Most downloaders trust the server’s manifest without re-verifying each chunk. A compromised server, man-in-the-middle (MITM), or storage bitrot can alter chunks after upload. The client may download a corrupted or maliciously swapped chunk without detection.
Most downloaders trust the server’s manifest without re-verifying each chunk. A compromised server, man-in-the-middle (MITM), or storage bitrot can alter chunks after upload. The client may download a corrupted or maliciously swapped chunk without detection.