Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Runtime light client consensus verification #3952

Closed
kostko opened this issue May 19, 2021 · 0 comments · Fixed by #4250
Closed

Runtime light client consensus verification #3952

kostko opened this issue May 19, 2021 · 0 comments · Fixed by #4250
Assignees
@kostko
Labels
c:breaking/runtime Category: breaking runtime changes c:runtime Category: runtime c:security Category: security issues
Projects
Core 21.3

Comments

@kostko
Copy link
Member

kostko commented May 19, 2021
edited

Now that we have all the infrastructure available, the runtime (when running outside the node's trust domain, e.g. as an enclave) should verify light client proofs of consensus layer state before proceeding to process runtime transactions. This should include the runtime confirming that its RAK/nonce is indeed registered in the consensus layer.

This requires the runtime to have a hardcoded trust anchor to the consensus layer which is probably a combination of the following:

  • Consensus layer chain context.
  • Trusted hash of a consensus layer header at a specific height.

One of the questions to explore in the design is how would the runtime handle a breaking consensus layer upgrade where the chain context changes.
@kostko kostko added c:runtime Category: runtime s:needs adr Needs a design document, discussion and decision (ADR) c:security Category: security issues c:breaking/runtime Category: breaking runtime changes labels May 19, 2021
@kostko kostko added this to Planned in Core Future via automation May 19, 2021
@kostko kostko removed this from Planned in Core Future Jun 22, 2021
@kostko kostko added this to Planned in Core 21.3 via automation Jun 22, 2021
@kostko kostko self-assigned this Sep 6, 2021
@kostko kostko moved this from Planned to In Progress in Core 21.3 Sep 6, 2021
@kostko kostko mentioned this issue Sep 9, 2021
Merged
5 tasks
@kostko kostko removed the s:needs adr Needs a design document, discussion and decision (ADR) label Sep 10, 2021
Core 21.3 automation moved this from In Progress to Done Sep 14, 2021
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@kostko kostko

Labels
c:breaking/runtime Category: breaking runtime changes c:runtime Category: runtime c:security Category: security issues
Projects
No open projects
Core 21.3
Done
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

runtime: Verify consensus layer state by using a light client oasisprotocol/oasis-core
1 participant
@kostko