pub fn verify_signed(env: &SignedRoomMessage) -> Result<(RoomMessage, String)>Expand description
Verify a SignedRoomMessage envelope:
- The asserted
fingerprintmust equal the fingerprint derived fromed25519_pubkey_b64— closes the “claim someone else’s fingerprint but sign with your own key” attack. - The Ed25519 signature must verify over the decoded
payload_b64. - The payload must deserialize as a
RoomMessage.
Returns the inner message and the (verified) sender fingerprint on
success. Caller should still check that the fingerprint is one they
expect for this context (e.g. an owner for BanMember).