Spec question: what to do if signers process peg-in during bad state?

[MarvinJanssen]

A current gap in the spec is the question of what to do if the signers process a deposit anyway while in a bad state?

Situation is as follows:

1. Protocol is a bad state due to whatever reason.
2. User manages to create a deposit request successfully.
3. Signers should not process the deposit request but do it anyway, thus moving the Bitcoin from the escrow address to the peg wallet. (It is on Bitcoin so we cannot prevent it.)
4. Since the protocol is frozen, the protocol will not accept the proof that the Bitcoin was moved.
5. The user now has no Bitcoin and no sBTC.

We had consensus that the protocol would effectively be frozen during a bad state, not allowing deposits and withdrawals. However, that can leave us in an awkward state as seen above.

I think that when the protocol is in a bad state, the onus is on the signers not to process deposits. If they do it anyway for whatever reason, then the protocol should still mint sBTC. In other words, there should be no guard in the deposit processor that would prevent sBTC minting when the protocol is in a bad state.

[stale]

This issue has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs. Thank you for your contributions.