From 79fdb092b0bd1021e182ed21b2088fe8252c118d Mon Sep 17 00:00:00 2001 From: s8n Date: Sun, 10 May 2026 06:17:01 +0100 Subject: [PATCH] docs: freeze repo + redact leak - Add FROZEN banner to README pointing to s8n/auth-limbo-v2 - Redact handle and from AUDIT and ROADMAP --- AUDIT-2026-05-07.md | 28 ++++++++++++++-------------- README.md | 2 ++ ROADMAP.md | 2 +- 3 files changed, 17 insertions(+), 15 deletions(-) diff --git a/AUDIT-2026-05-07.md b/AUDIT-2026-05-07.md index 37dae9b..7321483 100644 --- a/AUDIT-2026-05-07.md +++ b/AUDIT-2026-05-07.md @@ -1,4 +1,4 @@ -# AUDIT — 2026-05-07 — YOU500 void-death on AuthMe restore +# AUDIT — 2026-05-07 — void-death on AuthMe restore Reviewer: Claude (auth-limbo audit pass). Scope: Read-only review of `src/main/java/ru/authlimbo/**` against a real @@ -10,21 +10,21 @@ Status: **Audit-only — no code changes applied.** Fixes tracked in ## 1. Incident -`YOU500` joined the server, was held in `auth_limbo` (correct), authenticated +`` joined the server, was held in `auth_limbo` (correct), authenticated to AuthMe, and was teleported back to overworld — but Paper rejected the teleport and the player void-died with full inventory loss. ### Raw log (paper-server.log, trimmed) ``` -17:13:35 YOU500[/45.157.234.219] logged in with entity id 26548 +17:13:35 [/] logged in with entity id 26548 at ([auth_limbo]0.5, 128.0, 0.5) -17:13:38 [AuthMe] YOU500 logged in -17:13:39 [INFO:DEBUG] Restoring fly speed for LimboPlayer YOU500 to 0.1 (RESTORE_NO_ZERO mode) -17:13:39 [INFO:DEBUG] Teleporting `YOU500` after login, based on the player auth -17:13:39 YOU500 left the confines of this world <-- VOID DEATH -17:13:39 [AuthLimbo] Restoring YOU500 to world(2380.4, 69.9, -11358.4) -17:13:39 [AuthLimbo] teleportAsync returned false for YOU500 +17:13:38 [AuthMe] logged in +17:13:39 [INFO:DEBUG] Restoring fly speed for LimboPlayer to 0.1 (RESTORE_NO_ZERO mode) +17:13:39 [INFO:DEBUG] Teleporting `` after login, based on the player auth +17:13:39 left the confines of this world <-- VOID DEATH +17:13:39 [AuthLimbo] Restoring to world(2380.4, 69.9, -11358.4) +17:13:39 [AuthLimbo] teleportAsync returned false for — Paper may have rejected the location. ``` @@ -38,7 +38,7 @@ the restore step. `authme.db` and schedules `addPluginChunkTicket` on `world` chunk `(2380>>4=148, -11359>>4=-710)`. So far so good. 2. AuthMe authenticates and runs **its own** broken teleport - (`Teleporting YOU500 after login`). This is the AuthMe-fork log line, not + (`Teleporting after login`). This is the AuthMe-fork log line, not ours — AuthMe does a `teleportAsync` of its own with no chunk preload. 3. AuthMe's teleport partially moves the entity into `world` at the saved coords **before the chunk is actually loaded**. The entity is now at @@ -78,7 +78,7 @@ behaviour on void death. We do not snapshot inventories. ### H1 — AuthMe's own broken teleport voids the player BEFORE our handler fires *(most likely)* -The AuthMe-fork log line `Teleporting YOU500 after login, based on the +The AuthMe-fork log line `Teleporting after login, based on the player auth` at `17:13:39` is from AuthMe-ReReloaded fork b49 itself (`PlayerAuth.teleportOnLogin` flow). AuthMe does a teleport with **no chunk preload** to the saved coords. In Paper 1.21.11, calling `teleportAsync` to @@ -107,7 +107,7 @@ description of the race. `onAsyncPreLogin` adds a ticket on the chunk computed from the saved quit-location. But the player's first-time-join behaviour might use a different teleport target (AuthMe spawn-on-first-login). For an existing -player like YOU500 this is unlikely — they have a saved row. +player like this is unlikely — they have a saved row. ### H3 — `teleport-delay-ticks: 10` is too long *(secondary)* @@ -148,7 +148,7 @@ While a player is in the post-LoginEvent restore window, register a limbo spawn (`limboManager.spawn()`) at y=128. Then re-attempt the authoritative teleport via `doTeleport` with a backoff. -This single guard would have saved YOU500's life and inventory. +This single guard would have saved 's life and inventory. ### F2 — MUST: when `teleportAsync` future returns `false`, recover @@ -202,7 +202,7 @@ inventory is ever lost on an auth-flow death. If F1–F4 all fail and the player is still in void state after N retries, set `GameMode.SPECTATOR`, teleport to overworld spawn (server world's default spawn), and send admin a Discord/console alert: "AuthLimbo could -not restore YOU500 — manual `/authlimbo tp YOU500` required". The +not restore — manual `/authlimbo tp ` required". The spectator mode prevents further damage and lets the player observe the world while admin acts. diff --git a/README.md b/README.md index 1561fcc..44a8392 100644 --- a/README.md +++ b/README.md @@ -1,3 +1,5 @@ +> ⚠️ **FROZEN** — this repo is no longer maintained. The successor lives at [`s8n/auth-limbo-v2`](https://git.s8n.ru/s8n/auth-limbo-v2). This repo is kept for historical reference (see `AUDIT-2026-05-07.md`). No new commits, no new releases, no new issues. +
# auth-limbo diff --git a/ROADMAP.md b/ROADMAP.md index c2fd4c0..8f72705 100644 --- a/ROADMAP.md +++ b/ROADMAP.md @@ -16,7 +16,7 @@ Status legend: ### F1 · OPEN · Void-damage guard during post-login restore Source: [AUDIT-2026-05-07.md](AUDIT-2026-05-07.md) §4 F1. Triggered by -YOU500 incident on 2026-05-07 — full inventory loss to void on login. + incident on 2026-05-07 — full inventory loss to void on login. Acceptance: - New `Set pendingTransit` in `LoginListener`.