Open traceCall opened 5 years ago
Vadim: Signs wrong how? Here's why I haven't implemented this yet:
Now, maybe we'll only clear out a receipt only if the signature itself is invalid... but this comes back to my initial question.
Parth: One scenario would be, that when Decentralised oracle goes live, we will be periodically changing validator set on mainnet (to be in sync with changed validator set on dappchain), when we do this, signature in pending withdrawal receipts at that point will become invalid, and need to resign by new set of validators.
Vadim: k, well, we'd need to have a 100% reliable way of figuring out if a receipt sig is no longer valid, and once invalid it should never be valid again.
We should add an oracle-only method that's able to clear an account's receipt to the gateway. This would help in case the oracle signs something wrong, which would free up a user's account for resigning again at a later point.