watermark order is gone, watermark v2 is introduced

ecadlabs / signatory

Signatory - A Tezos Remote Signer for signing block-chain operations with private keys using YubiHSM, AWS, GCP, Ledger's or Azure Key Vault

https://signatory.io

Apache License 2.0

62 stars 18 forks source link

watermark order is gone, watermark v2 is introduced #381

Closed stephengaudet closed 1 year ago

stephengaudet commented 1 year ago

While the endorsement operation can't obviously be injected before the block it's endorsing it still can be forged and signed before the block header (but not before operations) as it doesn't refer to the final hash of the signed block but to block's payload hash instead which is computed from the operations hash and the block's predecessor hash only. So the signer service shouldn't expect any specific order of block header and endorsement requests.

cloudflare-workers-and-pages[bot] commented 1 year ago

Deploying with Cloudflare Pages

Latest commit:	`c2e0271`
Status:	✅ Deploy successful!
Preview URL:	https://fe3361bd.signatory.pages.dev
Branch Preview URL:	https://379-watermark-order-issue.signatory.pages.dev

View logs

e-asphyx commented 1 year ago

Some background information: while the endorsement operation can't obviously be injected before the block it's endorsing it still can be forged and signed before the block header (but not before operations) as it doesn't refer to the final hash of the signed block but to block's payload hash instead which is computed from the operations hash and the block's predecessor hash only. So the signer service shouldn't expect any specific order of block header and endorsement requests.