Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

verify.go: Distinguish malicious verification failures from other kinds #115

Open
renaynay opened this issue Oct 6, 2023 · 1 comment
Open

verify.go: Distinguish malicious verification failures from other kinds #115

renaynay opened this issue Oct 6, 2023 · 1 comment
Assignees
@Wondertan @renaynay

Comments

@renaynay
Copy link
Member

renaynay commented Oct 6, 2023

Right now, we have the concept of SoftFailure which is used primarily when a header cannot be verified fully against a non-adjacent header (meaning the header could still be valid when applied during adjacent verification). All other failures are treated equally as hard failures. The problem with this is that this verification logic is used by different components (syncer, exchange). What is considered a hard failure for the syncer (incomingNetHead) is different from the exchange (when requesting Head). Therefore, we need an ability to distinguish in VerifyError whether the error was intentionally malicious or not so that the caller knows whether to ignore / drop the header or to punish the peer.
@nashqueue
Copy link
Member

cc @S1nus

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@Wondertan Wondertan

@renaynay renaynay

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@Wondertan @renaynay @nashqueue