-
Notifications
You must be signed in to change notification settings - Fork 67
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
prevention: do not accept block from someone who is not active sequencer #1037
Comments
this should be already supported. can we close it? @danwt |
Right, I've just seen the code, for gossip Lines 98 to 110 in 88ba1fe
Lines 166 to 169 in e9709f6
so no security issue |
Reopening, this needs some thought IMO |
I think the question here is latency in knowing the most up to date sequencer Blocked by Keeping open for now |
Quote "we should validate sequencer pubkey on block against hub state upon event on each new event received from the hub " |
I think this can be closed cause I blv this issue is about protecting against random party blocks and not about faulty sequecner rotation. in that case, I think that issue is covered. |
Ok |
My point is I think it's worth due dilligence |
In general it should not be possible for some third party to come and gossip bullshit blocks, if they are not sequencer.
It might already be implemented, need to check!
Note: this applies also to sequencers who were recently sequencer - so should double check any possible impact of latency in the system.
In general need to reason through, and explain why this attack cannot happen.
The text was updated successfully, but these errors were encountered: