Open pgrange opened 1 year ago
The idea of decoupling the signing of the snapshot from the hydra-node has already been discussed in Provide a dedicated "component" for off- and on-chain signing but my understanding is that it is a slightly different conversation as in #336 we were considering protecting the signing key material on the client side when, in this issue, we are considering protecting the client from invalid snapshots being signed.
Note that, if we want the client to sign snapshots then, the client needs to be able to validate that the snapshot is legit before signing it. Otherwise it wouldn't make any sense.
Then, what information would a client need to sign a snapshot? Would it be very different from the information the hydra-node currently needs?
Stated otherwise, would it be very far away from the current implementation of the hydra-node itself? If so, wouldn't it make sense to just host the hydra-node on the client side?
Why
As a client of a hydra head, imagine I don't trust the hydra-node operator to sign the snapshot of the head (I should say that I don't trust any of the hydra-node operators of the head since only one of them needs to be honest for the transactions to be legit in a head).
Then I would want to be able to sign the snapshot myself and not let the hydra-node operator do that for me.
So that I'm sure that only legit snapshot can be posted later on layer 1 and I don't loose no funds.
What
According to the following figure, we would want to go from a point were the hydra-node operator is fully trusted (it can spend UTxOs, sign snapshots and post hydra head transaction on layer 1) to the situation were it is not trusted to sign the snaphots:
In particular, it means that: