From a0326f3b403492c6776b13ff4751530d4f8ff058 Mon Sep 17 00:00:00 2001
From: Michael <heluecht@pirati.ca>
Date: Sun, 1 Jun 2025 17:49:21 +0000
Subject: [PATCH] Issue 14879: Fix activity trust check

---
 src/Protocol/ActivityPub/Receiver.php | 7 +++++--
 1 file changed, 5 insertions(+), 2 deletions(-)

diff --git a/src/Protocol/ActivityPub/Receiver.php b/src/Protocol/ActivityPub/Receiver.php
index c217d491ca..1cb1cb0649 100644
--- a/src/Protocol/ActivityPub/Receiver.php
+++ b/src/Protocol/ActivityPub/Receiver.php
@@ -644,16 +644,19 @@ class Receiver
 				return true;
 			}
 		} else {
-			$attributed_to = '';
+			$attributed_to = null;
 		}
 
 		// Test the provided signatures against the actor and "attributedTo"
 		if ($trust_source) {
-			if ($attributed_to !== false && $attributed_to !== '') {
+			if (!is_null($attributed_to)) {
 				$trust_source = (in_array($actor, $signer) && in_array($attributed_to, $signer));
 			} else {
 				$trust_source = in_array($actor, $signer);
 			}
+			if (!$trust_source) {
+				DI::logger()->info('Actor missmatch. Activity trust could not be achieved.', ['type' => $type, 'signer' => $signer, 'actor' => $actor, 'attributedTo' => $attributed_to]);
+			}
 		}
 
 		// Lemmy announces activities.