-
Notifications
You must be signed in to change notification settings - Fork 223
Description
Description
The smeshing-service publishes objects (ATX, hare messages, proposals) via the node-service by POSTing on its respective endpoints (/activation/publish
or /publish
). It could happen that due to some bug, not being in sync etc. the smeshing-service creates an invalid object that, when published, would mark it malicious. We need to prevent this
How it works now in a full node
Every published object goes through the respective handler before it is pushed to the p2p network (this is a property of libp2p). This is meant to verify the object before publishing it to the network. Currently, when the ATX handler detects that the received object is malicious, it checks its list of known public keys, and if this message belongs to one of them - it logs a warning and stops processing this message. Most importantly - it doesn't create a malfeasance proof.
The problem with node-service
The problem is that the node service doesn't have a list of all known "own" public keys, so the current mechanism won't work.
Possible solution
The handler needs to distinguish that the processed object is being published rather than received from the p2p network. How to do this exactly requires some R&D.
Metadata
Metadata
Assignees
Labels
Type
Projects
Status