[Keys] Mempool signing can sign using validator key

hyperledger-archives / burrow

https://wiki.hyperledger.org/display/burrow

https://hyperledger.github.io/burrow

Apache License 2.0

1.03k stars 346 forks source link

[Keys] Mempool signing can sign using validator key #899

Open seanyoung opened 6 years ago

seanyoung commented 6 years ago

When using mempool signing, if the validator address is used, then burrow will happily sign the transaction using the validator key. This is not good.

Also we should consider whether mempool signing should be off by default.

compleatang commented 6 years ago

It should be off by default in my view.