Invalid/non-linear STHs are ignored as long as they have a smaller tree size than current #65
Comments
Can you expand on what cases we'd miss? I'm not clear what the bad STHs we'd spot are. A new previously unseen STH for a smaller treesize vs an existing STH for the smaller treesize that we've already seen? |
|
@rolandshoemaker bump on ☝️ ? It would be helpful to have the broken log cases you think this would be helpful with made more explicit (can |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
This was introduced to allow us to keep operating when a log serves cached STHs that are smaller than the one we most recently saw (i.e. when they are serving stale STHs from M of N frontend nodes). This prevents us from catching a number of broken log cases.
Instead we should store a list of all STHs we've previously observed and verify the returned STHs against this list (using the existing storage layer to manage the list). This will allow us to spot bad STHs.
The text was updated successfully, but these errors were encountered: