Skip to content

node-service should prevent smeshing-service from self-banning on publishing #6703

@poszu

Description

@poszu

Description

The smeshing-service publishes objects (ATX, hare messages, proposals) via the node-service by POSTing on its respective endpoints (/activation/publish or /publish). It could happen that due to some bug, not being in sync etc. the smeshing-service creates an invalid object that, when published, would mark it malicious. We need to prevent this

How it works now in a full node

Every published object goes through the respective handler before it is pushed to the p2p network (this is a property of libp2p). This is meant to verify the object before publishing it to the network. Currently, when the ATX handler detects that the received object is malicious, it checks its list of known public keys, and if this message belongs to one of them - it logs a warning and stops processing this message. Most importantly - it doesn't create a malfeasance proof.

The problem with node-service

The problem is that the node service doesn't have a list of all known "own" public keys, so the current mechanism won't work.

Possible solution

The handler needs to distinguish that the processed object is being published rather than received from the p2p network. How to do this exactly requires some R&D.

Metadata

Metadata

Assignees

Projects

Status

🏗 Doing

Milestone

No milestone

Relationships

None yet

Development

No branches or pull requests

Issue actions