Fix incorrect section key assigned to non-elders #2177
Conversation
| Self { | ||
| our_history: SectionProofChain::new(elders_info.proof.public_key), |
There was a problem hiding this comment.
just want to confirm that elders_info.proof.public_key is the DKG key with participants of elders_info.value (i.e. the elders)? i.e. the section_key of the elders of the elders_info, right ?
There was a problem hiding this comment.
No, that's the issue this PR is trying to fix. The key the elders_info is signed with is not the latest section key - it's the one before that. The reason for this is that we vote for the elders_info and the new section key at the same time, so we don't yet have the new key in the section chain. We could probably change it so that the elders_info is signed with the latest key (because we do have the new DKG result at that time), and maybe we should do it, but that's not how things currently work.
There was a problem hiding this comment.
Ok, I got it.
Thx for the clarification
There was a problem hiding this comment.
maybe worth to put your above wording as a comment in the code ?
When creating the new `SharedState` on `EldersUpdate` or `NodeApproval`, we incorrectly used the previous section key instead of the latest one for the section chain. This made every `EldersUpdate` message bounce back as untrusted.
madadam
force-pushed
the
fix-elders-update
branch
from
98c0cf2
to
219f98d
Compare
When creating the new
SharedState(onEldersUpdateorNodeApproval), we incorrectly used the previous section key instead of the latest one for the section chain. This made everyEldersUpdatemessage bounce back as untrusted.