It should not be possible to issue a state on a non-whitelisted notary

Description

The network parameter notary whitelist specifies which notaries new states can be issued on. This includes both issue and state transition transactions.

If a notary is being decommissioned (whether it's full or during a network merge), it will no longer be on the notary whitelist, meaning that it can only perform notary change transactions.

Current behavior
If a party knows a notary's identity, it can create an issuance transaction with states assigned to that notary.

Expected behavior
An issuance transaction with an output state assigned to a non-whitelisted notary should not verify.

Notes

  • The whitelist check is carried out during LedgerTransaction construction.

  • A malicious party can still issue a state on a non-whitelisted notary, there isn't really a way to prevent it.

Activity

Show:
David Rapacchiale
March 24, 2020, 1:41 PM

Thanks , this looks more like a feature request. can you please review this request? Perhaps it’s something that you want to include in the Notary’s backlog

Joel Dudley
March 24, 2020, 1:43 PM

Assignee

Unassigned

Reporter

Andrius Dagys

Labels

None

Sprint

None

Epic Link

None

Priority

Medium

Severity

Medium

CVSS Score

None

CVSS Vector

None

Due Date

None

Engineering Teams

Notaries

Fix versions

None

Affects versions

Ported to...

None

Story Points / Dev Days

None
Configure