The current implementation of signable for Candidate payload only returns the block hash.
This leaves room for malleability.
While not critical, this should be addressed.
Detailed Description
ConsensusHeader structure includes prev_block_hash, round, and iteration fields.
All such info is already included in the block Header structure, making the signature already protecting the candidate's authenticity and integrity.
However, the ConsensusHeader could be altered while leaving the message as valid (as the signature would keep being valid).
This should be avoided
Possible Solution
There are three possible solutions:
sign the consensus header
check the consensus header against the block's header
remove the consensus header from the Candidate message
Summary
The current implementation of
signable
forCandidate
payload only returns the block hash. This leaves room for malleability. While not critical, this should be addressed.Detailed Description
ConsensusHeader structure includes
prev_block_hash
,round
, anditeration
fields. All such info is already included in the blockHeader
structure, making the signature already protecting the candidate's authenticity and integrity. However, the ConsensusHeader could be altered while leaving the message as valid (as the signature would keep being valid). This should be avoidedPossible Solution
There are three possible solutions: