replies which do not verify can be returned as ok

[jeffallen]

If more than min_consensus(total_nodes_count) nodes return a reply, and those replies cannot be verified by check_state_proof, then as a result of consensus.rs line 81, the non-verified reply will be returned by indy-vdr anyway to the caller, as an OK result.

Indy-SDk has the same problem, see https://jira.hyperledger.org/browse/IS-1502

I found this while trying to do lookups on the audit ledger of the Builder Net, i.e. fetches to indy-vdr-proxy of the form: http://localhost:3030/txn/3/1

[andrewwhitehead]

That is the intended behaviour, receiving a consensus response from the validators is always considered acceptable. State proofs only allow the client to accept a response from a single validator, when they are verifiable. That's why I combined the two request handlers here instead of having separate 'single' and 'consensus' handlers.

I would like to expose more information to the caller about how the response was accepted, ie. whether it was through a state proof or through consensus, like how the timing information is exposed now.

[jeffallen]

I don't understand how it can ever be correct that when I call perform_ledger_request, and all the replies that come back from all the nodes it talks to cannot be verified, that I should get a VdrResult that matches Ok.

I'm also still debugging trying to understand how/if transactions on the audit ledger should verify. They do not verify because of Given signature is not for current root hash, aborting.