Skip to content

Use explicit PK instead of NodeID in Verify()#422

Merged
yacovm merged 2 commits into
mainfrom
verify
Jun 23, 2026
Merged

Use explicit PK instead of NodeID in Verify()#422
yacovm merged 2 commits into
mainfrom
verify

Conversation

@yacovm

@yacovm yacovm commented Jun 23, 2026

Copy link
Copy Markdown
Collaborator

Since the epoch now has its own membership reference that includes public keys, it's easier to support epoch changes by altering the API accordingly.

samliok
samliok reviewed Jun 23, 2026
View reviewed changes
Comment thread simplex/epoch.go

if err := vote.Verify(signature.Value, e.Verifier, signature.Signer); err != nil {
pk, exists := e.nodesToPKs[string(signature.Signer)]
if !exists {

@samliok samliok Jun 23, 2026

Copy link
Copy Markdown
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

these checks should never happen right? we filter messages here and eligibleNodeIds should have the same exact key set as nodeToPks

	_, known := e.eligibleNodeIDs[string(from)]

@samliok samliok Jun 23, 2026

Copy link
Copy Markdown
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

i think it would be better to combine these two maps(nodeToPks and eligibleNodeIds) into one? maybe eligibleSigners?

@yacovm yacovm Jun 23, 2026

Copy link
Copy Markdown
Collaborator Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

these checks should never happen right? we filter messages here and eligibleNodeIds should have the same exact key set as nodeToPks

but this is not from, this is who signed the message. We bind the from and the signer everywhere except in the signer of a block message (VerifyBlockMessageVote).
Even if we add a check there, I think we should still do the lookup right before we verify the signature, otherwise the risk is just too great. I don't know how BLST will behave with an empty public key and I don't want to find out...

However, you are right that if we have the mapping, we don't need the eligible nodes anymore.

samliok
samliok reviewed Jun 23, 2026
View reviewed changes
Comment thread simplex/epoch.go
}

// Guard against receiving messages from unknown nodes
_, known := e.eligibleNodeIDs[string(from)]

@samliok samliok Jun 23, 2026

Copy link
Copy Markdown
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

can we make this map named something like validatorsToPKs or signers? it would be helpful to note these as different than the non-validator nodes, especially since we will need to update this guard in a pr i'm working on.

@yacovm yacovm Jun 23, 2026

Copy link
Copy Markdown
Collaborator Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

done

@yacovm yacovm force-pushed the verify branch 3 times, most recently from 5f4503b to 9c1968e Compare June 23, 2026 16:09
@yacovm
Use explicit PK instead of NodeID in Verify()
35cf849 
Since the epoch now has its own membership reference that includes public keys,
it's easier to support epoch changes by altering the API accordingly.

Signed-off-by: Yacov Manevich <yacov.manevich@avalabs.org>
@yacovm yacovm merged commit 7474a8a into main Jun 23, 2026
6 of 7 checks passed
@yacovm yacovm deleted the verify branch June 23, 2026 17:00
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@samliok samliok samliok approved these changes

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@yacovm @samliok