-
Notifications
You must be signed in to change notification settings - Fork 112
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
keymanager/src/runtime: Verify and modify init request #5204
Conversation
Codecov Report
@@ Coverage Diff @@
## master #5204 +/- ##
==========================================
- Coverage 61.47% 61.33% -0.14%
==========================================
Files 512 512
Lines 54051 54246 +195
==========================================
+ Hits 33227 33273 +46
- Misses 16611 16736 +125
- Partials 4213 4237 +24
Help us with your feedback. Take ten seconds to tell us how you rate us. Have a feature suggestion? Share it here. |
@@ -346,6 +349,7 @@ impl Default for Features { | |||
schedule_control: None, | |||
key_manager_quote_policy_updates: true, | |||
key_manager_status_updates: true, | |||
key_manager_master_secret_rotation: false, |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I assume this is false
by default because it only makes sense for key manager runtimes? Otherwise it would make sense to have it default to true
or introduce a different way of querying for key manager features (e.g. a separate local RPC for that) -- not sure if the complexity is worth it though.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I assume this is
false
by default because it only makes sense for key manager runtimes?
True. As key manager is a runtime, I thought that I could use these features.
The init request was never verified against the consensus layer state and, therefore, was not trustworthy. To make this request more informative and easily verifiable against consensus, it was extended to include all key manager status fields.
3ed2036
to
10c1b48
Compare
The init request was never verified against the consensus layer state and, therefore, was not trustworthy. To make this request more informative and easily verifiable against consensus, it was extended to include all key manager status fields.