz1 merged 4 commits intomainfrom
fix/pc1-app-name-collision-detection
Feb 17, 2026
Merged

fix(kiloclaw): detect app name hash collisions on Fly app creation#299
St0rmz1 merged 4 commits intomainfrom
fix/pc1-app-name-collision-detection

Conversation

@St0rmz1
Copy link
Contributor

@St0rmz1 St0rmz1 commented Feb 17, 2026

On 409 (app already exists), verify ownership by listing machines and checking userId metadata.
Throws AppNameCollisionError if the existing app belongs to a different user, preventing silent network namespace sharing from SHA-256 truncation collisions.

Fails open if machine listing errors to preserve existing retry behavior. Legacy machines without metadata are treated as safe (no false positives).

St0rmz1 and others added 4 commits February 17, 2026 12:32
@St0rmz1
fix(kiloclaw): detect app name hash collisions on Fly app creation
3639247 
On 409 (app already exists), verify ownership by listing machines and
checking userId metadata. Throws AppNameCollisionError if the existing
app belongs to a different user, preventing silent network namespace
sharing from SHA-256 truncation collisions.

Fails open if machine listing errors to preserve existing retry behavior.
Legacy machines without metadata are treated as safe (no false positives).
@St0rmz1
fix(kiloclaw): add explicit HeadersInit type─annotation─in──test helper
da8b36d 
  Fixes CI typecheck failure where TypeScript inferred a union type for
  the headers variable that wasn't assignable to HeadersInit.
@St0rmz1
forgot to remove debug logging
e07947d
@St0rmz1
Merge branch 'main' into fix/pc1-app-name-collision-detection
1a67e3b
pandemicsyn
pandemicsyn approved these changes Feb 17, 2026
View reviewed changes
Copy link
Contributor

@pandemicsyn pandemicsyn left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

🚢

@St0rmz1 St0rmz1 marked this pull request as ready for review February 17, 2026 21:49
@St0rmz1 St0rmz1 merged commit 396b348 into main Feb 17, 2026
12 checks passed
@St0rmz1 St0rmz1 deleted the fix/pc1-app-name-collision-detection branch February 17, 2026 21:49
@kiloconnect
Copy link
Contributor

kiloconnect bot commented Feb 17, 2026

Code Review Summary

Status: No Issues Found | Recommendation: Merge

Well-structured security fix for SHA-256 hash truncation collisions in Fly app naming. The verifyAppOwnership function correctly fails open when machine listing is unavailable (preserving existing behavior) and fails closed when a foreign machine is detected. The AppNameCollisionError propagates up through the existing catch/retry mechanism in KiloClawApp, which is appropriate — a collision should not silently succeed. Test coverage is thorough, covering empty apps, same-user retries, different-user collisions, API errors, and legacy machines without metadata.

Files Reviewed (4 files)
  • kiloclaw/src/fly/apps.ts — Core collision detection logic
  • kiloclaw/src/fly/apps.test.ts — Comprehensive test coverage
  • kiloclaw/src/durable-objects/kiloclaw-app.ts — Caller updated with new params
  • kiloclaw/src/durable-objects/kiloclaw-app.test.ts — Caller test updated

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@pandemicsyn pandemicsyn pandemicsyn approved these changes

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@St0rmz1 @pandemicsyn