It should not be possible to issue a state on a non-whitelisted notary

Description

The network parameter notary whitelist specifies which notaries new states can be issued on. This includes both issue and state transition transactions.

If a notary is being decommissioned (whether it's full or during a network merge), it will no longer be on the notary whitelist, meaning that it can only perform notary change transactions.

Current behavior
If a party knows a notary's identity, it can create an issuance transaction with states assigned to that notary.

Expected behavior
An issuance transaction with an output state assigned to a non-whitelisted notary should not verify.

Notes

  • The whitelist check is carried out during LedgerTransaction construction.

  • A malicious party can still issue a state on a non-whitelisted notary, there isn't really a way to prevent it.

Assignee

Unassigned

Reporter

Andrius Dagys

Labels

None

Priority

Medium

Fix versions

None

Ported to...

None

Feature Team

Notaries

CVSS Vector

None

Engineering Teams

None

Severity

Medium

Affects versions

Configure